last executing test programs:

1.309623659s ago: executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
write$tun(r0, &(0x7f0000000040)={@void, @val={0x3, 0x1, 0x2, 0x7, 0xfffe, 0x8001}, @ipv4=@tipc={{0x5, 0x4, 0x3, 0x6, 0x3c, 0x68, 0x0, 0x18, 0x6, 0x0, @broadcast, @multicast1}, @payload_named={{{{{0x28, 0x0, 0x1, 0x0, 0x1, 0xa, 0x1, 0x2, 0x3, 0x0, 0x0, 0xb, 0x4, 0x2, 0x1, 0x7ff, 0x1, 0x4e21, 0x4e21}, 0x4, 0x3}, 0x1, 0x1}}}}}, 0x46)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$sock_buf(r1, 0x1, 0x1f, &(0x7f0000002340)=""/4092, &(0x7f0000000340)=0xffc)

1.294019071s ago: executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/resume', 0x141a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x900, 0x12)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000240)={'wg1\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x4, 0x4, 0x4, 0xff}, 0x48)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x2, @broadcast, 'wg2\x00'}}, 0x1e)
socket$pppoe(0x18, 0x1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'wg2\x00'})

1.198268086s ago: executing program 2:
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
ioperm(0x0, 0x1, 0xc47c)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000700)=ANY=[], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000080)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_PAN_ID(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func={0x1, 0x0, 0x0, 0xf, 0x1}]}, {0x0, [0x2e]}}, 0x0, 0x27}, 0x20)

1.154201193s ago: executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000000)={@map=r0}, 0x20) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x7}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r1, &(0x7f0000000bc0), 0x20000000}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1}, &(0x7f00000002c0), &(0x7f0000000300)=r0}, 0x20) (async)
statx(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x200, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r2=>0x0}) (async)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000800)={{{@in6=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@remote}, 0x0, @in6=@loopback}}, &(0x7f0000000300)=0xe8) (async)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000003c0)=<r4=>0x0) (async)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000400)=<r5=>0x0)
r6 = geteuid() (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000bc0)={0x0, 0x0, <r7=>0x0}, &(0x7f0000000c00)=0xc)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000cc0)=[{{&(0x7f0000000900)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000000ac0)="a3b2cb9dbad1aed2c0e3177f1f2e8097dbaa0629eced246bfacc56d595a30e3469a3c921498437149a29c94db685beb112074c7799fc1cedac12514ddb1498dada08bbcdda8ac9c9cf21c3ad85eaa96cf9afe12556fc8c05bcc81b53e290416ae72e9a1a65dacd58f3416f373d017900ee90529d3167014a511aea4f17b487f399559318996c0bbc9662adc54e6f89b36bda8224632ce0f4e576cec65eabdf4113c2bf40121019b1e76bdab766eb744d73310e09dc5db972f6a496592e76a5df53dd8af9973d3b82f5183f57e9767082e73ebb4e0cc995a23aa81b", 0xdb}, {&(0x7f0000000980)="a5917e3827ef423ec6a1b9f79e0df8908ddca8efcb95f2435eec8e00a36e4710d241c903b6353b6698bd39f31c78f72d48abecb6f1f7cd747553f57bfd326dff6cfab1fdf3e98f92fdb1d6e0856893c33f472fa594e3c7cbb36dc1784e80ec56b6ae88f7acfac6a0d7ec3004d50875bb702c56da7a7cbead2fe40b", 0x7b}], 0x2, &(0x7f0000000c40)=[@cred={{0x1c, 0x1, 0x2, {0x0, r6, r7}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}], 0x40, 0x40}}], 0x1, 0x4000) (async)
sendmsg$netlink(r0, &(0x7f0000000940)={&(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbff, 0x4000}, 0xc, &(0x7f0000000380)=[{&(0x7f0000000480)={0x34c, 0x10, 0x200, 0x70bd28, 0x25dfdbfb, "", [@generic="1951ab9a5c48c5f22e0f37c217c0ceecf75886c1f4c160b215dd2f905fe256d4509c14f4557f9bfe602446c294ed424f10146c75871fc9efbaadab637738ccf7d6b650cb82e7b8d1276375292cb570ae4c2cf460e7e36bfd30c20423ad8beb16a4625243e508207d11f35b02a8b015dce5d080bb23c968eacd73074bf2ae6ca12a7377bda90e261ddffb8363d32035d06001ec1dd62458bc2dbe91613a1f29f12dd7f99a57f65dd5537fcab0d5ecd25f8bf6c3b7aa0d465af26164005e76d1a5da98d8412f451f78becf774b08598aaa788f45e1af2d2a", @nested={0x1ab, 0x93, 0x0, 0x1, [@typed={0x4, 0x115}, @generic="3a417db7b8f45efc8b26ef12c8ea2d48538b7a3d4e5a02798d58e94de177792c143288c875b79f7a500e43337c8f33ececd349cb46245e2596d4d423a3bdf17925e6fecd34e51c728f2e2fea4b4ac699aa089bbe39252cd3c7224808bfa1b795f19fff5a53f3a0b5569f46178d5afeb7348eb69117a39acb993b524cf557305db3e04a155d6a43cf046aa1523ddd4480e4daa65d24747a2e0611926bdcb8ded7241592009d551352dfef77448b2a593cf0d44f720794173bea575410d0104ac610b464cac6f50f4789c1be01464ebc7e56da9dcdf2a94398c90c6dda0ebeef8a47a2d590d2dd2642ea", @generic="f61e4a35c36ee8d18b1933a546d36b30a8cd70ea9d588494efee0d2c307517fa41b3499ce796237fef89a91337892741bd6bb75ae9834e8b81a76de3bc6b2544f017c3", @generic="896a79fff65b9db35dbae24e964c4ebc095ef2c90439a01f2e88f84109f04dd26ea1c5d85271c76a4d40f56c653d9217faf3a4e0328a509e3c99b35afdff5ae4cd0f92150a608342979f9d4f4fbf17e6a493c0a7027c226d8bee60e9adaff8b1416f5c20fe3012537ab6bfb364634ad495530887ecb3fa"]}, @generic="c68ff53cf675c781c8c28d3ca339eb123ca8ed0412772a42a22601fcb66313f652e68ec65826c89ebf5d65a68f81017186e641a711d43e9cf104", @nested={0x52, 0x2, 0x0, 0x1, [@generic="b14778bb2b362f14f56f8e809ba663ed5352cf380043294225664772ac035f9fc3f9fe90010ebdf95d56e2428884e3efe71fe5dc63bf", @typed={0x4, 0x6b}, @typed={0x14, 0x84, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x25}}]}, @typed={0x8, 0x13b, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x34}}, @typed={0x14, 0x12f, 0x0, 0x0, @ipv6=@private0}, @typed={0xa, 0x55, 0x0, 0x0, @str='kfree\x00'}]}, 0x34c}, {&(0x7f0000000180)={0x144, 0x2e, 0x800, 0x70bd28, 0x25dfdbfe, "", [@generic="0e6ce692cf79355ab4d64206a7ea733d2c658f5090e9167cd76809a4c9fd37a246cb5e7e1bb512f5dbdd794df10e9370a93331a424c26998a22afeb8e46cc58256618d9ecb864f6ca30297d512", @nested={0x18, 0x110, 0x0, 0x1, [@typed={0x14, 0xba, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, @generic="ac3d72f96ee74cbbbd91475d7a77b430800f7b2e2687b02b53b672", @typed={0x8, 0xb5, 0x0, 0x0, @uid=r2}, @nested={0xaa, 0x3f, 0x0, 0x1, [@generic="4a79b03f370b67bff83b81e17d9f3c1798d6f0ba8b162a097edc35d42fed89bc4d2642bd8d2e0fcc805862c51d8af79cbfa4b4bb586cb7807e8970b542b0a40498434ea6ea5af8ad81343365c3df2666da37afab", @generic="12dcb901e8739710329ee3a6f477ff19ffa842184cf7ba2d6ff13fc3b88f18486967aedabc43685a74a00044c09aaaf6a5b47798d129cd2af6e1a752720267a0eae091bad4f633825039dae6a7ef4b1e7392"]}]}, 0x144}, {&(0x7f0000000c00)={0x348, 0x35, 0x0, 0x70bd26, 0x25dfdbff, "", [@nested={0xff, 0x10c, 0x0, 0x1, [@generic="6234083ee60739452120074cad718756bcd9daedc944950bfbbb", @typed={0x8, 0xd8, 0x0, 0x0, @uid=r3}, @generic="2d68985f1de8ca7e123a1cdef7017f359ba3a081f97d0dbe07aefcc55cc3486c402a9a0f39d6ea9593905970c42ea254b5c6c28dac84760ece609bf9747b2e2c2e672384821175c3ac57e81e8bec7aaf27df086ba3e43e30eee788faa67bbc766515364fe6c68f13d81354878a1adf5aa95e8f50e00ed99813003e8ed95fd9eaf479d64ef9eb346bb5fde5e095b3bdc55bddad26d8aaa692ca05f8005bc2d3e023f0637e5754c33d8f7144b990575264a67dc358fac88d98e93f54f4f9206905c6cdd23958436b47b9d9cc2562ec94a31733266e1a23f075ce"]}, @nested={0x238, 0x106, 0x0, 0x1, [@generic="af8873ff9ef6865f5b239c1ff6af75d0f305154421280621b7b90a6190d64a72531fd764de0854f0488a709f3cfc1bc3fd7e47f49431c5b33b129c27e792", @generic, @typed={0xa, 0xb3, 0x0, 0x0, @str='kfree\x00'}, @generic="74ef673dfcb81501d41896775066d4aed3c9c5a8dc6d9f2feb410ab0458dd4875ba38451a0e26a1f95ac621b65c217758362c8e3b923a3645eb346e8759d30df7f26da830e65b7fc07608d6209c843ef33def71d389b643146a76d689f1bc0c506fc8df474079d5879eb876094b3788f118e61b6861767639856fd0556dc68fee7004992275e0cdba1632f3c73a582bd4e6dc1694987687c2ffdf7e3df8b02995058cd3bf68a368d0e0504812fa32e15f56bb68527ed1d205c1b098f14ad283782d0646a6c74a3ae9bca77cadbfa3bbfb8e61aa85cc033666a1b5774daa54bd049f8694898d36c7c63eca5a77b", @generic="439f67fbe1de363b91ce7601d45c204b92212c77c952de4c0f59acb035e9001cf4241eff7766b562d11d916571ef562b0336a2f31075ccbc17b6c01ceb616ccb89dad81ff44064649ca36b6ac961887338ccce080d5332dc3b4948da79ce0ef50d227b8f4ad1f264807e6f5cc3a4c1b86a620a25845c20e643bc6a19bf883a4cb181abb5d37d72413db81b75481cad1e0bcd04c7cbbd674e29286ad519aa63f219c65bf2f1b6aeecea7bfb423db1345c1d2858b6e320d562686469ace1c46b984d0d1e2818a4b10f37b598cf8628a48ad8c94cd9758a6b75751f5899005867b98fd5340ae72fcd9d77296261092fee34e021ece0762efa8ca9d663114e"]}]}, 0x348}], 0x3, &(0x7f0000000900)=[@cred={{0x1c, 0x1, 0x2, {r4, r5, r7}}}], 0x20, 0x40000}, 0xc0) (async)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r8 = epoll_create1(0x0)
r9 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r8, &(0x7f0000000340)={0x20000001}) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
epoll_ctl$EPOLL_CTL_MOD(r9, 0x3, r8, &(0x7f0000000440))

1.132360687s ago: executing program 2:
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r1, &(0x7f0000000440)=""/247, 0x26)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x840000088}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x1, @time})
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0xc0305302, &(0x7f0000000100))
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0xc08c5335, &(0x7f0000000180))
tkill(r0, 0x7)

946.366975ms ago: executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}]}, 0x23, 0x44d, &(0x7f0000000980)="$eJzs28tvG0UYAPBv7SR9k1CVRx9AoCDKK2nSUnpAQiCQOICEBIdyDElalboNaoJEq4oWhMoRVeLEBXFE4i/gBBcEnJC4wh1VqlAvLZyM1t5NbMd2HnXsUP9+0jozu2PPfN6d9exONoC+NZq+JBE7I+KPiBiuZusLjFb/3L55afqfm5emkyiX3/47qZS7dfPSdF40f9+OPDMQUfgsif1N6p2/cPHMVKk0ez7Ljy+c/WB8/sLF506fnTo1e2r23OTx40ePTLxwbPL5jsSZxnVr38dzB/a+/u61N6dPXHvvl++SPP6GODpktN3GJ8rlDlfXW7tq0slADxvCmhSr3TQGK/1/OIqxtPOG47VPe9o4YEOVy+Xy/a03XykDd7Gkcg4ovxS9bgjQZfkPfXr9my9dGnpsCjderl4ApXHfzpbqloEoZGUGG65vO2k0Ik5c+ffrdImNuQ8BAFDnh3T882yz8V8hau8L3ZPNoYxExL0RsTsijkXEnoi4L6JS9oGIeHCN9TdOkiwf/xSuryuwVUrHfy9mc1v147989BcjxSy3qxL/YHLydGn2cPadHIrBLWl+ok0dP776+xetttWO/9IlrT8fC2btuD6wpf49M1MLU3cSc60bn0TsG2gWf7I4E5BExN6I2LfOOk4//e2BVttWjr+NDswzlb+JeLK6/69EQ/y5pP385PjWKM0eHs+PiuV+/e3qW63qv6P4OyDd/9ubHv+L8Y8ktfO182v59K+eSl+v/vl5y2ua9R7/Q8k7des+mlpYOD8RMZS8UW107frJhnKTS+XT+A8dbN7/d8fSN7E/ItKD+KGIeDgiHsna/mhEPBYRB9t8Cz+/8vj7649/Y6Xxz6xp/y8lhqJxTfNE8cxP39dVOrL04avb/0crqUPZmtWc/1bTrrUezQAAAPB/VYiInZEUxhbThcLYWPV/+PfE9kJpbn7hmZNzH56bqT4jMBKDhfxO13DN/dCJ7J5Lnp9syB/J7ht/WdxWyY9Nz5Vmeh089LkdLfp/6q9ir1sHbDjPa0H/0v+hf+n/0L/0f+hfTfr/tl60A+i+Zr//l1d+29aNaAvQXQ3937Qf9BHX/9C/1tP/nTPg7tC2Lw91rx1AV81vi5UfkpeQWJaIwqZoxiZKXN4czehQotdnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74LwAA//8cB+YG")
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=@getsa={0x34, 0x12, 0x1, 0x0, 0x0, {@in6=@private1, 0x0, 0x0, 0xff}, [@mark={0xc}]}, 0x34}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
flistxattr(r3, 0x0, 0xfbffffff)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f00000002c0)={0x0, 0x5, &(0x7f0000001200)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a310000000008004100736977001400330073797a6b616c6c6572300000000000009fd1273ee2e1a56951806eb38a346174650ca7560aaa678c1fd3dd2eabbd5edf893a93f802d02f6f025fae900e2a3cb222cace5d0d9384bccde5d6332c14c81bb3839f0e26552085c14dea43c97d7d8d92d185b494217b7890a000d6e7af270a59010bd90e68fa9db3d270871a679da003ba3c9296572578d544f282d586ec80db90eb3323d97d4acf4dc07339bcf1d6d1"], 0x38}}, 0x0)

872.605336ms ago: executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}}, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0)
fallocate(r1, 0x0, 0x0, 0x1000f4)
getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940001000000fcffc50000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r3}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x40040)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x3, 0x14, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002600000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_link_settings={0x2}})
r9 = mq_open(&(0x7f0000000180)='\r\x00elinu\xef\xe3elinux\x00\x96\xf6\x92\n#*\xac\x05\xce\xf8D\\\x9a\xe6[]L+\xf6\v\xe8\xf2\xd3\b\x15\n\xb8F!Q9o\x1f#\xbdt\r\xfb\"\x18%\xfdM\xaf_t\xd2\xdcJ\x10\a\xbab\x1a\xdf\xb1\xbdU\xd7Lo\xe7\xac\x81\x10k\xce-\xf5@\xbb\x9d;\xe8\xf6\xffQ\x04\xaai\x92k\x1b;\xddM\xa2\xe1-\x0e\xd8\xde\x00\xff\x18\xdd\bL\xfb\xa2.\xb6{\xb5\x85#\x88\xdc\xf0\x0f\x05\xf1\xc4 \xdeV\x80q\xf7\x04\xf5\x85T\x1f\xc2S]*\xc9lw\xd3J\xc5\xe8\x02\xcb\xbbAHxr\xac\xb77F\xdf\x1c\xcb\xd4\xce\x88L\xf1\xf9[\x98\xd4+pTx\x95\xb5\x1b]x\x1a\x95\xe1c6\xe7`83\xb7n#\xe0\xc1_\xec\xba\xde\a\x8b\xc5\x86woo\xbc\x1c\xa3r\x82\xf3enq-\x90/\xed\xff\xad+\x03\x10\t\xda\xfd\xa2\xd0\xef4\n%\xf1\xd8', 0x0, 0x0, 0x0)
mq_getsetattr(r9, 0x0, 0x0)

686.487725ms ago: executing program 3:
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000001300), 0x4)

567.186623ms ago: executing program 3:
socket(0x10, 0x803, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$NL80211_CMD_SET_MPATH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x50}}, 0x0)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32, @ANYBLOB="ddfffffd424e2c12140012000c000100627269646765"], 0x34}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c00000014003c70bec50000000000000a000000", @ANYRES32=r2, @ANYBLOB="14000200fe8000000000000000000000000000aa"], 0x2c}}, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000002a00010c000000000000000099000000"], 0x14}}, 0x0) (async)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000006111b7000000000085100000020000008500000000f3ffff94003300000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000}, 0x70)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x6, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', r2, r1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYRES32=r5, @ANYRESOCT=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) (async, rerun: 64)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7f, 0x0, 0x0, 0x40f00, 0x7c, '\x00', 0x0, 0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='ext4_mb_release_inode_pa\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000008000008500000006"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000005c0)='napi_poll\x00', r8}, 0x10) (async)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r9, 0x0, 0x32600) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x1f, 0x2, &(0x7f0000000400)=ANY=[@ANYBLOB="855be948dab183d5d7070000"], &(0x7f0000000700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x16}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0) (async, rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x5, 0x0, 0x8, 0xa, 0x834, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xfffffffe, 0x2}, 0x48) (rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRES64=r5], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1802000000828b00000000000000000085000000360000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702e63ccefe68000008000000b70300000000000085000000060000009500000000000000b372025bef37ef885bdde0661523d78b6fcfbb359e0c477e4fee9cc0ea28a2be355dfa266677ae7d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

538.525587ms ago: executing program 3:
r0 = perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, @perf_bp={0x0}, 0x0, 0xc8, 0x0, 0x5, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x25, 0x1, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x30}, 0x1408, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r2 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
sendfile(r2, r0, 0x0, 0x5f6eea1d)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64902, 0x0)
pwritev2(r3, &(0x7f00000000c0)=[{&(0x7f0000000080)='`', 0x1}], 0x1, 0x0, 0x0, 0x8)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6307ce22667f2f00db5b686158bbcfe8875a65969ff57b00000000000000000000000000ac1414aa35f086dd"], 0xfdef)
ioperm(0x0, 0x1, 0x6)
close_range(r1, r0, 0x2)
r4 = inotify_init()
inotify_add_watch(r4, 0x0, 0x30000000)
r5 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
r6 = creat(&(0x7f0000000300)='./file0\x00', 0x2)
close(r6)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/96, 0x128000, 0x800}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r8, 0x11b, 0x6, &(0x7f0000000140)=0x9e7e912e93fcd524, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r9=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r8, 0x11b, 0x5, &(0x7f0000000200)=0x8, 0x4)
setsockopt$XDP_RX_RING(r8, 0x11b, 0x2, &(0x7f0000000180)=0x8, 0x4)
bind$xdp(r8, &(0x7f00000002c0)={0x2c, 0x1, r9}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRES64=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r8, @ANYBLOB="90fb"])
bpf$ITER_CREATE(0x21, &(0x7f0000000080)={r5}, 0x8)

492.556705ms ago: executing program 3:
r0 = socket$inet6(0xa, 0x6, 0x0)
prlimit64(0x0, 0x2, &(0x7f0000000040), 0x0) (async)
prlimit64(0x0, 0x2, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x80080400)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0) (async)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4216, &(0x7f0000000440)=ANY=[], 0x6, 0x31e, &(0x7f00000005c0)="$eJzs3M9LG1sUwPFjjDGJzySLx3u8Bw8v721eN4OmXZeGolAaqKgp1UJh1EkbMk0kEywppeqq29J9V4UuxKU7ofUfcNNdu+mmOzeFLuqidEomM+anmsZorH4/IHNz7z3m3sxNOBNyZ/fO84fZtKWl9aL4gkp+ExHZE4mJTzx97tHnlANSa1UuDX15/8/07NzNRDI5PqXURGLmclwpFRl58+hJyO22NSg7sXu7n+Ofdv7Y+Wv3+8yDjKUylsrli0pX8/mPRX3eNNRixspqSk2ahm4ZKpOzjEKlPV9pT5v5paWS0nOLw+GlgmFZSs+VVNYoqWJeFQslpd/XMzmlaZoaDguOklqfmtITHQYvdHkwOCGFQkLvF5FQU0tqvScDAgAAPdWY//vKKX1H+b9EnPy/3Lma/2/8u10cur0ZcfP/rUCr/P/Kh8r/qsv/gyLSSf7/Un4i/2/OiC6WY+X/OBtGAk1VfXWPyvl/2H3/Otbubow6BfJ/AAAAAAAAAAAAAAAAAAAAAAB+BXu2HbVtO+odvb/qFgL3Mc6lg87/oIgEy2ff5vyfZ9OzcxJ0Nu75IyLms+XUcqpydDtsi4gphoxKVL4568FVLns7j1RZTN6aK278ynKq32lJpCXjxI9JVGKN8bY9cSM5PqYq3Pj9bUrh2vi4ROX31vHx+nj3+QPy/3818ZpE5d2C5MWURWddV+Ofjil1/VayIT7k9AMAAAAA4DzQ1L6W1++adlB75S4j+9fXLb8fqFxfj7a8PvdH//b3evYAAAAAAFwMVulxVjdNo3BIISRH9+m84G+vc6ChZuCwzv01M2x3PAHn9y4ix53XqzZf1bqC90OKuqagW9nZeLz5d+18rdbW+KSNKH/j4EfKFeq44/G+Ngoc8DrLZHOU75CVMNC19fzni9dfu/cGubrprYCjO691+lzBxlXnFAZO47MHAAAAwOmqJv1ezbXa5r6eDAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvmRG7p11Do9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAs+JHAAAA//+3evqP")
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x20, 0x0, 0x4, 0x8}, {0x80, 0x0, 0x55}, {0x1004}]}, 0x10) (async)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x20, 0x0, 0x4, 0x8}, {0x80, 0x0, 0x55}, {0x1004}]}, 0x10)
r4 = fcntl$dupfd(r2, 0x0, r3)
sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[], 0x3}}, 0x0) (async)
sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[], 0x3}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0xffffffff}]})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0) (async)
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f3, &(0x7f0000000280)={'ip_vti0\x00', &(0x7f0000000200)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x15, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x4, 0x0, @rand_addr=0x4, @empty, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@multicast2}]}, @timestamp_prespec={0x44, 0x1c, 0xfd, 0x3, 0x0, [{@dev}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@initdev={0xac, 0x1e, 0x0, 0x0}}]}, @noop, @lsrr={0x83, 0x13, 0x0, [@dev, @dev, @local, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @noop]}}}}})
accept4$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000140)=0x14, 0x0) (async)
accept4$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000140)=0x14, 0x0)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xffffffff}, 0x1c)

466.934468ms ago: executing program 3:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffd)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
r3 = inotify_init()
r4 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd=r3, 0x0, 0xfffffffffffffffe, 0x8001})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000000200)=[{0x0}], 0x1)
io_uring_enter(r4, 0x54, 0x0, 0x0, 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r9)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xe, 0x4, 0x4, 0x8, 0x0, 0x1}, 0x48)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x1, 0x4, 0x9, 0x0, r10}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r11, 0x0, 0x0}, 0x20)
sendfile(r1, r2, 0x0, 0x100000001)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
setsockopt$CAN_RAW_FD_FRAMES(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000140), 0x4)
r13 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r13, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r14 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x9b}]}, &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r14, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
write$tun(r12, &(0x7f0000000400)=ANY=[@ANYBLOB="000008000100000000003d000000466c3de46f6a5200004000000000008490783fffffffac1414aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="b40000009078001c0a0300050200000000000000000002d58838068b91000000"], 0x4e)
r15 = syz_io_uring_setup(0xf3d, &(0x7f0000000480), &(0x7f0000000080)=<r16=>0x0, &(0x7f0000000540)=<r17=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r16, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
ioctl$FIONCLEX(r2, 0x5450)
syz_io_uring_submit(r16, r17, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r15, 0x47ba, 0x0, 0x0, 0x0, 0x0)

458.918ms ago: executing program 4:
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
syz_mount_image$iso9660(&(0x7f0000000b00), &(0x7f0000000040)='./file0\x00', 0x4002, &(0x7f0000000140)=ANY=[@ANYBLOB='map=off,cruft,iocharset=ascii,block=0x0000000000000200,unhide,session=0x0000000000000011,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c004238994fceef7f633ea81416b1324d35327f7ace27c590b7f9fb133af0ffd6dfc4d893195864142b1450fbace6795f6e181993255fbbca2cb54fcf79cc53b3a6c3704aed82da89741aad5205bb43ded29cfd65509ff9c85cbdb7337ef48b9412ff439da96bb3f5ac11273d94d3d75d"], 0x1, 0xa29, &(0x7f0000001580)="$eJzs3ctvXNd9B/DvHfEl2lBlW3VVwbZGMmTTNkuRVC1B8KKWyKFEl4+CpAALbWEZllQIIurCbgHb6EIFiq5qxAiCAEk2gZdZGXAW8SbQLllmlUWAxP9BYGSlBAgmmDtDiY+ZoUhRpKJ8PoPR3MfvnPO7c+/coxnO3BP+nNXr9fK+zflLP9rNZHn0nJ/8+vMvPm3c/+dW+rIvrxc/SQaSVJOeP5bHSu/E5ML87CYV3UyuJLmdFEn603zsYP+auSspvpUn783fTvGDHG5TbGCLG8em6vxF2+vjDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHkkTk6OjY0VmpucuvV3trBwCvMv6leq+Kkf9Lr5a3URfm2aLpGjcMzCwMtT34UP3Vj/b+Od4nmvOPdcc+Xsgnzzx7ME3numprJTvktCu+PDjT26+u7x87YN7i3o3LdT/cHPalr7tFbtQm5tenJ+ePXehVp1enK+ePX169OTFqcXq1HRqi5cXl2qz1YmF2rml+YXq0MQr1bGzZ09VayOX5y/NXZgcmamtLDzzd+Ojo6erb438U+3cwuL83Mm3RhYnLk7PzEzPXShjGqsbMWcaB+I/Ti9Vl2rnZqvV6zeWr53aLMlG0FjbNUV1X1YFjW9W0/jo+PjY2Pj42OnXz75+ZnS0Z8OC0XWyIWLvD1r2zo8fyjkctqnS6v8zk+nM5VLeTrXtbSKTWch8Zjusb1np/0+crHVtd3X/v9LLH763+kjK/v+F5twLnfr/DrlsfqvXmzVvt/zK7cN8nE9yM+9mOcu5lg8euMb+rMvs9w9aY+tWffCt3Xi7kFrmMp3FzGc6szlXLqm2llRzNqdzOqN5JxczlcVUM5XpzKSWxVzOYpZSK4+oiSyklnNZynwWUs1QJvJKqhnL2ZzNqVRTy0guZz6XMpcLmcy5spbruVE+76e65Hg3aOx+gsa7BO1w/19/FP8nyMO2o+dveBD1Vv/f7j16M6C+MjU0sWtZAQAAADvpb3+eA4ee/tmvk948X34uPzU9Uxvd67QAAACAHVR+Xe+5xkNvY+r5FN7/AwAAwOOmKH9jVyQZzNHmVPOXUPviQwAAAAB4TJR//3+h8TDYmDqa4u6VUK7sdW4AAADAzrh7jf10usbuplfhL4ZXLv9bvdp8vNqKaF3nd3BqeqY2MjE/88ZYXiqvMlD+0mBDbfuSorf8+cGrOdaMOjbYfBxcW+NAI2ps5I2xvJrjrQ0ZerHx8OJQm8jxZuTLzciXu0SeakQCwOPueJf++H77/1cz3IwYPtLTl6TnSJuedVTPCgCPis3H2Nk0ovj7e+//e1vVrun/n871o82vFIzkvbyf5VzNcPlrg/IbB2tq/ZfPWp8Z3P0awmiGN/k0YCX2F2cqGe7weUBf1tc7nuFNPhFoxuZfk1MPf0cAwC463qEf3kr/P7zq/X82vv+/O7TQNT8pBIBHwt0R7B/ixF5vIwCwll4aAAAAAAAAAAAAAAAAAAAAAAAAAAAAdt6OXu1/YJvFf9Ma1+/hDkOwYWJ/6znYfj3fTrJ7OReNtvp3rsLKDtRTT7Jb+2v3JnIw2faz2vYw7kuy99u1lYm9PCsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwW4pkX7vllaQ/yWiSk7uf1fYVjS3q4tauZfLI+IfVM8Wd3MlHObB36QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJ5a1/+vpPn4RHNReirJiSRXkvzzXue4k+7sdQI7ZP82y626/n9jn6depKe521P0TkwuzM+W4yf0N9Z//fkXnzbuq4r33287ZWBl3eASrRbWx/7wyZWpp8pSg5PXPrz5n+//R3XyfCrpy/mlqZnJ2QsLb94r8mzxZVJN875iJd//PvHTz9ps+ZeNLW1vfbtT5ZMzubHdv2lXunu73dxYvjbeaGmp9vbSf/37jY9WrXo6x5IXh5KhtS39W+PeoaVj6e3WWvFN8X/FgXw3V8r933g2inrR2EV/VW7//us3lq+NvPf+8tUOOR3M0SRXk4H7z+lo5wE5yqOu0ttodbQMavxzqF193cf0aFvjWIdteKo8ZAZb29B3X9tQ3SSBVc97pd36ZkanOmT0TF5qs6fr/UnnjF7qvqfbK74pflVczC/zv6vG/6g09v+JdH51rq2ijFx1pHSMrDQjyy0fX73infWRv/3efWXfdpgatur/17x4K6vO/619tUPno3rR9Xy0qsWtvS7WtbjuqOjyuih7pEPrSrTOPp3KtPI81IzqkOdf57Wk50i3s+KG3vq1zU5pK+XfbL96u6//7xdD+V1uGf8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB49BXJvnbLK8mJJAdX5qtJfQvV9ndaURkstprijrp195/HQmWrBYo7uZOPcuDhpAMAAAAAAADAbjs/+fXnX3zauJd/j993p15v/X2/mvQkOVh8Z38mF+ZnN6moN7mS5HZjeqBT0B/qTWuXNsrlyXvztxtzh9tWcPB+twsA6OxPAQAA//8pUm3K")

418.717256ms ago: executing program 4:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080), &(0x7f0000000100)=0xc)
epoll_create1(0x0)
getgid()
r1 = syz_io_uring_setup(0x5169, &(0x7f0000000380)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000240)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x2})
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x2, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x1}, {0x9, 0xb3, 0xe5, 0x7ff}]})
ioprio_get$pid(0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001d0000090000000080000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='gpu_mem_total\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r6, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r7 = socket$tipc(0x1e, 0x4, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000000)={0x42}, 0x10)
r8 = socket$tipc(0x1e, 0x2, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000000500)={'ip6tnl0\x00', &(0x7f0000000480)={'syztnl0\x00', 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, @dev, @loopback, 0xf820, 0x7800}})
bind$tipc(r8, &(0x7f00000006c0)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
sendmsg$tipc(r7, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
io_uring_enter(r1, 0x9f7, 0x0, 0x0, 0x0, 0x0)

379.631142ms ago: executing program 0:
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
read$ptp(r0, &(0x7f00000001c0)=""/129, 0x81) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@migrate={0xa0, 0x21, 0x0, 0x0, 0x0, {{@in6=@mcast1, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0}}, [@migrate={0x50, 0x11, [{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @in=@broadcast, @in=@multicast1, @in=@dev, 0x0, 0x0, 0x0, 0x3500}]}]}, 0xa0}}, 0x0)
r1 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0603d06, &(0x7f0000000040)) (async)
ftruncate(0xffffffffffffffff, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000280)={'ip6_vti0\x00', &(0x7f0000000340)={'ip6_vti0\x00', <r2=>0x0, 0x2f, 0xe8, 0x6, 0x0, 0x18, @remote, @private2, 0x7800, 0x20, 0x631, 0xffffff01}})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000007c0)={r1, 0x20, &(0x7f0000000780)={&(0x7f0000000640)=""/214, 0xd6, <r3=>0x0, &(0x7f0000000740)=""/7, 0x7}}, 0x10) (async)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000800)={0xffffffffffffffff, 0x6, 0x18}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x5, 0x2, &(0x7f0000000480)=@raw=[@alu={0x7, 0x0, 0x2, 0x5, 0x2, 0x8, 0x8}, @jmp={0x5, 0x0, 0xb, 0x5, 0x7, 0x7, 0x8}], &(0x7f00000004c0)='syzkaller\x00', 0x8, 0xa8, &(0x7f0000000500)=""/168, 0x41100, 0x60, '\x00', r2, 0x1a, r1, 0x8, &(0x7f00000005c0)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000600)={0x2, 0x7, 0x8, 0x1}, 0x10, r3, 0xffffffffffffffff, 0x6, &(0x7f0000000840)=[r4, r1, r1, r1, r1], &(0x7f0000000880)=[{0x2, 0x1, 0xb, 0x3}, {0x5, 0x2, 0x7, 0xa}, {0x2, 0x4, 0xf, 0x8}, {0x2, 0x4, 0x10, 0x6}, {0x4, 0x2, 0x1, 0xa}, {0x2, 0x2, 0x0, 0xc}], 0x10, 0x1}, 0x90) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000a40)={r1, 0x58, &(0x7f00000009c0)}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000440)={'ip6tnl0\x00', &(0x7f00000003c0)={'ip6tnl0\x00', r2, 0x2f, 0x6, 0x1, 0x5d9, 0x64, @empty, @mcast2, 0x20, 0x20, 0x3ff, 0x3}}) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000010000000000000000000000850000008700000094000000a000400095"], &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) (async)
r6 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$netlink(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000180), 0x18}, 0x44800)

333.354129ms ago: executing program 1:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10)

326.0764ms ago: executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit, @alu={0x7, 0x1}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0xf8, &(0x7f0000000300)=""/248}, 0x90)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000054000000030a01030000000000000000050000000900010073797a30000000000900030073797a3200000000280004800800024000000000140003006970766c160e00000000030000"], 0xb0}}, 0x0)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_SET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x40, r3, 0x1, 0x0, 0x0, {0x9}, [@TIPC_NLA_LINK={0x2c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xfffffffffffffece, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x5}, @TIPC_NLA_PROP_WIN={0x8}]}]}]}, 0x40}}, 0x0)
sendto$l2tp6(r1, 0x0, 0x0, 0x4804, &(0x7f00000002c0)={0xa, 0x0, 0xffff2132, @dev={0xfe, 0x80, '\x00', 0x27}, 0x4, 0x4}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={0x0}, 0x10)
r4 = fsopen(&(0x7f0000000040)='sockfs\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000840)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495efdee7d9a97f04f1408ab9adc67ccc945ff15d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f79f361879473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d068f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a0578442926ef4e912f01a201e694e3806e8c8fe8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c58eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af100002e36bed435000025ecd201d2ffb0a7fa4f5d11060cf8f071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f7faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4a189edbf9fb7c42b1f435dcd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315878f88a8fb1dd679fb4c5557abae6849917dc51a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304165d39fd4afe683b2467c60e5b8eae897c22da8650579475afd96187d881e93b48037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857311a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e9efb3e1e7a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcc4ac55af67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r5, 0xfeffff, 0x1f0, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3fa67258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000840)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945ff15d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f79f361879473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d068f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a0578442926ef4e912f01a201e694e3806e8c8fe8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c58eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f7faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4a189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315878f88a8fb1dd679fb4c5557abae6849917dc51a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304165d39fd4afe683b2467c60e5b8eae897c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857311a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e9efb3e1e7a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r6, 0xfeffff, 0x1f0, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3fa67258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00'}, 0x10)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000540)={<r7=>0x0, @dev, @dev}, &(0x7f0000000580)=0xc)
sendmsg$nl_route_sched(r4, &(0x7f0000000680)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)=@newqdisc={0x48, 0x24, 0x2, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {0x0, 0xc}, {0xfff3, 0x4}, {0xa, 0x10}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_RATE={0x6, 0x5, {0x59, 0x6}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_RATE={0x6, 0x5, {0x4, 0x1}}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x8002)
r8 = socket(0x10, 0x3, 0x0)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r8, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f00000008c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9, @ANYBLOB="35012e58bdae7fe69f3504268babfdfcdbe92503000000b97b87f3499a2a35fa85ddc9b7c5ca9f56d25545ceec18295468f1b8d2cdeb6147c7e9b5464c220ec984d023c6eb3ab357704dc5cd9cfd74f5d47884d7d4d4d3ba5d1879cc8e4b8204e142b4d1663d6f4f8e864f54d87d16205c0cc1bd126ed311eaaa816e3f6aad"], 0x14}, 0x1, 0x0, 0x0, 0x4004011}, 0x4048800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0}, 0x90)

299.579954ms ago: executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYRES16=r0], 0x2c}}, 0x0)

276.508068ms ago: executing program 0:
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
ioperm(0x0, 0x1, 0xc47c)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000700)=ANY=[], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000080)={'wpan0\x00'})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func={0x1, 0x0, 0x0, 0xf, 0x1}]}, {0x0, [0x2e]}}, 0x0, 0x27}, 0x20)

273.239628ms ago: executing program 1:
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r1, &(0x7f0000000440)=""/247, 0x26)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x1, @time})
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0xc0bc5310, &(0x7f0000000100))
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0xc08c5335, &(0x7f0000000180))
tkill(r0, 0x7)

243.166513ms ago: executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/resume', 0x141a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x900, 0x12)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000240)={'wg1\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x4, 0x4, 0x4, 0xff}, 0x48)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x2, @broadcast, 'wg2\x00'}}, 0x1e)
connect$pppoe(0xffffffffffffffff, &(0x7f00000000c0)={0x18, 0x0, {0x2, @empty, 'veth1_to_bridge\x00'}}, 0x1e)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'wg2\x00'})

237.987633ms ago: executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x5, 0x2}, {0x1}}}, 0x24}}, 0x0)
open$dir(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$nfc_llcp(r2, 0x6, 0xd, 0x0, 0x2000e863)
bpf$MAP_UPDATE_CONST_STR(0x4, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
open$dir(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffffff, 0x0, 0x0)

193.299381ms ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
futex(&(0x7f0000000040), 0x0, 0x0, 0x0, 0x0, 0x0)

185.728132ms ago: executing program 0:
dup2(0xffffffffffffffff, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x5, 0x1, 0x0, 0x0, 0x0, 0x3, 0x10842, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xa404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x6, 0x4, 0x1000, 0x89}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140), &(0x7f00000004c0), 0x80, r0, 0x0, 0x7}, 0x38) (async)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140), &(0x7f00000004c0), 0x80, r0, 0x0, 0x7}, 0x38)

137.226469ms ago: executing program 4:
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
syz_mount_image$iso9660(&(0x7f0000000b00), &(0x7f0000000040)='./file0\x00', 0x4002, &(0x7f0000000140)=ANY=[@ANYBLOB='map=off,cruft,iocharset=ascii,block=0x0000000000000200,unhide,session=0x0000000000000011,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c004238994fceef7f633ea81416b1324d35327f7ace27c590b7f9fb133af0ffd6dfc4d893195864142b1450fbace6795f6e181993255fbbca2cb54fcf79cc53b3a6c3704aed82da89741aad5205bb43ded29cfd65509ff9c85cbdb7337ef48b9412ff439da96bb3f5ac11273d94d3d75d"], 0x1, 0xa29, &(0x7f0000001580)="$eJzs3ctvXNd9B/DvHfEl2lBlW3VVwbZGMmTTNkuRVC1B8KKWyKFEl4+CpAALbWEZllQIIurCbgHb6EIFiq5qxAiCAEk2gZdZGXAW8SbQLllmlUWAxP9BYGSlBAgmmDtDiY+ZoUhRpKJ8PoPR3MfvnPO7c+/coxnO3BP+nNXr9fK+zflLP9rNZHn0nJ/8+vMvPm3c/+dW+rIvrxc/SQaSVJOeP5bHSu/E5ML87CYV3UyuJLmdFEn603zsYP+auSspvpUn783fTvGDHG5TbGCLG8em6vxF2+vjDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHkkTk6OjY0VmpucuvV3trBwCvMv6leq+Kkf9Lr5a3URfm2aLpGjcMzCwMtT34UP3Vj/b+Od4nmvOPdcc+Xsgnzzx7ME3numprJTvktCu+PDjT26+u7x87YN7i3o3LdT/cHPalr7tFbtQm5tenJ+ePXehVp1enK+ePX169OTFqcXq1HRqi5cXl2qz1YmF2rml+YXq0MQr1bGzZ09VayOX5y/NXZgcmamtLDzzd+Ojo6erb438U+3cwuL83Mm3RhYnLk7PzEzPXShjGqsbMWcaB+I/Ti9Vl2rnZqvV6zeWr53aLMlG0FjbNUV1X1YFjW9W0/jo+PjY2Pj42OnXz75+ZnS0Z8OC0XWyIWLvD1r2zo8fyjkctqnS6v8zk+nM5VLeTrXtbSKTWch8Zjusb1np/0+crHVtd3X/v9LLH763+kjK/v+F5twLnfr/DrlsfqvXmzVvt/zK7cN8nE9yM+9mOcu5lg8euMb+rMvs9w9aY+tWffCt3Xi7kFrmMp3FzGc6szlXLqm2llRzNqdzOqN5JxczlcVUM5XpzKSWxVzOYpZSK4+oiSyklnNZynwWUs1QJvJKqhnL2ZzNqVRTy0guZz6XMpcLmcy5spbruVE+76e65Hg3aOx+gsa7BO1w/19/FP8nyMO2o+dveBD1Vv/f7j16M6C+MjU0sWtZAQAAADvpb3+eA4ee/tmvk948X34uPzU9Uxvd67QAAACAHVR+Xe+5xkNvY+r5FN7/AwAAwOOmKH9jVyQZzNHmVPOXUPviQwAAAAB4TJR//3+h8TDYmDqa4u6VUK7sdW4AAADAzrh7jf10usbuplfhL4ZXLv9bvdp8vNqKaF3nd3BqeqY2MjE/88ZYXiqvMlD+0mBDbfuSorf8+cGrOdaMOjbYfBxcW+NAI2ps5I2xvJrjrQ0ZerHx8OJQm8jxZuTLzciXu0SeakQCwOPueJf++H77/1cz3IwYPtLTl6TnSJuedVTPCgCPis3H2Nk0ovj7e+//e1vVrun/n871o82vFIzkvbyf5VzNcPlrg/IbB2tq/ZfPWp8Z3P0awmiGN/k0YCX2F2cqGe7weUBf1tc7nuFNPhFoxuZfk1MPf0cAwC463qEf3kr/P7zq/X82vv+/O7TQNT8pBIBHwt0R7B/ixF5vIwCwll4aAAAAAAAAAAAAAAAAAAAAAAAAAAAAdt6OXu1/YJvFf9Ma1+/hDkOwYWJ/6znYfj3fTrJ7OReNtvp3rsLKDtRTT7Jb+2v3JnIw2faz2vYw7kuy99u1lYm9PCsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwW4pkX7vllaQ/yWiSk7uf1fYVjS3q4tauZfLI+IfVM8Wd3MlHObB36QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJ5a1/+vpPn4RHNReirJiSRXkvzzXue4k+7sdQI7ZP82y626/n9jn6depKe521P0TkwuzM+W4yf0N9Z//fkXnzbuq4r33287ZWBl3eASrRbWx/7wyZWpp8pSg5PXPrz5n+//R3XyfCrpy/mlqZnJ2QsLb94r8mzxZVJN875iJd//PvHTz9ps+ZeNLW1vfbtT5ZMzubHdv2lXunu73dxYvjbeaGmp9vbSf/37jY9WrXo6x5IXh5KhtS39W+PeoaVj6e3WWvFN8X/FgXw3V8r933g2inrR2EV/VW7//us3lq+NvPf+8tUOOR3M0SRXk4H7z+lo5wE5yqOu0ttodbQMavxzqF193cf0aFvjWIdteKo8ZAZb29B3X9tQ3SSBVc97pd36ZkanOmT0TF5qs6fr/UnnjF7qvqfbK74pflVczC/zv6vG/6g09v+JdH51rq2ijFx1pHSMrDQjyy0fX73infWRv/3efWXfdpgatur/17x4K6vO/619tUPno3rR9Xy0qsWtvS7WtbjuqOjyuih7pEPrSrTOPp3KtPI81IzqkOdf57Wk50i3s+KG3vq1zU5pK+XfbL96u6//7xdD+V1uGf8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB49BXJvnbLK8mJJAdX5qtJfQvV9ndaURkstprijrp195/HQmWrBYo7uZOPcuDhpAMAAAAAAADAbjs/+fXnX3zauJd/j993p15v/X2/mvQkOVh8Z38mF+ZnN6moN7mS5HZjeqBT0B/qTWuXNsrlyXvztxtzh9tWcPB+twsA6OxPAQAA//8pUm3K")

99.643765ms ago: executing program 0:
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r0, 0x4, 0x7c00)
dup3(r1, r0, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000020acb"], 0x14}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x275a, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000000)={0x100042, 0x0, 0x3}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000080)='mem\x00\x10\x00\x00\x00\x00\x00\x00I\xa2l')
syz_open_procfs$namespace(0x0, &(0x7f0000000080))
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(r2, &(0x7f0000000280)='blkio.bfq.io_service_time\x00', 0x7a05, 0x1700)

92.184906ms ago: executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000))
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000f8840000800e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f00000001c0)={'virt_wifi0\x00', 0x600})
openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
r3 = socket(0x10, 0x803, 0xfffffffd)
sendto(r3, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000480)=0x5)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x6}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x38}}, 0x40000025)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000300)=[{0x6, 0x0, 0x0, 0x7654}]}, 0x10)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)
sendmsg$inet(r4, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000240)=' ', 0x1}], 0x1}, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0)
renameat2(r5, &(0x7f0000000140)='./file1\x00', r5, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
unlinkat(r5, &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

74.109439ms ago: executing program 1:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
sendmsg$unix(r1, &(0x7f0000001740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000021c0)=ANY=[@ANYBLOB="24000000000000000100020001000000", @ANYRES32], 0x68}, 0x0)

34.605515ms ago: executing program 1:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10)

0s ago: executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/locks\x00', 0x0, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f00000000c0), 0x4)
preadv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/90, 0x5a}], 0x1, 0x9, 0x0) (async)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
socket(0x0, 0x0, 0x0) (async)
r1 = socket$inet6_udp(0xa, 0x2, 0x0) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000240), 0xffffffffffffffff) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000280)=<r4=>0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f0000000640)=<r6=>0x0) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f0000000680)=<r7=>0x0)
sendmsg$NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x54, 0x0, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x2b1}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x31}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x2c1}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x1d4}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x8}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x366}]}, 0x54}, 0x1, 0x0, 0x0, 0x400004e}, 0x40) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000002c0)=<r8=>0x0)
r9 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r9, 0x0, &(0x7f00000000c0)=<r10=>0x0) (async)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r11)
sendmsg$NFC_CMD_DEV_UP(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r12, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}]}, 0x1c}}, 0x0) (async)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)={0x3c, r3, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44800}, 0xc055)
bpf$ENABLE_STATS(0x20, &(0x7f0000000100), 0x4) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x9}, 0x8)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000003c0)={'ip6tnl0\x00', &(0x7f0000000340)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}})
openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)

kernel console output (not intermixed with test programs):

aee9 code=0x7fc00000
[  163.900481][   T29] audit: type=1326 audit(1717035787.429:3178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552757aee9 code=0x7fc00000
[  163.924783][   T29] audit: type=1326 audit(1717035787.429:3179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552757aee9 code=0x7fc00000
[  163.949916][   T29] audit: type=1326 audit(1717035787.429:3180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552757aee9 code=0x7fc00000
[  163.973857][   T29] audit: type=1326 audit(1717035787.429:3181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552757aee9 code=0x7fc00000
[  163.997988][   T29] audit: type=1326 audit(1717035787.429:3182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552757aee9 code=0x7fc00000
[  164.022448][   T29] audit: type=1326 audit(1717035787.429:3183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552757aee9 code=0x7fc00000
[  164.027053][ T9324] loop2: detected capacity change from 0 to 512
[  164.055878][ T9324] EXT4-fs (loop2): orphan cleanup on readonly fs
[  164.062495][ T9324] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino
[  164.098883][ T9324] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117)
[  164.111984][ T9324] EXT4-fs mount: 25 callbacks suppressed
[  164.111998][ T9324] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  164.167554][ T8016] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.260696][ T9329] xt_hashlimit: overflow, try lower: 512/9223372036854775808
[  164.321892][ T9279] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  164.332484][ T9279] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  164.341414][ T9279] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  164.350657][ T9279] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  164.391714][ T9279] 8021q: adding VLAN 0 to HW filter on device bond0
[  164.408801][ T9279] 8021q: adding VLAN 0 to HW filter on device team0
[  164.419792][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.426917][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  164.447578][ T9279] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  164.457990][ T9279] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  164.473290][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.480395][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.545899][ T9279] 8021q: adding VLAN 0 to HW filter on device batadv0
[  164.623266][ T9279] veth0_vlan: entered promiscuous mode
[  164.635441][ T9279] veth1_vlan: entered promiscuous mode
[  164.654198][ T9279] veth0_macvtap: entered promiscuous mode
[  164.663670][ T9279] veth1_macvtap: entered promiscuous mode
[  164.674472][ T9279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.684971][ T9279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.694911][ T9279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.705453][ T9279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.715331][ T9279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.725908][ T9279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.735813][ T9279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.746384][ T9279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.756294][ T9279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.766869][ T9279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.778901][ T9279] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.794193][ T9279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.804940][ T9279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.814892][ T9279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.825424][ T9279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.835412][ T9279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.845938][ T9279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.855938][ T9279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.866453][ T9279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.876367][ T9279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.886848][ T9279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.902227][ T9279] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.922269][ T9279] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.931035][ T9279] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.939876][ T9279] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.948710][ T9279] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.047010][ T9352] netlink: 'syz-executor.0': attribute type 22 has an invalid length.
[  165.073650][ T9360] loop0: detected capacity change from 0 to 512
[  165.096816][ T9360] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002]
[  165.104957][ T9360] System zones: 0-2, 18-18, 34-35
[  165.111288][ T9360] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.126969][ T9360] ext4 filesystem being mounted at /root/syzkaller-testdir226407414/syzkaller.xpe43v/1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.142162][ T9360] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.154791][ T9358] loop3: detected capacity change from 0 to 256
[  165.233816][ T9373] loop0: detected capacity change from 0 to 512
[  165.242677][ T9373] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: casefold flag without casefold feature
[  165.256180][ T9373] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117)
[  165.269225][ T9373] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.345770][ T9373] loop0: detected capacity change from 512 to 511
[  165.352619][ T9387] EXT4-fs error (device loop0): ext4_xattr_ibody_get:653: inode #18: comm syz-executor.0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  165.369688][ T9387] EXT4-fs error (device loop0): get_max_inline_xattr_value_size:69: inode #18: comm syz-executor.0: corrupt xattr in inline inode
[  165.428680][ T9387] syz-executor.0: attempt to access beyond end of device
[  165.428680][ T9387] loop0: rw=2049, sector=510, nr_sectors = 2 limit=511
[  165.442924][ T9387] EXT4-fs warning (device loop0): ext4_end_bio:346: I/O error 10 writing to inode 18 starting block 255)
[  165.454412][ T9387] Buffer I/O error on device loop0, logical block 255
[  165.498591][ T9279] EXT4-fs error (device loop0): htree_dirblock_to_tree:1111: inode #2: block 36: comm syz-executor.0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=67108864, rec_len=259, size=1024 fake=0
[  165.530534][ T9279] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.650263][ T9404] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  166.096151][ T9406] loop3: detected capacity change from 0 to 512
[  166.107022][ T9406] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002]
[  166.115063][ T9406] System zones: 0-2, 18-18, 34-35
[  166.120822][ T9406] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.133578][ T9406] ext4 filesystem being mounted at /root/syzkaller-testdir4116209090/syzkaller.lPzOuY/37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.148747][ T9406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.270512][ T9410] loop3: detected capacity change from 0 to 8192
[  166.278950][ T9410] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  166.395224][ T9420] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  166.451241][ T9423] loop3: detected capacity change from 0 to 2048
[  167.276944][ T9448] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'.
[  167.384855][ T9457] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  167.516153][ T9473] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  167.989158][ T9483] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  168.006499][ T9486] loop1: detected capacity change from 0 to 1024
[  168.014118][ T9486] EXT4-fs: Ignoring removed orlov option
[  168.027006][ T9486] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.042144][ T9486] Cannot find add_set index 0 as target
[  168.059922][ T7220] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.134929][ T9494] Dead loop on virtual device ip6_vti0, fix it urgently!
[  168.180122][ T9500] loop1: detected capacity change from 0 to 2048
[  168.198689][ T9500] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.221718][ T7220] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.268945][ T9513] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  168.302334][ T9519] loop2: detected capacity change from 0 to 512
[  168.309809][ T9519] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  168.320809][ T9519] EXT4-fs (loop2): 1 truncate cleaned up
[  168.327434][ T9519] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.345878][ T8016] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.417134][ T9526] loop2: detected capacity change from 0 to 256
[  168.431283][ T9526] FAT-fs (loop2): Directory bread(block 64) failed
[  168.437914][ T9526] FAT-fs (loop2): Directory bread(block 65) failed
[  168.444433][ T9526] FAT-fs (loop2): Directory bread(block 66) failed
[  168.451030][ T9526] FAT-fs (loop2): Directory bread(block 67) failed
[  168.457635][ T9526] FAT-fs (loop2): Directory bread(block 68) failed
[  168.464163][ T9526] FAT-fs (loop2): Directory bread(block 69) failed
[  168.470725][ T9526] FAT-fs (loop2): Directory bread(block 70) failed
[  168.478850][ T9526] FAT-fs (loop2): Directory bread(block 71) failed
[  168.485395][ T9526] FAT-fs (loop2): Directory bread(block 72) failed
[  168.494876][ T9526] FAT-fs (loop2): Directory bread(block 73) failed
[  168.538640][ T1546] kworker/u8:4: attempt to access beyond end of device
[  168.538640][ T1546] loop2: rw=1, sector=1224, nr_sectors = 32 limit=256
[  168.559490][   T28] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.578349][ T1546] kworker/u8:4: attempt to access beyond end of device
[  168.578349][ T1546] loop2: rw=1, sector=1288, nr_sectors = 100 limit=256
[  168.693854][ T9537] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  168.774965][ T9534] chnl_net:caif_netlink_parms(): no params data found
[  168.818436][ T9534] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.825572][ T9534] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.832828][ T9534] bridge_slave_0: entered allmulticast mode
[  168.839578][ T9534] bridge_slave_0: entered promiscuous mode
[  168.846578][ T9534] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.853652][ T9534] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.861076][ T9534] bridge_slave_1: entered allmulticast mode
[  168.868345][ T9534] bridge_slave_1: entered promiscuous mode
[  168.902124][ T9534] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.913025][ T9534] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.932333][ T9580] loop3: detected capacity change from 0 to 256
[  168.945247][ T9534] team0: Port device team_slave_0 added
[  168.952172][ T9534] team0: Port device team_slave_1 added
[  168.970305][ T9534] batman_adv: batadv0: Adding interface: batadv_slave_0
[  168.977387][ T9534] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.003290][ T9534] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  169.014647][ T9534] batman_adv: batadv0: Adding interface: batadv_slave_1
[  169.021685][ T9534] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.047647][ T9534] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  169.066541][ T9608] loop3: detected capacity change from 0 to 512
[  169.074331][ T9608] ext3: Unknown parameter ''
[  169.082316][ T9534] hsr_slave_0: entered promiscuous mode
[  169.088666][ T9534] hsr_slave_1: entered promiscuous mode
[  169.094579][ T9534] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  169.102188][ T9534] Cannot create hsr debugfs directory
[  169.374798][ T9617] loop3: detected capacity change from 0 to 512
[  169.382596][ T9617] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  169.397602][ T9617] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #15: comm syz-executor.3: iget: bad extended attribute block 19
[  169.410800][ T9617] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117)
[  169.423585][ T9617] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.491505][ T8405] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.530394][ T9624] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  169.539836][ T9624] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744072400928773)
[  169.545687][  T971] syz_tun: tun_net_xmit 110
[  169.550431][ T9624] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647
[  169.555591][    C1] syz_tun: tun_net_xmit 58
[  169.639087][ T9637] geneve2: entered promiscuous mode
[  169.644323][ T9637] geneve2: entered allmulticast mode
[  169.651442][   T29] kauditd_printk_skb: 12188 callbacks suppressed
[  169.651456][   T29] audit: type=1400 audit(1717035793.289:15372): avc:  denied  { setattr } for  pid=9636 comm="syz-executor.3" name="tty1" dev="devtmpfs" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  169.652208][ T9638] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  169.681326][   T29] audit: type=1400 audit(1717035793.289:15373): avc:  denied  { ioctl } for  pid=9636 comm="syz-executor.3" path="socket:[30825]" dev="sockfs" ino=30825 ioctlcmd=0x9410 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  169.831085][ T9645] loop3: detected capacity change from 0 to 128
[  169.837606][  T971] syz_tun: tun_net_xmit 110
[  169.945574][    C1] syz_tun: tun_net_xmit 58
[  170.522460][ T9654] loop2: detected capacity change from 0 to 256
[  170.608906][ T9658] skb len=10633 headroom=136 headlen=10633 tailroom=5295
[  170.608906][ T9658] mac=(136,0) mac_len=0 net=(136,20) trans=156
[  170.608906][ T9658] shinfo(txflags=0 nr_frags=0 gso(size=0 type=0 segs=0))
[  170.608906][ T9658] csum(0x350e00a0 start=160 offset=13582 ip_summed=3 complete_sw=0 valid=0 level=0)
[  170.608906][ T9658] hash(0x0 sw=0 l4=0) proto=0x0800 pkttype=0 iif=0
[  170.608906][ T9658] priority=0x0 mark=0x0 alloc_cpu=0 vlan_all=0x0
[  170.608906][ T9658] encapsulation=1 inner(proto=0x0008, mac=160, net=160, trans=212)
[  170.658712][ T9658] dev name=veth0 feat=0x000061164fdd19e9
[  170.664451][ T9658] skb linear:   00000000: 45 02 29 89 8c 16 00 00 0f 2f 55 fe ac 14 14 18
[  170.673063][ T9658] skb linear:   00000010: e0 00 00 03 00 00 08 00 bd 0b 29 71 10 82 0c 52
[  170.681566][ T9658] skb linear:   00000020: 0f 06 ea a4 fd fe 4b 88 94 30 eb b5 29 97 e3 6e
[  170.690162][ T9658] skb linear:   00000030: 03 9b 1c 59 88 25 f8 01 00 e3 c0 63 76 c3 30 76
[  170.698736][ T9658] skb linear:   00000040: a1 67 d5 14 fa 57 0a 44 02 61 a6 7a 34 a0 76 05
[  170.707223][ T9658] skb linear:   00000050: c9 3a 19 49 46 bc 62 83 f4 00 00 00 4c 80 00 00
[  170.715807][ T9658] skb linear:   00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  170.724290][ T9658] skb linear:   00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  170.732975][ T9658] skb linear:   00000080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  170.741599][ T9658] skb linear:   00000090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  170.750091][ T9658] skb linear:   000000a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  170.758593][ T9658] skb linear:   000000b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  170.767166][ T9658] skb linear:   000000c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  170.775756][ T9658] skb linear:   000000d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  170.784278][ T9658] skb linear:   000000e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  170.792826][ T9658] skb linear:   000000f0: 00 00 00 00 00 00 05 00 00 00 80 00 00 00 81 01
[  170.801350][ T9658] skb linear:   00000100: 07 40 00 00 00 00 00 00 00 00 00 00 00 80 40 00
[  170.809895][ T9658] ------------[ cut here ]------------
[  170.815361][ T9658] offset+2 (13608) > skb_headlen() (10633)
[  170.821581][ T9658] WARNING: CPU: 0 PID: 9658 at net/core/dev.c:3334 skb_checksum_help+0x43b/0x450
[  170.830695][ T9658] Modules linked in:
[  170.834612][ T9658] CPU: 0 PID: 9658 Comm: syz-executor.2 Not tainted 6.10.0-rc1-syzkaller-00027-g4a4be1ad3a6e #0
[  170.845062][ T9658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  170.855160][ T9658] RIP: 0010:skb_checksum_help+0x43b/0x450
[  170.861006][ T9658] Code: 90 4c 89 ff e8 06 17 60 fd 41 8b 1f 4c 89 e7 e8 fb 16 60 fd 41 2b 1c 24 48 c7 c7 4c 68 e1 85 48 89 ee 89 da e8 16 c3 2a fd 90 <0f> 0b 90 90 bb ea ff ff ff e9 45 fe ff ff 0f 1f 80 00 00 00 00 90
[  170.880647][ T9658] RSP: 0018:ffffc900012af410 EFLAGS: 00010246
[  170.886870][ T9658] RAX: 860b0e0c645a0100 RBX: 0000000000002989 RCX: ffff888102ce1080
[  170.894868][ T9658] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  170.902909][ T9658] RBP: 0000000000003528 R08: ffffffff8110fb97 R09: 0000000000000000
[  170.910877][ T9658] R10: 0001ffffffffffff R11: ffff888102ce1080 R12: ffff88812c783f74
[  170.918898][ T9658] R13: 00000000ccad047d R14: ffff88812c783f00 R15: ffff88812c783f70
[  170.926886][ T9658] FS:  00007f8e631876c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[  170.935814][ T9658] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  170.942394][ T9658] CR2: 000000002000e000 CR3: 0000000114d66000 CR4: 00000000003506f0
[  170.950413][ T9658] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  170.958673][ T9658] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  170.966685][ T9658] Call Trace:
[  170.969956][ T9658]  <TASK>
[  170.972870][ T9658]  ? __warn+0x13c/0x350
[  170.977116][ T9658]  ? report_bug+0x315/0x420
[  170.981695][ T9658]  ? skb_checksum_help+0x43b/0x450
[  170.986867][ T9658]  ? handle_bug+0x3e/0x70
[  170.991190][ T9658]  ? exc_invalid_op+0x1a/0x50
[  170.995872][ T9658]  ? asm_exc_invalid_op+0x1a/0x20
[  171.000911][ T9658]  ? __warn_printk+0x167/0x1b0
[  171.005716][ T9658]  ? skb_checksum_help+0x43b/0x450
[  171.010914][ T9658]  ip_do_fragment+0xdb/0xd00
[  171.015517][ T9658]  ? __folio_put+0x114/0x150
[  171.020123][ T9658]  ? free_large_kmalloc+0x8c/0xb0
[  171.025131][ T9658]  ? __memcg_slab_free_hook+0xc9/0x1e0
[  171.030647][ T9658]  ? __pfx_ip_finish_output2+0x10/0x10
[  171.036128][ T9658]  ip_fragment+0xd2/0x140
[  171.040455][ T9658]  ip_finish_output+0x1c4/0x2a0
[  171.045327][ T9658]  ip_output+0xab/0x170
[  171.049556][ T9658]  ? __pfx_ip_finish_output+0x10/0x10
[  171.054922][ T9658]  ? __pfx_ip_output+0x10/0x10
[  171.059721][ T9658]  ip_local_out+0xab/0xd0
[  171.064145][ T9658]  iptunnel_xmit+0x33f/0x460
[  171.068846][ T9658]  ip_tunnel_xmit+0x1685/0x1740
[  171.073745][ T9658]  ipgre_xmit+0x5f4/0x6d0
[  171.078098][ T9658]  dev_hard_start_xmit+0x119/0x3f0
[  171.083278][ T9658]  __dev_queue_xmit+0xf83/0x1e50
[  171.088330][ T9658]  ? __dev_queue_xmit+0x161/0x1e50
[  171.093436][ T9658]  packet_xmit+0x4b/0x1e0
[  171.097862][ T9658]  packet_sendmsg+0x2ae1/0x3320
[  171.102884][ T9658]  ? selinux_socket_sendmsg+0x182/0x1b0
[  171.108448][ T9658]  ? __pfx_packet_sendmsg+0x10/0x10
[  171.113650][ T9658]  __sock_sendmsg+0x140/0x180
[  171.118373][ T9658]  ____sys_sendmsg+0x312/0x410
[  171.123249][ T9658]  __sys_sendmsg+0x1e9/0x280
[  171.127896][ T9658]  ? futex_wait+0x18e/0x1c0
[  171.132399][ T9658]  __x64_sys_sendmsg+0x46/0x50
[  171.137238][ T9658]  x64_sys_call+0xb25/0x2d70
[  171.141925][ T9658]  do_syscall_64+0xc9/0x1c0
[  171.146515][ T9658]  ? clear_bhb_loop+0x55/0xb0
[  171.151281][ T9658]  ? clear_bhb_loop+0x55/0xb0
[  171.155980][ T9658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.161928][ T9658] RIP: 0033:0x7f8e63e0cee9
[  171.166392][ T9658] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  171.186099][ T9658] RSP: 002b:00007f8e631870c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  171.194513][ T9658] RAX: ffffffffffffffda RBX: 00007f8e63f43fa0 RCX: 00007f8e63e0cee9
[  171.202539][ T9658] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000009
[  171.210528][ T9658] RBP: 00007f8e63e5947f R08: 0000000000000000 R09: 0000000000000000
[  171.218529][ T9658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  171.226501][ T9658] R13: 000000000000000b R14: 00007f8e63f43fa0 R15: 00007fff744ff178
[  171.234459][ T9658]  </TASK>
[  171.237493][ T9658] ---[ end trace 0000000000000000 ]---
[  171.529484][ T9683] loop3: detected capacity change from 0 to 256
[  171.548216][   T28] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.612304][   T28] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.659065][   T28] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.730784][   T28] bridge_slave_1: left allmulticast mode
[  171.736510][   T28] bridge_slave_1: left promiscuous mode
[  171.742252][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.750239][   T28] bridge_slave_0: left allmulticast mode
[  171.755936][   T28] bridge_slave_0: left promiscuous mode
[  171.761639][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.847942][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  171.858907][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  171.869029][   T28] bond0 (unregistering): Released all slaves
[  172.027534][   T28] hsr_slave_0: left promiscuous mode
[  172.030236][ T9701] Invalid ELF header magic: != ELF
[  172.038258][   T28] hsr_slave_1: left promiscuous mode
[  172.044260][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.051971][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.060714][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.068218][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.077459][   T28] veth1_macvtap: left promiscuous mode
[  172.083623][   T28] veth0_macvtap: left promiscuous mode
[  172.089245][   T28] veth1_vlan: left promiscuous mode
[  172.094573][   T28] veth0_vlan: left promiscuous mode
[  172.182898][   T28] team0 (unregistering): Port device team_slave_1 removed
[  172.195567][   T28] team0 (unregistering): Port device team_slave_0 removed
[  172.335232][ T9534] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  172.344128][ T9534] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  172.352660][ T9534] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  172.361281][ T9534] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  172.400234][ T9534] 8021q: adding VLAN 0 to HW filter on device bond0
[  172.412636][ T9534] 8021q: adding VLAN 0 to HW filter on device team0
[  172.423570][  T971] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.430660][  T971] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.444834][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.451975][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.461196][ T9708] loop2: detected capacity change from 0 to 512
[  172.469508][ T9708] EXT4-fs: Ignoring removed nobh option
[  172.482445][ T9534] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  172.486821][ T9708] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  172.492991][ T9534] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  172.502803][ T9708] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #13: comm syz-executor.2: casefold flag without casefold feature
[  172.533465][ T9708] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 13 (err -117)
[  172.547887][ T9708] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.568057][ T9708] EXT4-fs warning (device loop2): ext4_lookup:1866: Inconsistent encryption contexts: 2/12
[  172.573392][ T9534] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.578800][ T9708] EXT4-fs warning (device loop2): ext4_lookup:1866: Inconsistent encryption contexts: 2/12
[  172.592852][ T9716] loop3: detected capacity change from 0 to 256
[  172.603039][ T9708] ieee802154 phy0 wpan0: encryption failed: -22
[  172.620016][ T8016] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.669661][ T9534] veth0_vlan: entered promiscuous mode
[  172.678189][ T9534] veth1_vlan: entered promiscuous mode
[  172.690690][ T9725] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  172.697936][ T9725] IPv6: NLM_F_CREATE should be set when creating new route
[  172.705119][ T9725] IPv6: NLM_F_CREATE should be set when creating new route
[  172.715301][ T9534] veth0_macvtap: entered promiscuous mode
[  172.731002][ T9534] veth1_macvtap: entered promiscuous mode
[  172.742874][ T9534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.753447][ T9534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.763316][ T9534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.773805][ T9534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.783654][ T9534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.794314][ T9534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.804201][ T9534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.814677][ T9534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.824764][ T9534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.835248][ T9534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.930228][ T9534] batman_adv: batadv0: Interface activated: batadv_slave_0
[  172.943073][ T9534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.953712][ T9534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.963860][ T9534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.974382][ T9534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.983164][ T9740] loop1: detected capacity change from 0 to 512
[  172.984293][ T9534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.001016][ T9534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.010879][ T9534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.021389][ T9534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.031306][ T9534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.041746][ T9534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.051256][ T9740] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002]
[  173.054012][ T9534] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.066945][ T9740] System zones: 0-2, 18-18, 34-35
[  173.076318][ T9740] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.090013][ T9534] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.098951][ T9534] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.107744][ T9534] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.116550][ T9534] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.126858][ T9740] ext4 filesystem being mounted at /root/syzkaller-testdir529388395/syzkaller.0D2h9x/213/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.144652][ T9740] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.364167][ T9763] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  173.382341][   T29] audit: type=1400 audit(1717035797.009:15374): avc:  denied  { create } for  pid=9762 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  173.405380][   T29] audit: type=1400 audit(1717035797.029:15375): avc:  denied  { ioctl } for  pid=9762 comm="syz-executor.1" path="socket:[31952]" dev="sockfs" ino=31952 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  173.433513][ T9769] Invalid ELF header magic: != ELF
[  173.454481][ T9768] pim6reg: entered allmulticast mode
[  173.621146][ T9780] loop3: detected capacity change from 0 to 512
[  173.636435][ T9780] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002]
[  173.644510][ T9780] System zones: 0-2, 18-18, 34-35
[  173.650260][ T9780] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.662988][ T9780] ext4 filesystem being mounted at /root/syzkaller-testdir4116209090/syzkaller.lPzOuY/83/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.678770][ T9780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.053028][ T9795] loop3: detected capacity change from 0 to 256
[  174.262100][ T9808] loop3: detected capacity change from 0 to 512
[  174.277424][ T9808] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002]
[  174.285445][ T9808] System zones: 0-2, 18-18, 34-35
[  174.291387][ T9808] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.304123][ T9808] ext4 filesystem being mounted at /root/syzkaller-testdir4116209090/syzkaller.lPzOuY/91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.320592][ T9808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.483303][ T9827] loop2: detected capacity change from 0 to 512
[  174.508828][ T9827] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.522415][ T9827] ext4 filesystem being mounted at /root/syzkaller-testdir414381789/syzkaller.fYaXyA/159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.744871][ T9839] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  175.053721][ T9820] syz-executor.2 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=1000
[  175.068247][ T9820] CPU: 1 PID: 9820 Comm: syz-executor.2 Tainted: G        W          6.10.0-rc1-syzkaller-00027-g4a4be1ad3a6e #0
[  175.080141][ T9820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  175.090240][ T9820] Call Trace:
[  175.093544][ T9820]  <TASK>
[  175.096461][ T9820]  dump_stack_lvl+0xf2/0x150
[  175.101073][ T9820]  dump_stack+0x15/0x20
[  175.105294][ T9820]  dump_header+0x83/0x2d0
[  175.109610][ T9820]  oom_kill_process+0x33e/0x4c0
[  175.114490][ T9820]  out_of_memory+0x9af/0xbe0
[  175.119083][ T9820]  mem_cgroup_out_of_memory+0x13e/0x190
[  175.124726][ T9820]  try_charge_memcg+0x745/0xcd0
[  175.129634][ T9820]  ? get_page_from_freelist+0x1a42/0x1a80
[  175.135344][ T9820]  obj_cgroup_charge_pages+0xbd/0x1d0
[  175.140747][ T9820]  __memcg_kmem_charge_page+0x9d/0x170
[  175.146213][ T9820]  __alloc_pages_noprof+0x1bc/0x360
[  175.151500][ T9820]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  175.156949][ T9820]  alloc_pages_noprof+0xe1/0x100
[  175.161929][ T9820]  __vmalloc_node_range_noprof+0x719/0xef0
[  175.167739][ T9820]  kvmalloc_node_noprof+0x121/0x170
[  175.173037][ T9820]  ? ip_set_alloc+0x1f/0x30
[  175.177658][ T9820]  ip_set_alloc+0x1f/0x30
[  175.182060][ T9820]  hash_netiface_create+0x273/0x730
[  175.187287][ T9820]  ? __nla_parse+0x40/0x60
[  175.191710][ T9820]  ? __pfx_hash_netiface_create+0x10/0x10
[  175.197447][ T9820]  ip_set_create+0x359/0x8a0
[  175.202035][ T9820]  ? memchr+0x1/0x50
[  175.205947][ T9820]  ? __nla_parse+0x40/0x60
[  175.210365][ T9820]  nfnetlink_rcv_msg+0x4a9/0x570
[  175.215420][ T9820]  netlink_rcv_skb+0x12c/0x230
[  175.220205][ T9820]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  175.225678][ T9820]  nfnetlink_rcv+0x16c/0x15b0
[  175.230391][ T9820]  ? kmem_cache_free+0xd8/0x280
[  175.235385][ T9820]  ? nlmon_xmit+0x51/0x60
[  175.239702][ T9820]  ? __kfree_skb+0x102/0x150
[  175.244355][ T9820]  ? consume_skb+0x57/0x180
[  175.248859][ T9820]  ? nlmon_xmit+0x51/0x60
[  175.253299][ T9820]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  175.258599][ T9820]  ? __dev_queue_xmit+0xb21/0x1e50
[  175.263761][ T9820]  ? ref_tracker_free+0x3a5/0x410
[  175.268779][ T9820]  ? __netlink_deliver_tap+0x495/0x4c0
[  175.274227][ T9820]  netlink_unicast+0x58d/0x660
[  175.279049][ T9820]  netlink_sendmsg+0x5ca/0x6e0
[  175.283874][ T9820]  ? __pfx_netlink_sendmsg+0x10/0x10
[  175.289172][ T9820]  __sock_sendmsg+0x140/0x180
[  175.293904][ T9820]  ____sys_sendmsg+0x312/0x410
[  175.298678][ T9820]  __sys_sendmsg+0x1e9/0x280
[  175.303261][ T9820]  ? futex_wait+0x18e/0x1c0
[  175.307835][ T9820]  __x64_sys_sendmsg+0x46/0x50
[  175.312660][ T9820]  x64_sys_call+0xb25/0x2d70
[  175.317238][ T9820]  do_syscall_64+0xc9/0x1c0
[  175.321731][ T9820]  ? clear_bhb_loop+0x55/0xb0
[  175.326504][ T9820]  ? clear_bhb_loop+0x55/0xb0
[  175.331264][ T9820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.337321][ T9820] RIP: 0033:0x7f8e63e0cee9
[  175.341813][ T9820] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  175.361425][ T9820] RSP: 002b:00007f8e631870c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  175.369833][ T9820] RAX: ffffffffffffffda RBX: 00007f8e63f43fa0 RCX: 00007f8e63e0cee9
[  175.378085][ T9820] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  175.386061][ T9820] RBP: 00007f8e63e5947f R08: 0000000000000000 R09: 0000000000000000
[  175.394039][ T9820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  175.402010][ T9820] R13: 000000000000000b R14: 00007f8e63f43fa0 R15: 00007fff744ff178
[  175.409974][ T9820]  </TASK>
[  175.413066][ T9820] memory: usage 307200kB, limit 307200kB, failcnt 174
[  175.420109][ T9820] memory+swap: usage 307904kB, limit 9007199254740988kB, failcnt 0
[  175.428088][ T9820] kmem: usage 307160kB, limit 9007199254740988kB, failcnt 0
[  175.435450][ T9820] Memory cgroup stats for /syz2:
[  175.435722][ T9820] cache 32768
[  175.444019][ T9820] rss 0
[  175.446806][ T9820] shmem 0
[  175.449816][ T9820] mapped_file 0
[  175.453275][ T9820] dirty 0
[  175.456310][ T9820] writeback 8192
[  175.460035][ T9820] workingset_refault_anon 84
[  175.464670][ T9820] workingset_refault_file 1
[  175.469191][ T9820] swap 720896
[  175.472466][ T9820] swapcached 8192
[  175.476234][ T9820] pgpgin 85222
[  175.479649][ T9820] pgpgout 85212
[  175.483109][ T9820] pgfault 99916
[  175.486570][ T9820] pgmajfault 28
[  175.490020][ T9820] inactive_anon 8192
[  175.493948][ T9820] active_anon 0
[  175.497464][ T9820] inactive_file 16384
[  175.501476][ T9820] active_file 16384
[  175.505373][ T9820] unevictable 0
[  175.508894][ T9820] hierarchical_memory_limit 314572800
[  175.514328][ T9820] hierarchical_memsw_limit 9223372036854771712
[  175.520580][ T9820] total_cache 32768
[  175.524415][ T9820] total_rss 0
[  175.527719][ T9820] total_shmem 0
[  175.531200][ T9820] total_mapped_file 0
[  175.535182][ T9820] total_dirty 0
[  175.538647][ T9820] total_writeback 8192
[  175.542725][ T9820] total_workingset_refault_anon 84
[  175.547838][ T9820] total_workingset_refault_file 1
[  175.552994][ T9820] total_swap 720896
[  175.556792][ T9820] total_swapcached 8192
[  175.560945][ T9820] total_pgpgin 85222
[  175.565581][ T9820] total_pgpgout 85212
[  175.569604][ T9820] total_pgfault 99916
[  175.573570][ T9820] total_pgmajfault 28
[  175.577550][ T9820] total_inactive_anon 8192
[  175.582029][ T9820] total_active_anon 0
[  175.586043][ T9820] total_inactive_file 16384
[  175.590571][ T9820] total_active_file 16384
[  175.594983][ T9820] total_unevictable 0
[  175.598975][ T9820] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=9819,uid=0
[  175.614244][ T9820] Memory cgroup out of memory: Killed process 9819 (syz-executor.2) total-vm:48620kB, anon-rss:548kB, file-rss:9012kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[  175.685392][ T9850] loop1: detected capacity change from 0 to 512
[  175.696347][ T9850] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002]
[  175.704425][ T9850] System zones: 0-2, 18-18, 34-35
[  175.711597][ T9850] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.724439][ T9850] ext4 filesystem being mounted at /root/syzkaller-testdir529388395/syzkaller.0D2h9x/223/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.744581][ T9850] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.747115][ T9856] loop0: detected capacity change from 0 to 512
[  175.762481][ T9856] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  175.771646][ T9856] EXT4-fs (loop0): Couldn't mount because of unsupported optional features (fffc1829)
[  175.781320][ T9856] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  175.889110][ T9820] syz-executor.2 (9820) used greatest stack depth: 7184 bytes left
[  175.900585][ T8016] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.967437][ T9869] loop2: detected capacity change from 0 to 512
[  176.107029][ T9869] xt_ecn: cannot match TCP bits for non-tcp packets
[  176.521368][ T9891] loop1: detected capacity change from 0 to 512
[  176.664079][ T9891] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002]
[  176.813320][ T9891] System zones: 0-2, 18-18, 34-35
[  176.924810][ T9891] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.060168][ T9891] ext4 filesystem being mounted at /root/syzkaller-testdir529388395/syzkaller.0D2h9x/226/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.082077][ T9891] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.140376][   T29] audit: type=1400 audit(1717035800.769:15376): avc:  denied  { append } for  pid=9898 comm="syz-executor.2" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  177.165951][ T9901] Invalid ELF header magic: != ELF
[  177.190345][ T9907] loop1: detected capacity change from 0 to 1024
[  177.198601][ T9907] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  177.208311][ T9907] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  177.218580][ T9907] EXT4-fs error (device loop1): ext4_get_journal_inode:5752: inode #32: comm syz-executor.1: iget: special inode unallocated
[  177.231851][ T9907] EXT4-fs (loop1): no journal found
[  177.237280][ T9907] EXT4-fs (loop1): can't get journal size
[  177.243726][ T9907] EXT4-fs error (device loop1): ext4_protect_reserved_inode:160: inode #32: comm syz-executor.1: iget: special inode unallocated
[  177.257414][ T9907] EXT4-fs (loop1): failed to initialize system zone (-117)
[  177.264733][ T9907] EXT4-fs (loop1): mount failed
[  177.320505][ T9907] loop1: detected capacity change from 0 to 512
[  177.327428][ T9907] EXT4-fs (loop1): blocks per group (8192) and clusters per group (32) inconsistent
[  177.391385][ T9907] syzkaller0: entered promiscuous mode
[  177.396965][ T9907] syzkaller0: entered allmulticast mode
[  177.610157][ T9931] loop2: detected capacity change from 0 to 128
[  177.781220][ T9945] loop2: detected capacity change from 0 to 512
[  177.796752][ T9945] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002]
[  177.805106][ T9945] System zones: 0-2, 18-18, 34-35
[  177.810738][ T9945] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.823286][ T9945] ext4 filesystem being mounted at /root/syzkaller-testdir414381789/syzkaller.fYaXyA/169/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.838502][ T9945] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.931615][ T9953] loop2: detected capacity change from 0 to 256
[  177.947211][ T9953] FAT-fs (loop2): Directory bread(block 64) failed
[  177.953949][ T9953] FAT-fs (loop2): Directory bread(block 65) failed
[  177.961310][ T9953] FAT-fs (loop2): Directory bread(block 66) failed
[  177.969127][ T9953] FAT-fs (loop2): Directory bread(block 67) failed
[  177.975963][ T9953] FAT-fs (loop2): Directory bread(block 68) failed
[  177.982592][ T9953] FAT-fs (loop2): Directory bread(block 69) failed
[  177.989304][ T9953] FAT-fs (loop2): Directory bread(block 70) failed
[  177.996254][ T9953] FAT-fs (loop2): Directory bread(block 71) failed
[  178.002899][ T9953] FAT-fs (loop2): Directory bread(block 72) failed
[  178.009594][ T9953] FAT-fs (loop2): Directory bread(block 73) failed
[  178.016233][   T29] audit: type=1326 audit(1717035801.649:15377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9956 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2fbcdb8ee9 code=0x0
[  178.040164][   T28] kworker/u8:1: attempt to access beyond end of device
[  178.040164][   T28] loop2: rw=1, sector=1224, nr_sectors = 32 limit=256
[  178.053823][   T28] kworker/u8:1: attempt to access beyond end of device
[  178.053823][   T28] loop2: rw=1, sector=1288, nr_sectors = 100 limit=256
[  178.172170][ T9963] syz_tun: tun_net_xmit 14
[  178.229363][   T29] audit: type=1326 audit(1717035801.859:15378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9968 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e63e0cee9 code=0x7ffc0000
[  178.254555][   T29] audit: type=1326 audit(1717035801.859:15379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9968 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e63e0cee9 code=0x7ffc0000
[  178.255026][ T9969] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  178.278933][   T29] audit: type=1326 audit(1717035801.859:15380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9968 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e63e0cee9 code=0x7ffc0000
[  178.278963][   T29] audit: type=1326 audit(1717035801.859:15381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9968 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e63e0cee9 code=0x7ffc0000
[  178.278995][   T29] audit: type=1326 audit(1717035801.859:15382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9968 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e63e0cee9 code=0x7ffc0000
[  178.279016][   T29] audit: type=1326 audit(1717035801.859:15383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9968 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f8e63e0cee9 code=0x7ffc0000
[  178.279039][   T29] audit: type=1326 audit(1717035801.859:15384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9968 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e63e0cee9 code=0x7ffc0000
[  178.279062][   T29] audit: type=1326 audit(1717035801.859:15385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9968 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f8e63e0cee9 code=0x7ffc0000
[  178.312261][ T9969] bridge_slave_1: left allmulticast mode
[  178.312281][ T9969] bridge_slave_1: left promiscuous mode
[  178.312460][ T9969] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.453329][ T9969] bridge_slave_0: left allmulticast mode
[  178.459126][ T9969] bridge_slave_0: left promiscuous mode
[  178.464754][ T9969] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.622442][ T9986] loop2: detected capacity change from 0 to 256
[  178.637397][ T9986] FAT-fs (loop2): Directory bread(block 64) failed
[  178.644124][ T9986] FAT-fs (loop2): Directory bread(block 65) failed
[  178.650842][ T9986] FAT-fs (loop2): Directory bread(block 66) failed
[  178.657550][ T9986] FAT-fs (loop2): Directory bread(block 67) failed
[  178.661898][ T9988] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  178.664153][ T9986] FAT-fs (loop2): Directory bread(block 68) failed
[  178.679341][ T9986] FAT-fs (loop2): Directory bread(block 69) failed
[  178.686035][ T9986] FAT-fs (loop2): Directory bread(block 70) failed
[  178.692580][ T9986] FAT-fs (loop2): Directory bread(block 71) failed
[  178.699193][ T9986] FAT-fs (loop2): Directory bread(block 72) failed
[  178.705760][ T9986] FAT-fs (loop2): Directory bread(block 73) failed
[  178.736629][ T9578] kworker/u8:13: attempt to access beyond end of device
[  178.736629][ T9578] loop2: rw=1, sector=1224, nr_sectors = 32 limit=256
[  178.750676][ T9578] kworker/u8:13: attempt to access beyond end of device
[  178.750676][ T9578] loop2: rw=1, sector=1288, nr_sectors = 100 limit=256
[  178.858160][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port [::1]:20002. Sending cookies.
[  178.915146][T10007] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  178.925423][T10007] netdevsim0: mtu less than device minimum
[  178.958470][T10007] sctp: [Deprecated]: syz-executor.1 (pid 10007) Use of int in maxseg socket option.
[  178.958470][T10007] Use struct sctp_assoc_value instead
[  179.010225][T10009] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  179.019661][T10009] bridge_slave_1: left allmulticast mode
[  179.025322][T10009] bridge_slave_1: left promiscuous mode
[  179.031089][T10009] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.034889][T10018] loop1: detected capacity change from 0 to 256
[  179.045854][T10009] bridge_slave_0: left allmulticast mode
[  179.051531][T10009] bridge_slave_0: left promiscuous mode
[  179.057211][T10009] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.057989][T10018] FAT-fs (loop1): Directory bread(block 64) failed
[  179.070870][T10018] FAT-fs (loop1): Directory bread(block 65) failed
[  179.077479][T10018] FAT-fs (loop1): Directory bread(block 66) failed
[  179.083997][T10018] FAT-fs (loop1): Directory bread(block 67) failed
[  179.090582][T10018] FAT-fs (loop1): Directory bread(block 68) failed
[  179.097231][T10018] FAT-fs (loop1): Directory bread(block 69) failed
[  179.103834][T10018] FAT-fs (loop1): Directory bread(block 70) failed
[  179.110424][T10018] FAT-fs (loop1): Directory bread(block 71) failed
[  179.117032][T10018] FAT-fs (loop1): Directory bread(block 72) failed
[  179.123590][T10018] FAT-fs (loop1): Directory bread(block 73) failed
[  179.153969][ T9586] kworker/u8:19: attempt to access beyond end of device
[  179.153969][ T9586] loop1: rw=1, sector=1224, nr_sectors = 32 limit=256
[  179.168543][ T9586] kworker/u8:19: attempt to access beyond end of device
[  179.168543][ T9586] loop1: rw=1, sector=1288, nr_sectors = 100 limit=256
[  179.228392][T10021] loop1: detected capacity change from 0 to 1024
[  179.237588][T10021] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  179.246786][T10021] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  179.257848][T10021] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854c01c, mo2=0003]
[  179.266081][T10021] System zones: 0-1, 3-36
[  179.271226][T10021] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.284975][T10021] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.1: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  179.292815][T10027] loop3: detected capacity change from 0 to 2048
[  179.424520][ T7220] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.426673][T10048] loop3: detected capacity change from 0 to 256
[  179.450880][T10048] FAT-fs (loop3): Directory bread(block 64) failed
[  179.457533][T10048] FAT-fs (loop3): Directory bread(block 65) failed
[  179.464144][T10048] FAT-fs (loop3): Directory bread(block 66) failed
[  179.470761][T10048] FAT-fs (loop3): Directory bread(block 67) failed
[  179.477424][T10048] FAT-fs (loop3): Directory bread(block 68) failed
[  179.483952][T10048] FAT-fs (loop3): Directory bread(block 69) failed
[  179.490506][T10048] FAT-fs (loop3): Directory bread(block 70) failed
[  179.497112][T10048] FAT-fs (loop3): Directory bread(block 71) failed
[  179.503637][T10048] FAT-fs (loop3): Directory bread(block 72) failed
[  179.510249][T10048] FAT-fs (loop3): Directory bread(block 73) failed
[  179.539517][ T9586] kworker/u8:19: attempt to access beyond end of device
[  179.539517][ T9586] loop3: rw=1, sector=1224, nr_sectors = 32 limit=256
[  179.553368][ T9586] kworker/u8:19: attempt to access beyond end of device
[  179.553368][ T9586] loop3: rw=1, sector=1288, nr_sectors = 100 limit=256
[  179.673422][T10061] netlink: zone id is out of range
[  179.678654][T10061] netlink: zone id is out of range
[  179.683826][T10061] netlink: zone id is out of range
[  179.689052][T10061] netlink: zone id is out of range
[  179.694171][T10061] netlink: zone id is out of range
[  179.699341][T10061] netlink: zone id is out of range
[  179.704646][T10061] netlink: zone id is out of range
[  179.709874][T10061] netlink: zone id is out of range
[  179.721840][T10061] loop3: detected capacity change from 0 to 512
[  179.731330][T10061] EXT4-fs (loop3): filesystem is read-only
[  179.737743][T10061] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  179.749397][T10061] EXT4-fs (loop3): filesystem is read-only
[  179.755275][T10061] EXT4-fs (loop3): orphan cleanup on readonly fs
[  179.762452][T10061] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor.3: bg 0: block 64: padding at end of block bitmap is not set
[  179.777613][T10061] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  179.778703][T10065] atomic_op ffff88812b7d6d28 conn xmit_atomic 0000000000000000
[  179.786838][T10061] EXT4-fs (loop3): 1 orphan inode deleted
[  179.800145][T10061] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  179.824504][ T8405] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.952868][T10088] loop2: detected capacity change from 0 to 128
[  179.962695][T10088] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  179.981191][T10088] ext4 filesystem being mounted at /root/syzkaller-testdir414381789/syzkaller.fYaXyA/187/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  180.061213][ T8016] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  180.221675][T10101] syzkaller0: entered promiscuous mode
[  180.227266][T10101] syzkaller0: entered allmulticast mode
[  180.353078][T10108] Invalid ELF header magic: != ELF
[  180.582120][T10129] loop0: detected capacity change from 0 to 256
[  180.602982][T10129] FAT-fs (loop0): Directory bread(block 64) failed
[  180.609905][T10129] FAT-fs (loop0): Directory bread(block 65) failed
[  180.616805][T10129] FAT-fs (loop0): Directory bread(block 66) failed
[  180.623327][T10129] FAT-fs (loop0): Directory bread(block 67) failed
[  180.629978][T10129] FAT-fs (loop0): Directory bread(block 68) failed
[  180.637495][T10129] FAT-fs (loop0): Directory bread(block 69) failed
[  180.644039][T10129] FAT-fs (loop0): Directory bread(block 70) failed
[  180.650682][T10129] FAT-fs (loop0): Directory bread(block 71) failed
[  180.657312][T10129] FAT-fs (loop0): Directory bread(block 72) failed
[  180.663843][T10129] FAT-fs (loop0): Directory bread(block 73) failed
[  180.711798][T10133] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  180.730441][T10133] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  180.751123][   T28] kworker/u8:1: attempt to access beyond end of device
[  180.751123][   T28] loop0: rw=1, sector=1224, nr_sectors = 32 limit=256
[  180.764900][   T28] kworker/u8:1: attempt to access beyond end of device
[  180.764900][   T28] loop0: rw=1, sector=1288, nr_sectors = 100 limit=256
[  180.789063][T10134] loop1: detected capacity change from 0 to 1764
[  180.914938][T10148] loop0: detected capacity change from 0 to 128
[  180.924780][T10148] FAT-fs (loop0): Unrecognized mount option "þ" or missing value
[  180.927387][T10146] loop1: detected capacity change from 0 to 256
[  180.948060][T10146] FAT-fs (loop1): codepage cp855 not found
[  181.044555][T10157] loop2: detected capacity change from 0 to 8192
[  181.093824][T10170] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  181.118230][T10170] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  181.174791][T10183] loop1: detected capacity change from 0 to 1764
[  181.199274][T10185] loop2: detected capacity change from 0 to 164
[  181.312087][T10209] loop1: detected capacity change from 0 to 1024
[  181.320353][T10209] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (47082!=20869)
[  181.329987][T10209] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  181.340883][T10209] JBD2: no valid journal superblock found
[  181.341797][T10210] Invalid ELF header magic: != ELF
[  181.346674][T10209] EXT4-fs (loop1): Could not load journal inode
[  181.419103][T10209] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  181.428457][T10209] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  181.519280][T10221] team_slave_0: entered promiscuous mode
[  181.524989][T10221] team_slave_1: entered promiscuous mode
[  181.530736][T10221] macsec2: entered promiscuous mode
[  181.536047][T10221] team0: entered promiscuous mode
[  181.541268][T10221] macsec2: entered allmulticast mode
[  181.546555][T10221] team0: entered allmulticast mode
[  181.551650][T10221] team_slave_0: entered allmulticast mode
[  181.557392][T10221] team_slave_1: entered allmulticast mode
[  181.564847][T10221] team0: Device macsec2 is already an upper device of the team interface
[  181.573822][T10221] team0: left allmulticast mode
[  181.578735][T10221] team_slave_0: left allmulticast mode
[  181.584205][T10221] team_slave_1: left allmulticast mode
[  181.589672][T10221] team0: left promiscuous mode
[  181.594648][T10221] team_slave_0: left promiscuous mode
[  181.600110][T10221] team_slave_1: left promiscuous mode
[  181.715242][T10228] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  181.734367][T10228] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  181.791446][T10229] loop1: detected capacity change from 0 to 1764
[  181.894436][T10231] loop1: detected capacity change from 0 to 512
[  181.903366][T10231] EXT4-fs (loop1): 1 truncate cleaned up
[  181.909487][T10231] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.923163][T10231] EXT4-fs error (device loop1): htree_dirblock_to_tree:1082: inode #2: comm syz-executor.1: Directory hole found for htree leaf block
[  181.937222][T10231] EXT4-fs (loop1): Remounting filesystem read-only
[  182.154217][T10249] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  182.163775][T10249] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  182.229688][T10260] loop3: detected capacity change from 0 to 128
[  182.550261][T10277] Invalid ELF header magic: != ELF
[  182.729981][ T7220] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.828126][T10281] loop1: detected capacity change from 0 to 256
[  183.085123][T10294] loop3: detected capacity change from 0 to 256
[  183.100411][T10294] FAT-fs (loop3): Directory bread(block 64) failed
[  183.107551][T10294] FAT-fs (loop3): Directory bread(block 65) failed
[  183.114422][T10294] FAT-fs (loop3): Directory bread(block 66) failed
[  183.121382][T10294] FAT-fs (loop3): Directory bread(block 67) failed
[  183.128016][T10294] FAT-fs (loop3): Directory bread(block 68) failed
[  183.134519][T10294] FAT-fs (loop3): Directory bread(block 69) failed
[  183.141129][T10294] FAT-fs (loop3): Directory bread(block 70) failed
[  183.147699][T10294] FAT-fs (loop3): Directory bread(block 71) failed
[  183.154248][T10294] FAT-fs (loop3): Directory bread(block 72) failed
[  183.160818][T10294] FAT-fs (loop3): Directory bread(block 73) failed
[  183.195873][ T9585] kworker/u8:18: attempt to access beyond end of device
[  183.195873][ T9585] loop3: rw=1, sector=1224, nr_sectors = 32 limit=256
[  183.211278][ T9585] kworker/u8:18: attempt to access beyond end of device
[  183.211278][ T9585] loop3: rw=1, sector=1288, nr_sectors = 100 limit=256
[  183.261314][T10303] loop1: detected capacity change from 0 to 256
[  183.277871][T10310] loop3: detected capacity change from 0 to 1024
[  183.285767][T10310] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (47082!=20869)
[  183.295701][T10310] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  183.308907][T10310] JBD2: no valid journal superblock found
[  183.314754][T10310] EXT4-fs (loop3): Could not load journal inode
[  183.347961][   T29] kauditd_printk_skb: 230 callbacks suppressed
[  183.347976][   T29] audit: type=1400 audit(1717035806.979:15616): avc:  denied  { override_creds } for  pid=10312 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  183.500883][T10326] loop2: detected capacity change from 0 to 512
[  183.508553][T10326] ext4: Unknown parameter ''
[  183.563061][T10331] loop1: detected capacity change from 0 to 256
[  183.578697][T10331] FAT-fs (loop1): Directory bread(block 64) failed
[  183.585352][T10331] FAT-fs (loop1): Directory bread(block 65) failed
[  183.592002][T10331] FAT-fs (loop1): Directory bread(block 66) failed
[  183.599629][T10331] FAT-fs (loop1): Directory bread(block 67) failed
[  183.606499][T10331] FAT-fs (loop1): Directory bread(block 68) failed
[  183.613133][T10331] FAT-fs (loop1): Directory bread(block 69) failed
[  183.620850][T10331] FAT-fs (loop1): Directory bread(block 70) failed
[  183.627501][T10331] FAT-fs (loop1): Directory bread(block 71) failed
[  183.634158][T10331] FAT-fs (loop1): Directory bread(block 72) failed
[  183.642084][T10331] FAT-fs (loop1): Directory bread(block 73) failed
[  183.673831][ T9578] kworker/u8:13: attempt to access beyond end of device
[  183.673831][ T9578] loop1: rw=1, sector=1224, nr_sectors = 32 limit=256
[  183.687649][ T9578] kworker/u8:13: attempt to access beyond end of device
[  183.687649][ T9578] loop1: rw=1, sector=1288, nr_sectors = 100 limit=256
[  183.859995][T10339] loop1: detected capacity change from 0 to 256
[  184.278538][T10351] loop3: detected capacity change from 0 to 1024
[  184.286672][T10351] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (47082!=20869)
[  184.297972][T10351] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  184.309460][T10351] JBD2: no valid journal superblock found
[  184.315349][T10351] EXT4-fs (loop3): Could not load journal inode
[  184.557900][T10358] loop2: detected capacity change from 0 to 256
[  184.588728][T10358] FAT-fs (loop2): Directory bread(block 64) failed
[  184.601673][T10358] FAT-fs (loop2): Directory bread(block 65) failed
[  184.617748][T10358] FAT-fs (loop2): Directory bread(block 66) failed
[  184.630307][T10358] FAT-fs (loop2): Directory bread(block 67) failed
[  184.637426][T10358] FAT-fs (loop2): Directory bread(block 68) failed
[  184.643957][T10358] FAT-fs (loop2): Directory bread(block 69) failed
[  184.650790][T10358] FAT-fs (loop2): Directory bread(block 70) failed
[  184.657343][T10358] FAT-fs (loop2): Directory bread(block 71) failed
[  184.663855][T10358] FAT-fs (loop2): Directory bread(block 72) failed
[  184.670410][T10358] FAT-fs (loop2): Directory bread(block 73) failed
[  184.705845][ T9578] kworker/u8:13: attempt to access beyond end of device
[  184.705845][ T9578] loop2: rw=1, sector=1224, nr_sectors = 32 limit=256
[  184.725170][ T9578] kworker/u8:13: attempt to access beyond end of device
[  184.725170][ T9578] loop2: rw=1, sector=1288, nr_sectors = 100 limit=256
[  184.881610][T10368] loop2: detected capacity change from 0 to 1768
[  185.097217][T10374] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  185.103758][T10374] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  185.111440][T10374] vhci_hcd vhci_hcd.0: Device attached
[  185.122522][T10376] usbip_core: unknown command
[  185.127350][T10376] vhci_hcd: unknown pdu 2071284321
[  185.132567][T10376] usbip_core: unknown command
[  185.139368][ T9578] vhci_hcd: stop threads
[  185.143646][ T9578] vhci_hcd: release socket
[  185.148101][ T9578] vhci_hcd: disconnect device
[  185.202899][T10383] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4776 sclass=netlink_route_socket pid=10383 comm=syz-executor.0
[  185.400415][T10394] vlan2: entered allmulticast mode
[  185.405592][T10394] bridge_slave_0: entered allmulticast mode
[  185.496960][T10404] loop3: detected capacity change from 0 to 1764
[  185.836942][   T29] audit: type=1400 audit(1717035809.459:15617): avc:  denied  { bind } for  pid=10425 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  185.897803][T10434] __nla_validate_parse: 6 callbacks suppressed
[  185.897817][T10434] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  185.931582][T10439] loop1: detected capacity change from 0 to 512
[  185.933586][T10434] loop2: detected capacity change from 0 to 1764
[  185.948967][T10439] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.961536][T10439] ext4 filesystem being mounted at /root/syzkaller-testdir529388395/syzkaller.0D2h9x/289/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  185.980014][   T29] audit: type=1400 audit(1717035809.609:15618): avc:  denied  { map } for  pid=10438 comm="syz-executor.1" path="pipe:[19512]" dev="pipefs" ino=19512 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  186.011590][T10439] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  186.018101][T10439] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  186.025743][T10439] vhci_hcd vhci_hcd.0: Device attached
[  186.061834][T10443] vhci_hcd: connection closed
[  186.062006][ T9578] vhci_hcd: stop threads
[  186.071076][ T9578] vhci_hcd: release socket
[  186.075596][ T9578] vhci_hcd: disconnect device
[  186.083794][   T29] audit: type=1326 audit(1717035809.709:15619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10445 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f8e63e0a667 code=0x0
[  186.296998][ T9578] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.332840][T10571] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  186.344298][ T9578] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.399067][T10621] loop3: detected capacity change from 0 to 2048
[  186.399497][ T9578] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.419568][T10621] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.435222][   T29] audit: type=1326 audit(1717035810.069:15620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10620 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2fbcdb6667 code=0x7ffc0000
[  186.459820][   T29] audit: type=1326 audit(1717035810.069:15621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10620 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2fbcd7c329 code=0x7ffc0000
[  186.483886][   T29] audit: type=1326 audit(1717035810.069:15622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10620 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2fbcdb6667 code=0x7ffc0000
[  186.508107][   T29] audit: type=1326 audit(1717035810.069:15623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10620 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2fbcd7c329 code=0x7ffc0000
[  186.532139][   T29] audit: type=1326 audit(1717035810.069:15624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10620 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbcdb8ee9 code=0x7ffc0000
[  186.556481][   T29] audit: type=1326 audit(1717035810.069:15625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10620 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2fbcdb6667 code=0x7ffc0000
[  186.584480][ T7220] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.594944][ T9578] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.598654][T10621] net_ratelimit: 17 callbacks suppressed
[  186.598667][T10621] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  186.693138][ T9578] bridge_slave_0: left allmulticast mode
[  186.698874][ T9578] bridge_slave_0: left promiscuous mode
[  186.704614][ T9578] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.731162][ T8405] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.796257][T10640] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  186.838587][ T9578] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  186.848948][ T9578] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  186.859778][ T9578] bond0 (unregistering): Released all slaves
[  186.971868][T10657] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.1'.
[  186.981617][T10657] 0ªX¹¦D: renamed from gretap0 (while UP)
[  186.989275][T10657] 0ªX¹¦D: entered allmulticast mode
[  186.995223][T10657] A link change request failed with some changes committed already. Interface 
40ªX¹¦D may have been left with an inconsistent configuration, please check.
[  187.043841][ T9578] hsr_slave_0: left promiscuous mode
[  187.049996][ T9578] hsr_slave_1: left promiscuous mode
[  187.057186][ T9578] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.064670][ T9578] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.083186][ T9578] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.090742][ T9578] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.101371][ T9578] veth1_macvtap: left promiscuous mode
[  187.106939][ T9578] veth0_macvtap: left promiscuous mode
[  187.112539][ T9578] veth1_vlan: left promiscuous mode
[  187.159916][ T9578] pim6reg (unregistering): left allmulticast mode
[  187.170514][ T9578] team0 (unregistering): Port device vlan2 removed
[  187.232010][ T9578] team0 (unregistering): Port device team_slave_1 removed
[  187.242440][ T9578] team0 (unregistering): Port device team_slave_0 removed
[  187.319127][T10694] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  187.352571][T10694] loop1: detected capacity change from 0 to 1764
[  187.422022][T10668] chnl_net:caif_netlink_parms(): no params data found
[  187.431925][T10704] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  187.474569][T10668] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.481736][T10668] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.488942][T10668] bridge_slave_0: entered allmulticast mode
[  187.495378][T10668] bridge_slave_0: entered promiscuous mode
[  187.502995][T10668] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.510174][T10668] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.517428][T10668] bridge_slave_1: entered allmulticast mode
[  187.524197][T10668] bridge_slave_1: entered promiscuous mode
[  187.540119][T10668] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.551038][T10668] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  187.572054][T10668] team0: Port device team_slave_0 added
[  187.578488][T10668] team0: Port device team_slave_1 added
[  187.593472][T10668] batman_adv: batadv0: Adding interface: batadv_slave_0
[  187.600560][T10668] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.626478][T10668] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  187.637870][T10668] batman_adv: batadv0: Adding interface: batadv_slave_1
[  187.644876][T10668] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.670986][T10668] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  187.706525][T10668] hsr_slave_0: entered promiscuous mode
[  187.712795][T10668] hsr_slave_1: entered promiscuous mode
[  187.718968][T10668] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  187.726659][T10668] Cannot create hsr debugfs directory
[  188.049888][T10668] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  188.059228][T10668] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  188.068203][T10668] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  188.078738][T10668] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  188.121381][T10668] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.134940][T10668] 8021q: adding VLAN 0 to HW filter on device team0
[  188.145486][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.152581][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.170308][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.177648][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.195196][T10668] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  188.205616][T10668] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  188.275841][T10668] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.319075][T10749] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  188.367587][T10749] loop2: detected capacity change from 0 to 1764
[  188.401703][   T29] kauditd_printk_skb: 1102 callbacks suppressed
[  188.401769][   T29] audit: type=1400 audit(1717035812.029:16728): avc:  denied  { mounton } for  pid=10765 comm="syz-executor.3" path="/proc/10765/cgroup" dev="proc" ino=34611 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  188.432134][   T29] audit: type=1400 audit(1717035812.049:16729): avc:  denied  { mounton } for  pid=10765 comm="syz-executor.3" path="/proc/10765/cgroup" dev="nsfs" ino=4026532421 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  188.456462][   T29] audit: type=1400 audit(1717035812.049:16730): avc:  denied  { remount } for  pid=10765 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=filesystem permissive=1
[  188.487962][T10668] veth0_vlan: entered promiscuous mode
[  188.497125][T10668] veth1_vlan: entered promiscuous mode
[  188.513368][T10668] veth0_macvtap: entered promiscuous mode
[  188.521399][T10668] veth1_macvtap: entered promiscuous mode
[  188.533020][T10668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.543570][T10668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.553427][T10668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.563913][T10668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.573766][T10668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.584225][T10668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.594085][T10668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.604740][T10668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.614579][T10668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.620727][   T29] audit: type=1400 audit(1717035812.239:16731): avc:  denied  { create } for  pid=10785 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  188.625008][T10668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.647593][T10668] batman_adv: batadv0: Interface activated: batadv_slave_0
[  188.665002][   T29] audit: type=1400 audit(1717035812.259:16732): avc:  denied  { write } for  pid=10785 comm="syz-executor.1" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  188.669057][T10668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.699229][T10668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.709099][T10668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.719587][T10668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.729497][T10668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.739953][T10668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.749807][T10668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.760255][T10668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.770102][T10668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.780549][T10668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.792518][T10668] batman_adv: batadv0: Interface activated: batadv_slave_1
[  188.801361][T10668] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  188.810169][T10668] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  188.818903][T10668] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  188.827774][T10668] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.860388][T10802] loop1: detected capacity change from 0 to 512
[  188.872155][T10802] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino
[  188.888961][T10802] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117)
[  188.890364][T10808] loop4: detected capacity change from 0 to 2048
[  188.903426][T10802] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.928402][ T7220] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.964837][T10808]  loop4: unable to read partition table
[  188.970713][T10808] loop4: partition table beyond EOD, truncated
[  188.976946][T10808] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[  189.030243][T10814] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  189.058157][T10814] loop1: detected capacity change from 0 to 1764
[  189.072153][T10818] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  189.081690][T10818] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  189.091974][T10818] 9pnet_fd: Insufficient options for proto=fd
[  189.098940][T10818] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.4'.
[  189.143662][T10820] loop4: detected capacity change from 0 to 256
[  189.221748][   T29] audit: type=1400 audit(1717035812.849:16733): avc:  denied  { map } for  pid=10825 comm="syz-executor.4" path="/dev/usbmon0" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  189.256423][   T29] audit: type=1400 audit(1717035812.889:16734): avc:  denied  { lock } for  pid=10831 comm="syz-executor.0" path="socket:[35036]" dev="sockfs" ino=35036 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  189.258945][T10832] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13263 sclass=netlink_route_socket pid=10832 comm=syz-executor.0
[  189.295399][T10834] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  189.320468][   T29] audit: type=1400 audit(1717035812.949:16735): avc:  denied  { view } for  pid=10835 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  189.324437][T10840] loop1: detected capacity change from 0 to 256
[  189.392557][T10846] loop4: detected capacity change from 0 to 1764
[  189.426887][T10852] loop1: detected capacity change from 0 to 256
[  189.529056][   T29] audit: type=1400 audit(1717035813.159:16736): avc:  denied  { module_load } for  pid=10865 comm="syz-executor.3" path="/root/syzkaller-testdir4116209090/syzkaller.lPzOuY/168/bus" dev="sda1" ino=1964 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=system permissive=1
[  189.681732][T10883] loop3: detected capacity change from 0 to 1764
[  189.930876][   T29] audit: type=1400 audit(1717035813.559:16737): avc:  denied  { execute } for  pid=10896 comm="syz-executor.3" path=2F6D656D66643A59FFFF202864656C6574656429 dev="hugetlbfs" ino=35911 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  190.271200][T10915] bridge0: port 1(hsr0) entered blocking state
[  190.277593][T10915] bridge0: port 1(hsr0) entered disabled state
[  190.284022][T10915] hsr0: entered allmulticast mode
[  190.289089][T10915] hsr_slave_0: entered allmulticast mode
[  190.294784][T10915] hsr_slave_1: entered allmulticast mode
[  190.300851][T10915] hsr0: left allmulticast mode
[  190.305718][T10915] hsr_slave_0: left allmulticast mode
[  190.311092][T10915] hsr_slave_1: left allmulticast mode
[  190.516236][T10934] syz-executor.1: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0
[  190.531507][T10934] CPU: 1 PID: 10934 Comm: syz-executor.1 Tainted: G        W          6.10.0-rc1-syzkaller-00027-g4a4be1ad3a6e #0
[  190.543519][T10934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  190.553669][T10934] Call Trace:
[  190.556955][T10934]  <TASK>
[  190.559877][T10934]  dump_stack_lvl+0xf2/0x150
[  190.564520][T10934]  dump_stack+0x15/0x20
[  190.568732][T10934]  warn_alloc+0x145/0x1b0
[  190.573052][T10934]  ? __schedule+0x5e8/0x940
[  190.577603][T10934]  ? __vmalloc_node_range_noprof+0x8c/0xef0
[  190.583489][T10934]  __vmalloc_node_range_noprof+0xac/0xef0
[  190.589203][T10934]  ? __pfx_futex_wake_mark+0x10/0x10
[  190.594551][T10934]  ? avc_has_perm_noaudit+0x1cc/0x210
[  190.600013][T10934]  ? xskq_create+0x36/0xd0
[  190.604790][T10934]  vmalloc_user_noprof+0x59/0x70
[  190.609719][T10934]  ? xskq_create+0x79/0xd0
[  190.614128][T10934]  xskq_create+0x79/0xd0
[  190.618378][T10934]  xsk_init_queue+0x82/0xd0
[  190.622874][T10934]  xsk_setsockopt+0x388/0x520
[  190.627552][T10934]  ? __pfx_xsk_setsockopt+0x10/0x10
[  190.632811][T10934]  __sys_setsockopt+0x1d8/0x250
[  190.637660][T10934]  __x64_sys_setsockopt+0x66/0x80
[  190.642764][T10934]  x64_sys_call+0x1183/0x2d70
[  190.647496][T10934]  do_syscall_64+0xc9/0x1c0
[  190.652082][T10934]  ? clear_bhb_loop+0x55/0xb0
[  190.656833][T10934]  ? clear_bhb_loop+0x55/0xb0
[  190.661570][T10934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.667457][T10934] RIP: 0033:0x7f552757aee9
[  190.671872][T10934] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  190.691466][T10934] RSP: 002b:00007f55268f50c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  190.699871][T10934] RAX: ffffffffffffffda RBX: 00007f55276b1fa0 RCX: 00007f552757aee9
[  190.707830][T10934] RDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000004
[  190.715789][T10934] RBP: 00007f55275c747f R08: 0000000000000004 R09: 0000000000000000
[  190.723799][T10934] R10: 00000000200013c0 R11: 0000000000000246 R12: 0000000000000000
[  190.731760][T10934] R13: 000000000000004d R14: 00007f55276b1fa0 R15: 00007fffc796c238
[  190.739719][T10934]  </TASK>
[  190.742902][T10934] Mem-Info:
[  190.746111][T10934] active_anon:1666 inactive_anon:26769 isolated_anon:0
[  190.746111][T10934]  active_file:9718 inactive_file:10566 isolated_file:0
[  190.746111][T10934]  unevictable:0 dirty:47 writeback:0
[  190.746111][T10934]  slab_reclaimable:2991 slab_unreclaimable:15385
[  190.746111][T10934]  mapped:18956 shmem:11040 pagetables:603
[  190.746111][T10934]  sec_pagetables:0 bounce:0
[  190.746111][T10934]  kernel_misc_reclaimable:0
[  190.746111][T10934]  free:1888726 free_pcp:8224 free_cma:0
[  190.791249][T10934] Node 0 active_anon:6664kB inactive_anon:107076kB active_file:38872kB inactive_file:42264kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:75824kB dirty:188kB writeback:0kB shmem:44160kB writeback_tmp:0kB kernel_stack:3792kB pagetables:2412kB sec_pagetables:0kB all_unreclaimable? no
[  190.819557][T10934] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  190.846404][T10934] lowmem_reserve[]: 0 2874 7852 0
[  190.851492][T10934] Node 0 DMA32 free:2957056kB boost:0kB min:4144kB low:7084kB high:10024kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2960692kB mlocked:0kB bounce:0kB free_pcp:3636kB local_pcp:3540kB free_cma:0kB
[  190.880148][T10934] lowmem_reserve[]: 0 0 4978 0
[  190.884941][T10934] Node 0 Normal free:4582488kB boost:0kB min:7180kB low:12276kB high:17372kB reserved_highatomic:0KB active_anon:6664kB inactive_anon:107076kB active_file:38872kB inactive_file:42264kB unevictable:0kB writepending:184kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:29188kB local_pcp:7220kB free_cma:0kB
[  190.915372][T10934] lowmem_reserve[]: 0 0 0 0
[  190.919880][T10934] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  190.932656][T10934] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 2*16kB (M) 4*32kB (M) 3*64kB (M) 3*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 1*2048kB (M) 720*4096kB (M) = 2957056kB
[  190.948790][T10934] Node 0 Normal: 1469*4kB (UME) 272*8kB (UME) 44*16kB (UM) 59*32kB (UE) 21*64kB (U) 29*128kB (UME) 31*256kB (UME) 44*512kB (UM) 90*1024kB (UM) 60*2048kB (UM) 1055*4096kB (UME) = 4582484kB
[  190.967950][T10934] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  190.977221][T10934] 31471 total pagecache pages
[  190.981884][T10934] 176 pages in swap cache
[  190.986273][T10934] Free swap  = 123516kB
[  190.990433][T10934] Total swap = 124996kB
[  190.994592][T10934] 2097051 pages RAM
[  190.998389][T10934] 0 pages HighMem/MovableOnly
[  191.003120][T10934] 78486 pages reserved
[  191.170908][T10961] loop1: detected capacity change from 0 to 512
[  191.179958][T10961] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  191.188403][T10961] EXT4-fs (loop1): orphan cleanup on readonly fs
[  191.195042][T10961] EXT4-fs warning (device loop1): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  191.210072][T10961] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  191.217557][T10961] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor.1: bg 0: block 40: padding at end of block bitmap is not set
[  191.232405][T10961] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  191.242918][T10961] EXT4-fs (loop1): 1 truncate cleaned up
[  191.248978][T10961] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  191.263245][T10961] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #16: comm syz-executor.1: corrupted xattr block 31: invalid header
[  191.277227][T10961] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  191.287491][T10961] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #16: comm syz-executor.1: corrupted xattr block 31: invalid header
[  191.303054][T10961] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  191.312626][T10961] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz-executor.1: bad symlink.
[  191.411969][T10971] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  191.432005][T10961] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #16: comm syz-executor.1: corrupted xattr block 31: invalid header
[  191.445986][T10961] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  191.455096][T10961] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz-executor.1: bad symlink.
[  191.475140][ T7220] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.749938][T10986] loop2: detected capacity change from 0 to 1024
[  191.757894][T10986] EXT4-fs: Ignoring removed orlov option
[  191.764027][T10986] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  191.774979][T10986] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[  191.785954][T10986] EXT4-fs (loop2): invalid journal inode
[  191.791695][T10986] EXT4-fs (loop2): can't get journal size
[  191.799161][T10986] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  191.824108][ T8016] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.827870][T10989] __nla_validate_parse: 3 callbacks suppressed
[  191.827883][T10989] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  191.916294][T11001] loop3: detected capacity change from 0 to 256
[  191.946526][T11001] 9pnet_virtio: no channels available for device 127.0.0.1
[  192.001278][T11009] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  192.040404][T11010] loop1: detected capacity change from 0 to 2048
[  192.089070][T11013] loop0: detected capacity change from 0 to 512
[  192.097916][T11013] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor.0: invalid indirect mapped block 256 (level 1)
[  192.113152][T11013] EXT4-fs (loop0): Remounting filesystem read-only
[  192.114835][T11017] loop3: detected capacity change from 0 to 256
[  192.119911][T11013] EXT4-fs (loop0): 1 truncate cleaned up
[  192.133179][T11013] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.145315][T11013] SELinux: (dev loop0, type ext4) getxattr errno 5
[  192.152353][T11013] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.277901][T11027] loop0: detected capacity change from 0 to 1764
[  192.398998][T11044] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  192.408618][T11044] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  192.417499][T11048] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  192.418806][T11044] 9pnet_fd: Insufficient options for proto=fd
[  192.505862][T11057] loop0: detected capacity change from 0 to 1764
[  192.594016][T11063] loop0: detected capacity change from 0 to 1024
[  192.600727][T11063] ext4: Bad value for 'jqfmt'
[  192.666031][T11067] netem: incorrect ge model size
[  192.670999][T11067] netem: change failed
[  192.702935][T11073] loop0: detected capacity change from 0 to 512
[  192.710858][T11073] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz-executor.0: invalid indirect mapped block 256 (level 2)
[  192.725089][T11073] EXT4-fs (loop0): 2 truncates cleaned up
[  192.731689][T11073] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.745170][T11073] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.850694][T11073] netlink: 'syz-executor.0': attribute type 19 has an invalid length.
[  192.858978][T11073] netlink: 'syz-executor.0': attribute type 19 has an invalid length.
[  192.891445][T11076] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  193.135940][T11089] loop0: detected capacity change from 0 to 1764
[  193.271961][T11103] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  193.326456][T11114] loop1: detected capacity change from 0 to 128
[  194.099155][T11114] syz-executor.1 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=1000
[  194.113759][T11114] CPU: 0 PID: 11114 Comm: syz-executor.1 Tainted: G        W          6.10.0-rc1-syzkaller-00027-g4a4be1ad3a6e #0
[  194.125820][T11114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  194.135877][T11114] Call Trace:
[  194.139280][T11114]  <TASK>
[  194.142207][T11114]  dump_stack_lvl+0xf2/0x150
[  194.146945][T11114]  dump_stack+0x15/0x20
[  194.151259][T11114]  dump_header+0x83/0x2d0
[  194.155623][T11114]  oom_kill_process+0x33e/0x4c0
[  194.160476][T11114]  out_of_memory+0x9af/0xbe0
[  194.165067][T11114]  mem_cgroup_out_of_memory+0x13e/0x190
[  194.170627][T11114]  try_charge_memcg+0x745/0xcd0
[  194.175585][T11114]  ? get_page_from_freelist+0x1a42/0x1a80
[  194.181375][T11114]  obj_cgroup_charge_pages+0xbd/0x1d0
[  194.186960][T11114]  __memcg_kmem_charge_page+0x9d/0x170
[  194.192465][T11114]  __alloc_pages_noprof+0x1bc/0x360
[  194.197671][T11114]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  194.203120][T11114]  alloc_pages_noprof+0xe1/0x100
[  194.208118][T11114]  __vmalloc_node_range_noprof+0x719/0xef0
[  194.213960][T11114]  kvmalloc_node_noprof+0x121/0x170
[  194.219312][T11114]  ? ip_set_alloc+0x1f/0x30
[  194.223946][T11114]  ip_set_alloc+0x1f/0x30
[  194.228355][T11114]  hash_netiface_create+0x273/0x730
[  194.233608][T11114]  ? __nla_parse+0x40/0x60
[  194.238029][T11114]  ? __pfx_hash_netiface_create+0x10/0x10
[  194.243755][T11114]  ip_set_create+0x359/0x8a0
[  194.248422][T11114]  ? memchr+0x1/0x50
[  194.252336][T11114]  ? __nla_parse+0x40/0x60
[  194.256764][T11114]  nfnetlink_rcv_msg+0x4a9/0x570
[  194.261743][T11114]  netlink_rcv_skb+0x12c/0x230
[  194.266567][T11114]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  194.272051][T11114]  nfnetlink_rcv+0x16c/0x15b0
[  194.276865][T11114]  ? kmem_cache_free+0xd8/0x280
[  194.281739][T11114]  ? nlmon_xmit+0x51/0x60
[  194.286078][T11114]  ? __kfree_skb+0x102/0x150
[  194.290744][T11114]  ? consume_skb+0x57/0x180
[  194.295305][T11114]  ? nlmon_xmit+0x51/0x60
[  194.295725][   T29] kauditd_printk_skb: 92 callbacks suppressed
[  194.295737][   T29] audit: type=1400 audit(1717035817.899:16829): avc:  denied  { mount } for  pid=11121 comm="syz-executor.2" name="/" dev="hugetlbfs" ino=36270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  194.299631][T11114]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  194.334730][T11114]  ? __dev_queue_xmit+0xb21/0x1e50
[  194.339962][T11114]  ? ref_tracker_free+0x3a5/0x410
[  194.344990][T11114]  ? __netlink_deliver_tap+0x495/0x4c0
[  194.350529][T11114]  netlink_unicast+0x58d/0x660
[  194.355377][T11114]  netlink_sendmsg+0x5ca/0x6e0
[  194.360222][T11114]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.365509][T11114]  __sock_sendmsg+0x140/0x180
[  194.370197][T11114]  ____sys_sendmsg+0x312/0x410
[  194.374962][T11114]  __sys_sendmsg+0x1e9/0x280
[  194.379663][T11114]  __x64_sys_sendmsg+0x46/0x50
[  194.384425][T11114]  x64_sys_call+0xb25/0x2d70
[  194.389012][T11114]  do_syscall_64+0xc9/0x1c0
[  194.393590][T11114]  ? clear_bhb_loop+0x55/0xb0
[  194.398308][T11114]  ? clear_bhb_loop+0x55/0xb0
[  194.402987][T11114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.408957][T11114] RIP: 0033:0x7f552757aee9
[  194.413418][T11114] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  194.433017][T11114] RSP: 002b:00007f55268f50c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.441422][T11114] RAX: ffffffffffffffda RBX: 00007f55276b1fa0 RCX: 00007f552757aee9
[  194.449403][T11114] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000006
[  194.457364][T11114] RBP: 00007f55275c747f R08: 0000000000000000 R09: 0000000000000000
[  194.465389][T11114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  194.473360][T11114] R13: 000000000000004d R14: 00007f55276b1fa0 R15: 00007fffc796c238
[  194.481376][T11114]  </TASK>
[  194.485178][T11114] memory: usage 307200kB, limit 307200kB, failcnt 102
[  194.492179][T11114] memory+swap: usage 307672kB, limit 9007199254740988kB, failcnt 0
[  194.498997][T11123] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  194.500097][T11114] kmem: usage 307156kB, limit 9007199254740988kB, failcnt 0
[  194.514674][T11114] Memory cgroup stats for /syz1:
[  194.514859][T11114] cache 32768
[  194.523092][T11114] rss 8192
[  194.526132][T11114] shmem 0
[  194.529112][T11114] mapped_file 0
[  194.532577][T11114] dirty 0
[  194.535537][T11114] writeback 0
[  194.538813][T11114] workingset_refault_anon 17
[  194.543390][T11114] workingset_refault_file 5
[  194.547894][T11114] swap 483328
[  194.551169][T11114] swapcached 8192
[  194.554792][T11114] pgpgin 129330
[  194.558509][T11114] pgpgout 129319
[  194.562120][T11114] pgfault 154657
[  194.565806][T11114] pgmajfault 14
[  194.569262][T11114] inactive_anon 8192
[  194.573223][T11114] active_anon 0
[  194.576712][T11114] inactive_file 0
[  194.580344][T11114] active_file 36864
[  194.584141][T11114] unevictable 0
[  194.587656][T11114] hierarchical_memory_limit 314572800
[  194.593021][T11114] hierarchical_memsw_limit 9223372036854771712
[  194.599190][T11114] total_cache 32768
[  194.603003][T11114] total_rss 8192
[  194.606561][T11114] total_shmem 0
[  194.610049][T11114] total_mapped_file 0
[  194.614018][T11114] total_dirty 0
[  194.617533][T11114] total_writeback 0
[  194.621336][T11114] total_workingset_refault_anon 17
[  194.626503][T11114] total_workingset_refault_file 5
[  194.631516][T11114] total_swap 483328
[  194.635314][T11114] total_swapcached 8192
[  194.639558][T11114] total_pgpgin 129330
[  194.643539][T11114] total_pgpgout 129319
[  194.647643][T11114] total_pgfault 154657
[  194.651708][T11114] total_pgmajfault 14
[  194.655758][T11114] total_inactive_anon 8192
[  194.660200][T11114] total_active_anon 0
[  194.664165][T11114] total_inactive_file 0
[  194.668362][T11114] total_active_file 36864
[  194.672747][T11114] total_unevictable 0
[  194.676765][T11114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=11113,uid=0
[  194.692213][T11114] Memory cgroup out of memory: Killed process 11113 (syz-executor.1) total-vm:46572kB, anon-rss:424kB, file-rss:8888kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[  194.752433][T11132] netlink: 'syz-executor.3': attribute type 21 has an invalid length.
[  194.760705][T11132] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.3'.
[  194.786931][T11128] loop4: detected capacity change from 0 to 1764
[  195.041933][T11142] loop2: detected capacity change from 0 to 512
[  195.050598][T11142] EXT4-fs: Ignoring removed orlov option
[  195.062124][T11142] EXT4-fs: Ignoring removed nomblk_io_submit option
[  195.069919][T11142] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  195.097792][T11142] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  195.105774][T11142] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e128, mo2=0002]
[  195.117386][T11142] EXT4-fs (loop2): orphan cleanup on readonly fs
[  195.124339][T11142] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[  195.132644][T11158] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  195.133946][T11142] EXT4-fs warning (device loop2): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  195.155595][T11142] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  195.162945][T11142] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor.2: bg 0: block 40: padding at end of block bitmap is not set
[  195.178171][T11142] EXT4-fs (loop2): Remounting filesystem read-only
[  195.185146][T11142] EXT4-fs (loop2): 1 truncate cleaned up
[  195.191908][T11142] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  195.204563][T11142] SELinux: (dev loop2, type ext4) getxattr errno 5
[  195.211814][T11142] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.320557][T11169] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  195.337846][T11169] 8021q: adding VLAN 0 to HW filter on device bond1
[  195.345220][T11169] team0: Port device bond1 added
[  195.387766][T11174] loop1: detected capacity change from 0 to 512
[  195.397001][T11174] EXT4-fs: Ignoring removed orlov option
[  195.402742][T11174] EXT4-fs: Ignoring removed nomblk_io_submit option
[  195.410068][T11174] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  195.427950][T11174] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  195.430095][T11176] loop2: detected capacity change from 0 to 1764
[  195.436032][T11174] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e128, mo2=0002]
[  195.452466][T11174] EXT4-fs (loop1): orphan cleanup on readonly fs
[  195.459289][T11174] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[  195.469563][T11174] EXT4-fs warning (device loop1): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  195.484224][T11174] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  195.491728][T11174] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor.1: bg 0: block 40: padding at end of block bitmap is not set
[  195.507740][T11174] EXT4-fs (loop1): Remounting filesystem read-only
[  195.514390][T11174] EXT4-fs (loop1): 1 truncate cleaned up
[  195.520967][T11174] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  195.533514][T11174] SELinux: (dev loop1, type ext4) getxattr errno 5
[  195.540307][T11174] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.589345][T11180] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.2'.
[  195.652742][T11186] loop1: detected capacity change from 0 to 256
[  195.662622][T11186] xt_NFQUEUE: number of total queues is 0
[  195.772902][   T29] audit: type=1400 audit(1717035819.399:16830): avc:  denied  { mounton } for  pid=11185 comm="syz-executor.1" path="/root/syzkaller-testdir529388395/syzkaller.0D2h9x/339/file0/file0" dev="loop1" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  195.838053][T11193] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  195.943302][T11201] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  196.049307][T11219] loop4: detected capacity change from 0 to 1764
[  196.240346][T11239] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  196.325187][T11255] Invalid ELF header len 33
[  196.504174][   T29] audit: type=1400 audit(1717035820.129:16831): avc:  denied  { ioctl } for  pid=11257 comm="syz-executor.2" path="socket:[35710]" dev="sockfs" ino=35710 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  196.609145][T11265] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  197.004987][T11278] block device autoloading is deprecated and will be removed.
[  197.012758][T11278] syz-executor.1: attempt to access beyond end of device
[  197.012758][T11278] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  197.074051][T11286] loop1: detected capacity change from 0 to 512
[  197.082363][T11286] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  197.091495][T11286] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  197.095092][T11289] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  197.119035][T11286] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[  197.144092][T11286] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  197.154781][T11286] System zones: 0-2, 18-18, 34-34
[  197.168473][T11286] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  197.206942][T11286] EXT4-fs (loop1): 1 truncate cleaned up
[  197.214607][T11286] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.241453][T11286] EXT4-fs error (device loop1): ext4_find_dest_de:2111: inode #2: block 3: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  197.263964][T11286] EXT4-fs error (device loop1): ext4_find_dest_de:2111: inode #2: block 3: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  197.289824][   T29] audit: type=1400 audit(1717035820.919:16832): avc:  denied  { ioctl } for  pid=11285 comm="syz-executor.1" path="socket:[36573]" dev="sockfs" ino=36573 ioctlcmd=0x9367 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  197.354870][ T7220] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.417625][   T29] audit: type=1400 audit(1717035821.049:16833): avc:  denied  { execute } for  pid=11330 comm="syz-executor.1" path="/dev/bsg/blkio.throttle.io_service_bytes_recursive" dev="devtmpfs" ino=555 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=file permissive=1
[  197.517856][T11338] loop0: detected capacity change from 0 to 512
[  197.529207][T11338] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino
[  197.538032][T11341] syz-executor.1: attempt to access beyond end of device
[  197.538032][T11341] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  197.543645][T11338] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117)
[  197.570395][T11338] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.593924][   T29] audit: type=1400 audit(1717035821.219:16834): avc:  denied  { read } for  pid=11337 comm="syz-executor.0" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[  197.617818][   T29] audit: type=1400 audit(1717035821.229:16835): avc:  denied  { open } for  pid=11337 comm="syz-executor.0" path="/" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[  197.660205][ T9534] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.811532][T11357] Invalid ELF header len 33
[  197.826949][T11358] dvmrp0: entered allmulticast mode
[  198.106688][T11368] loop4: detected capacity change from 0 to 512
[  198.115519][T11368] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  198.127400][T11368] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  198.142701][T11368] EXT4-fs (loop4): Remounting filesystem read-only
[  198.151270][T11368] EXT4-fs warning (device loop4): ext4_evict_inode:254: couldn't mark inode dirty (err -5)
[  198.161509][T11368] EXT4-fs (loop4): 1 orphan inode deleted
[  198.167807][T11368] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.180912][T11368] SELinux: (dev loop4, type ext4) getxattr errno 5
[  198.189267][T11368] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.198446][T11378] loop2: detected capacity change from 0 to 128
[  198.241779][   T29] audit: type=1326 audit(1717035821.869:16836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11366 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f185acb1ee9 code=0x0
[  198.794068][T11436] syz-executor.0: attempt to access beyond end of device
[  198.794068][T11436] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  199.026459][T11445] Invalid ELF header len 33
[  199.316020][T11455] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  199.327102][T11454] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  199.488206][T11469] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  199.524071][T11474] loop2: detected capacity change from 0 to 512
[  199.532153][T11474] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  199.544629][T11474] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  199.559302][T11474] EXT4-fs (loop2): Remounting filesystem read-only
[  199.565989][T11474] EXT4-fs warning (device loop2): ext4_evict_inode:254: couldn't mark inode dirty (err -5)
[  199.576201][T11474] EXT4-fs (loop2): 1 orphan inode deleted
[  199.582308][T11474] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.594363][T11474] SELinux: (dev loop2, type ext4) getxattr errno 5
[  199.601520][T11474] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.650862][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  199.650874][   T29] audit: type=1326 audit(1717035823.279:16839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11472 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8e63e0cee9 code=0x0
[  199.719265][T11484] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  199.773393][   T29] audit: type=1400 audit(1717035823.399:16840): avc:  denied  { ioctl } for  pid=11490 comm="syz-executor.1" path="/dev/virtual_nci" dev="devtmpfs" ino=108 ioctlcmd=0x0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  199.801082][T11492] loop1: detected capacity change from 0 to 128
[  199.801180][T11493] loop0: detected capacity change from 0 to 1024
[  199.815795][T11493] EXT4-fs: Ignoring removed nomblk_io_submit option
[  199.825622][T11493] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  199.837143][T11493] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854c01c, mo2=0003]
[  199.845453][T11493] System zones: 0-1, 3-36
[  199.850636][   T29] audit: type=1326 audit(1717035823.479:16841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11498 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f185acb1ee9 code=0x7ffc0000
[  199.851315][T11493] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.895944][   T29] audit: type=1326 audit(1717035823.509:16842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11498 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f185acb1ee9 code=0x7ffc0000
[  199.920088][   T29] audit: type=1326 audit(1717035823.509:16843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11498 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f185acb1ee9 code=0x7ffc0000
[  199.944176][   T29] audit: type=1326 audit(1717035823.509:16844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11498 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f185acb1ee9 code=0x7ffc0000
[  199.968498][   T29] audit: type=1326 audit(1717035823.519:16845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11498 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f185acb1ee9 code=0x7ffc0000
[  199.992633][   T29] audit: type=1326 audit(1717035823.519:16846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11498 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f185acb1ee9 code=0x7ffc0000
[  200.016971][   T29] audit: type=1326 audit(1717035823.519:16847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11498 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f185acb1ee9 code=0x7ffc0000
[  200.041130][   T29] audit: type=1326 audit(1717035823.519:16848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11498 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f185acaf667 code=0x7ffc0000
[  200.065813][ T9534] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.135780][T11517] syz-executor.0: attempt to access beyond end of device
[  200.135780][T11517] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  200.180313][T11514] loop1: detected capacity change from 0 to 8192
[  200.189745][T11514] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  200.330633][T11531] loop1: detected capacity change from 0 to 512
[  200.349517][T11531] EXT4-fs (loop1): filesystem is read-only
[  200.358276][T11531] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  200.370660][T11531] EXT4-fs (loop1): filesystem is read-only
[  200.376529][T11531] EXT4-fs (loop1): orphan cleanup on readonly fs
[  200.385389][T11531] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor.1: bg 0: block 64: padding at end of block bitmap is not set
[  200.401261][T11531] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  200.418584][T11531] EXT4-fs (loop1): 1 orphan inode deleted
[  200.429560][T11531] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  200.559367][ T7220] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.695565][T11525] loop3: detected capacity change from 0 to 65536
[  200.824291][T11563] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  200.843108][T11565] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  201.474865][T11592] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  201.589998][T11601] loop1: detected capacity change from 0 to 128
[  201.634747][T11603] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  201.743279][T11608] loop1: detected capacity change from 0 to 512
[  201.754147][T11608] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz-executor.1: bg 0: block 5: invalid block bitmap
[  201.769937][T11608] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  201.779265][T11608] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz-executor.1: invalid indirect mapped block 3 (level 2)
[  201.795071][T11608] EXT4-fs (loop1): 1 orphan inode deleted
[  201.800883][T11608] EXT4-fs (loop1): 1 truncate cleaned up
[  201.809390][T11608] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.822442][T11579] syz-executor.4 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=1000
[  201.836969][T11579] CPU: 1 PID: 11579 Comm: syz-executor.4 Tainted: G        W          6.10.0-rc1-syzkaller-00027-g4a4be1ad3a6e #0
[  201.849060][T11579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  201.859128][T11579] Call Trace:
[  201.862461][T11579]  <TASK>
[  201.865386][T11579]  dump_stack_lvl+0xf2/0x150
[  201.870072][T11579]  dump_stack+0x15/0x20
[  201.874227][T11579]  dump_header+0x83/0x2d0
[  201.878623][T11579]  oom_kill_process+0x33e/0x4c0
[  201.883473][T11579]  out_of_memory+0x9af/0xbe0
[  201.888140][T11579]  mem_cgroup_out_of_memory+0x13e/0x190
[  201.893709][T11579]  try_charge_memcg+0x745/0xcd0
[  201.898621][T11579]  ? get_page_from_freelist+0x1a42/0x1a80
[  201.904370][T11579]  obj_cgroup_charge_pages+0xbd/0x1d0
[  201.909748][T11579]  __memcg_kmem_charge_page+0x9d/0x170
[  201.915316][T11579]  __alloc_pages_noprof+0x1bc/0x360
[  201.920512][T11579]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  201.925955][T11579]  alloc_pages_noprof+0xe1/0x100
[  201.930891][T11579]  __vmalloc_node_range_noprof+0x719/0xef0
[  201.936699][T11579]  kvmalloc_node_noprof+0x121/0x170
[  201.941971][T11579]  ? ip_set_alloc+0x1f/0x30
[  201.946527][T11579]  ip_set_alloc+0x1f/0x30
[  201.950900][T11579]  hash_netiface_create+0x273/0x730
[  201.956114][T11579]  ? __nla_parse+0x40/0x60
[  201.960537][T11579]  ? __pfx_hash_netiface_create+0x10/0x10
[  201.966264][T11579]  ip_set_create+0x359/0x8a0
[  201.970930][T11579]  ? memchr+0x1/0x50
[  201.974825][T11579]  ? __nla_parse+0x40/0x60
[  201.979238][T11579]  nfnetlink_rcv_msg+0x4a9/0x570
[  201.984209][T11579]  netlink_rcv_skb+0x12c/0x230
[  201.989020][T11579]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  201.994482][T11579]  nfnetlink_rcv+0x16c/0x15b0
[  201.999161][T11579]  ? kmem_cache_free+0xd8/0x280
[  202.004069][T11579]  ? nlmon_xmit+0x51/0x60
[  202.008398][T11579]  ? __kfree_skb+0x102/0x150
[  202.013089][T11579]  ? consume_skb+0x57/0x180
[  202.017606][T11579]  ? nlmon_xmit+0x51/0x60
[  202.021929][T11579]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  202.027283][T11579]  ? __dev_queue_xmit+0xb21/0x1e50
[  202.032468][T11579]  ? ref_tracker_free+0x3a5/0x410
[  202.037531][T11579]  ? __netlink_deliver_tap+0x495/0x4c0
[  202.042986][T11579]  netlink_unicast+0x58d/0x660
[  202.047793][T11579]  netlink_sendmsg+0x5ca/0x6e0
[  202.052554][T11579]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.057917][T11579]  __sock_sendmsg+0x140/0x180
[  202.062591][T11579]  ____sys_sendmsg+0x312/0x410
[  202.067382][T11579]  __sys_sendmsg+0x1e9/0x280
[  202.072013][T11579]  ? futex_wait+0x18e/0x1c0
[  202.076540][T11579]  __x64_sys_sendmsg+0x46/0x50
[  202.081303][T11579]  x64_sys_call+0xb25/0x2d70
[  202.085945][T11579]  do_syscall_64+0xc9/0x1c0
[  202.090526][T11579]  ? clear_bhb_loop+0x55/0xb0
[  202.095245][T11579]  ? clear_bhb_loop+0x55/0xb0
[  202.099971][T11579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.105941][T11579] RIP: 0033:0x7f185acb1ee9
[  202.110398][T11579] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  202.129997][T11579] RSP: 002b:00007f185a02c0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.138495][T11579] RAX: ffffffffffffffda RBX: 00007f185ade8fa0 RCX: 00007f185acb1ee9
[  202.146468][T11579] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  202.154519][T11579] RBP: 00007f185acfe47f R08: 0000000000000000 R09: 0000000000000000
[  202.162490][T11579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  202.170461][T11579] R13: 000000000000000b R14: 00007f185ade8fa0 R15: 00007ffcb785ee38
[  202.178429][T11579]  </TASK>
[  202.181946][T11579] memory: usage 307200kB, limit 307200kB, failcnt 265
[  202.189612][T11579] memory+swap: usage 307572kB, limit 9007199254740988kB, failcnt 0
[  202.197821][T11579] kmem: usage 306136kB, limit 9007199254740988kB, failcnt 0
[  202.198123][T11611] netlink: 'syz-executor.2': attribute type 19 has an invalid length.
[  202.205098][T11579] Memory cgroup stats for /syz4:
[  202.205265][T11579] cache 1052672
[  202.213514][T11611] netlink: 'syz-executor.2': attribute type 19 has an invalid length.
[  202.218215][T11579] rss 36864
[  202.218224][T11579] shmem 0
[  202.218230][T11579] mapped_file 1052672
[  202.218237][T11579] dirty 430080
[  202.218243][T11579] writeback 4096
[  202.218250][T11579] workingset_refault_anon 203
[  202.218256][T11579] workingset_refault_file 163
[  202.218264][T11579] swap 315392
[  202.218271][T11579] swapcached 94208
[  202.218277][T11579] pgpgin 119343
[  202.218283][T11579] pgpgout 119061
[  202.270981][T11579] pgfault 114703
[  202.274525][T11579] pgmajfault 92
[  202.278117][T11579] inactive_anon 65536
[  202.282087][T11579] active_anon 36864
[  202.285886][T11579] inactive_file 0
[  202.289505][T11579] active_file 0
[  202.292944][T11579] unevictable 1052672
[  202.297138][T11579] hierarchical_memory_limit 314572800
[  202.302493][T11579] hierarchical_memsw_limit 9223372036854771712
[  202.308685][T11579] total_cache 1052672
[  202.312713][T11579] total_rss 36864
[  202.316699][T11579] total_shmem 0
[  202.320153][T11579] total_mapped_file 1052672
[  202.324639][T11579] total_dirty 430080
[  202.328648][T11579] total_writeback 4096
[  202.332707][T11579] total_workingset_refault_anon 203
[  202.338000][T11579] total_workingset_refault_file 163
[  202.343203][T11579] total_swap 315392
[  202.347007][T11579] total_swapcached 94208
[  202.351248][T11579] total_pgpgin 119343
[  202.355235][T11579] total_pgpgout 119061
[  202.359382][T11579] total_pgfault 114703
[  202.363436][T11579] total_pgmajfault 92
[  202.367446][T11579] total_inactive_anon 65536
[  202.372162][T11579] total_active_anon 36864
[  202.376545][T11579] total_inactive_file 0
[  202.380690][T11579] total_active_file 0
[  202.384662][T11579] total_unevictable 1052672
[  202.389176][T11579] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11578,uid=0
[  202.404520][T11579] Memory cgroup out of memory: Killed process 11578 (syz-executor.4) total-vm:46704kB, anon-rss:420kB, file-rss:9884kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[  202.422519][ T7220] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.432476][T11621] netlink: 'syz-executor.0': attribute type 46 has an invalid length.
[  202.440810][T11621] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  202.529188][T11626] syz-executor.2: attempt to access beyond end of device
[  202.529188][T11626] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  202.742007][T11657] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  202.751455][T11656] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  202.762514][T11656] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.3'.
[  202.790100][T11663] syz-executor.4: attempt to access beyond end of device
[  202.790100][T11663] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  202.851305][T11671] loop4: detected capacity change from 0 to 2048
[  202.861588][T11673] loop3: detected capacity change from 0 to 512
[  202.881755][T11673] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  202.900394][T11673] EXT4-fs (loop3): 1 truncate cleaned up
[  202.907601][T11671]  loop4: p1 < > p4
[  202.909060][T11673] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.916641][T11671] loop4: p4 size 8388608 extends beyond EOD, truncated
[  202.970208][T11673] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  202.983023][T11673] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  203.061242][T11686] loop0: detected capacity change from 0 to 1024
[  203.073403][T11686] EXT4-fs: Ignoring removed nomblk_io_submit option
[  203.080876][T11686] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  203.094322][T11686] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854c01c, mo2=0003]
[  203.102762][T11686] System zones: 0-1, 3-36
[  203.103395][ T8405] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.108249][T11686] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.145101][ T9534] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.267105][T11706] 9pnet_fd: Insufficient options for proto=fd
[  203.274665][T11704] syz-executor.0: attempt to access beyond end of device
[  203.274665][T11704] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  203.351786][T11716] loop4: detected capacity change from 0 to 1764
[  203.571500][T11745] syz-executor.0: attempt to access beyond end of device
[  203.571500][T11745] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  203.669844][T11754] loop4: detected capacity change from 0 to 1764
[  203.812407][T11763] loop4: detected capacity change from 0 to 128
[  203.828220][T11714] ==================================================================
[  203.836333][T11714] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_sb_inodes
[  203.844318][T11714] 
[  203.846729][T11714] write to 0xffff888100493880 of 8 bytes by task 9586 on cpu 1:
[  203.854437][T11714]  writeback_sb_inodes+0x31b/0xb20
[  203.859546][T11714]  __writeback_inodes_wb+0x9a/0x1a0
[  203.864741][T11714]  wb_writeback+0x270/0x720
[  203.869241][T11714]  wb_workfn+0x4ea/0x940
[  203.873480][T11714]  process_scheduled_works+0x483/0x9a0
[  203.878934][T11714]  worker_thread+0x526/0x730
[  203.883520][T11714]  kthread+0x1d1/0x210
[  203.887587][T11714]  ret_from_fork+0x4b/0x60
[  203.891993][T11714]  ret_from_fork_asm+0x1a/0x30
[  203.896763][T11714] 
[  203.899073][T11714] read to 0xffff888100493880 of 8 bytes by task 11714 on cpu 0:
[  203.906774][T11714]  __mark_inode_dirty+0x19f/0x7e0
[  203.911792][T11714]  file_modified_flags+0x30f/0x340
[  203.916995][T11714]  file_modified+0x17/0x20
[  203.921406][T11714]  ext4_file_write_iter+0x8b8/0xe30
[  203.926621][T11714]  iter_file_splice_write+0x5e6/0x970
[  203.931994][T11714]  direct_splice_actor+0x16c/0x2c0
[  203.937120][T11714]  splice_direct_to_actor+0x305/0x670
[  203.942518][T11714]  do_splice_direct+0xd7/0x150
[  203.947291][T11714]  do_sendfile+0x3ab/0x960
[  203.951709][T11714]  __x64_sys_sendfile64+0x110/0x150
[  203.956907][T11714]  x64_sys_call+0x2c9f/0x2d70
[  203.961664][T11714]  do_syscall_64+0xc9/0x1c0
[  203.966169][T11714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.972059][T11714] 
[  203.974371][T11714] value changed: 0x0000000000020007 -> 0x0000000000000000
[  203.981462][T11714] 
[  203.983796][T11714] Reported by Kernel Concurrency Sanitizer on:
[  203.989929][T11714] CPU: 0 PID: 11714 Comm: syz-executor.3 Tainted: G        W          6.10.0-rc1-syzkaller-00027-g4a4be1ad3a6e #0
[  204.001905][T11714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
2024/05/30 02:23:47 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  204.011962][T11714] ==================================================================
[  204.039306][T11677] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  204.050707][T11677] CPU: 1 PID: 11677 Comm: syz-executor.2 Tainted: G        W          6.10.0-rc1-syzkaller-00027-g4a4be1ad3a6e #0
[  204.062729][T11677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  204.072884][T11677] Call Trace:
[  204.076165][T11677]  <TASK>
[  204.079087][T11677]  dump_stack_lvl+0xf2/0x150
[  204.083736][T11677]  dump_stack+0x15/0x20
[  204.087935][T11677]  dump_header+0x83/0x2d0
[  204.092284][T11677]  oom_kill_process+0x33e/0x4c0
[  204.097126][T11677]  out_of_memory+0x9af/0xbe0
[  204.101714][T11677]  mem_cgroup_out_of_memory+0x13e/0x190
[  204.107257][T11677]  try_charge_memcg+0x745/0xcd0
[  204.112102][T11677]  ? _raw_spin_unlock+0x26/0x50
[  204.117034][T11677]  ? radix_tree_lookup+0xf9/0x150
[  204.122089][T11677]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[  204.128240][T11677]  __read_swap_cache_async+0x2b9/0x520
[  204.134315][T11677]  swap_cluster_readahead+0x276/0x3f0
[  204.139784][T11677]  swapin_readahead+0xe2/0x7a0
[  204.144559][T11677]  ? __filemap_get_folio+0x420/0x5b0
[  204.149895][T11677]  ? swap_cache_get_folio+0x6e/0x210
[  204.155181][T11677]  do_swap_page+0x3bc/0x1840
[  204.159770][T11677]  ? cgroup_rstat_updated+0x99/0x550
[  204.165130][T11677]  ? __rcu_read_lock+0x36/0x50
[  204.169905][T11677]  handle_mm_fault+0x809/0x2a80
[  204.174769][T11677]  ? mas_walk+0x204/0x320
[  204.179131][T11677]  exc_page_fault+0x3b9/0x650
[  204.183891][T11677]  asm_exc_page_fault+0x26/0x30
[  204.188799][T11677] RIP: 0033:0x7f8e63e0bda0
[  204.193199][T11677] Code: d6 7f 02 00 8b 04 24 e9 72 ff ff ff 66 0f 1f 44 00 00 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d4 e8 10 32 00 00 <80> 3d 51 c1 10 00 00 74 17 b8 03 00 00 00 0f 05 48 3d 00 f0 ff ff
[  204.212831][T11677] RSP: 002b:00007fff744ff258 EFLAGS: 00010202
[  204.218947][T11677] RAX: 000000000000001e RBX: 0000000000000004 RCX: 0000001b30620000
[  204.226935][T11677] RDX: 0000001b30620000 RSI: ffffffff8107927d RDI: 0000000000000003
[  204.234917][T11677] RBP: 00007f8e63f459a0 R08: 0000001b30c20000 R09: 7fffffffffffffff
[  204.243027][T11677] R10: 0000000000001040 R11: 0000000081586d3e R12: 0000000000031be2
[  204.251066][T11677] R13: 00007f8e63f4407c R14: 0000000000000032 R15: 00007f8e63f459a0
[  204.259129][T11677]  ? sched_clock+0xd/0x70
[  204.263448][T11677]  </TASK>
[  204.266777][T11677] memory: usage 307188kB, limit 307200kB, failcnt 332
[  204.273533][T11677] memory+swap: usage 307620kB, limit 9007199254740988kB, failcnt 0
[  204.281518][T11677] kmem: usage 306644kB, limit 9007199254740988kB, failcnt 0
[  204.288858][T11677] Memory cgroup stats for /syz2:
[  204.290736][T11677] cache 536576
[  204.299077][T11677] rss 12288
[  204.302176][T11677] shmem 0
[  204.305193][T11677] mapped_file 528384
[  204.309101][T11677] dirty 0
[  204.312098][T11677] writeback 4096
[  204.315717][T11677] workingset_refault_anon 272
[  204.320378][T11677] workingset_refault_file 8
[  204.324931][T11677] swap 442368
[  204.328275][T11677] swapcached 20480
[  204.332033][T11677] pgpgin 104267
[  204.335582][T11677] pgpgout 104131
[  204.339114][T11677] pgfault 125202
[  204.342687][T11677] pgmajfault 75
[  204.346246][T11677] inactive_anon 0
[  204.349923][T11677] active_anon 0
[  204.353369][T11677] inactive_file 4096
[  204.357302][T11677] active_file 4096
[  204.361018][T11677] unevictable 528384
[