last executing test programs:

4.164189955s ago: executing program 2 (id=495):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x81, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r2}, @generic={0x2d}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

3.616641665s ago: executing program 2 (id=502):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000200009500000000000000"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r3=>0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r1, r3, 0x25, 0x0, @val=@netfilter}, 0x40)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r3, {0x0, 0xfff2}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

2.936856828s ago: executing program 1 (id=518):
socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000003e00)={0x0, 0x0, 0x0}, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendmsg$xdp(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r0, &(0x7f00000033c0)=[{{0x0, 0x0, 0x0}}], 0x1f8, 0x122, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x1e, 0x4, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x5}, 0x0, 0x0)

2.546778604s ago: executing program 3 (id=511):
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
r2 = gettid()
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r2}}]}, 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)

2.546600344s ago: executing program 4 (id=512):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x20, 0x0, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg(r1, 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="250300000000000000ff01"], 0x20}}, 0x0)

2.512736747s ago: executing program 4 (id=513):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x2c, 0x0, 0x801, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="3400000013000500000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000014001a80100004800c0001"], 0x34}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
semctl$GETPID(0x0, 0x2, 0x10, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000800000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x10, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000800)=@ipv6_deladdr={0x78, 0x15, 0xb25, 0x70bd2a, 0x25dfdbfe, {0xa, 0x3f, 0x1, 0x0, r2}, [@IFA_FLAGS={0x8, 0x8, 0x50}, @IFA_RT_PRIORITY={0x8, 0x9, 0xb9400000}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x2}, @IFA_RT_PRIORITY={0x8, 0x9, 0x1}, @IFA_FLAGS={0x8, 0x8, 0x10}, @IFA_RT_PRIORITY={0x8, 0x9, 0x1ff}, @IFA_LOCAL={0x14, 0x2, @remote}, @IFA_FLAGS={0x8, 0x8, 0x4}, @IFA_CACHEINFO={0x14, 0x6, {0x0, 0xffffffff, 0x3, 0x1}}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@discard}, {@usrjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@noblock_validity}]}, 0x1, 0x453, &(0x7f0000000f80)="$eJzs3L9vG1UcAPDv2XH6m4RSfrS0ECiIih9Jk5bSgaUIJAaQkGAoYgpJWpW6DWqCRKsKAkMZUSV2xIjEX8BCWRAwIbHCjpAilIXCZHT2XXAT24kTxw7485Gufc/vove+d/fsr9/ZDqBvjaT/JBF7I+KXiBiqVe/cYaT23+2l61N/LV2fSqJSef2PpLrfn0vXp/Jd87/bU6tUKi36vfFWxGS5PHMlq4/NX3p3bO7qtWcuXJo8P3N+5vLE6dMnTxwZPDXRmTj3pWM99MHs4YMvv3nz1amzN9/+4at0vHuz9vo4OmWkdnQberzTnfXYvrpyMtDDgdCWYkSkp6tUnf9DUYxdy21D8dLHPR0csKUqlUJlR/PmhQrwP5Ym6kA/yl/o0/e/+dal1GNbWDwTy+sYt7Ot1jIQhWyfUvYeaSuMRMTZhb8/T7fYonUIAIB6t85ExNON8r9C3Fe3313ZvaHhiLg7IvZHxD0RcSAi7o2o7nt/RDzQZv8r75Cszn8qQxsKbJ3S/O/57N7Wnflfnv3FcDGr7avGX0rOXSjPHM+OybEo7Ujr4y36+PbFnz9t1laf/6Vb2n+eC2bj+H1gxQLd9OT85GZirrf4UcShgUbxJ8s5b5ofH4yIQxvs48KTXx5u1rZ2/C10ICmvfBHxRO38L8SK+HNJ0/uT48+dmnh2bGeUZ46P5VfFaj/+dOO1Zv1vKv4OWLxVid0Nr//l+IeTnRFzV69drN6vnWu/jxu/ftL0Pc1Gr//B5I1qeTB77P3J+fkr4xGDySurH6+7h5zX8/3T6//Y0cbzf3/8eyQejIj0Ij4SEQ9FxMPZ2B+JiEcj4miL+L9/4bF32o+/xap8B6XxT691/qP+/LdfKF787uv248+l5/9ktXQse2Q9z3/rHeBmjh0AAAD8VxSqn4FPCqPL5UJhdLT2Gf4DsbtQnp2bf+rc7HuXp2uflR+OUiFf6RqqWw8dz9aG8/rEivqJbN34s+Kuan10arY83evgoc/taTL/U78Vez06YMv5vhb0L/Mf+lfr+b/QtXEA3ef1H/qX+Q/9q9H8/7AH4wC6b43X/13dGgfQffJ/6F/mP/Qv8x/6UtPvxhc29ZV/hR4Vvhnc3G81rL8QhW0ScicKSWyDYZSiYdPAun/MYoOFHQ2bev3MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BAAA//+1XOJt")
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@usrjquota}, {@grpjquota}, {@grpjquota}, {@noquota}, {@grpid}, {@noload}, {@noload}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")

2.190896187s ago: executing program 4 (id=514):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008000, &(0x7f00000007c0)={[{@debug}, {@orlov}, {@nomblk_io_submit}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@resuid}, {@usrquota}, {@usrquota}]}, 0x1, 0x5ba, &(0x7f0000001bc0)="$eJzs3c1vVFUbAPDnTD8olPdtIUbFhTQxBhKlpQUMMS5gTxr8iBs3VloIUqChNVo0sSS4MTFujDFx5UL8L5TIlpWuXLhxZUiIGpYmjrkzc0tb7rS0THsr9/dLht57zlzOczt9eu6cnnMngMoayv6pReyLiJkUMZAWFuu6o1U51Hzevb8+OpM9UtTrr/+RIrXK8uen1tf+1sF9EfHTjyn2dj3Y7uz81QsT09NTV1r7I3MXZ0Zm568eOn9x4tzUualLYy+NHT929Njx0cMdO9dT1999f+DT8be+/frvNPrdr+MpTsTuVt3S8+iUoRhqfk92LC/Pvq/HO91YSbpa57P0JU7dJQbEuuSvX09EPBUD0RX3X7yB+OTVUoMDNlU9RdSBikryHyoqvw7I39uvfB9cK+WqBNgKd082BwAezP/u5thg9DXGBnbdS7F0WCdFRCdG5rI2bt8av3721vj12KRxOKDYwrWIeLoo/1MjNwcbo/hZ/teW5X92XXC69TUrf22D7Q+t2Jf/sHWa+d+3ofx/e0n+v7PB9uU/AAAAAAAAdM7NkxHxYtHf/2uL83+iYP5Pf0Sc6ED7a//9r3anA80ABe6ejHilcP5vLZ/9O9jV2vpfYz5ATzp7fnrqcET8PyIORs+ObH90lTYOfbb3q3Z1+fy//JG1f7s1F7AVx53uFetnJyfmJh71vIGIu9cinimc/5sW+/9U0P9nvw9mHrKNvc/fON2ubu38BzZL/ZuIA4X9f1p8Tlr9/hwjjeuBkfyq4EHPfvj59+3al/9Qnqz/37V6/g+mpffrmV1/G0fmu+vt6jZ6/d+b3mjccqa3VfbBxNzcldGI3nSqKytdVj62/pjhcZTnQ54vWf4ffG718b+i6/+dEbGw4v9Ofy5fU5x78p/+39rFo/+H8mT5P7mu/n/9G2M3Bn9o1/7D9f9HG339wVaJ8T9o+jJP097l5QXp2F1UtdXxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjoBYRuyPVhhe3a7Xh4Yj+iHgidtWmL8/OvXD28nuXJrO6xuf/1/JP+h1o7qf88/8Hl+yPrdg/EhF7IuKLrp2N/eEzl6cnyz55AAAAAAAAAAAAAAAAAAAA2Cb626z/z/zeVXZ0wKbrLjsAoDQF+f9zGXEAW0//D9Ul/6G65D9Ul/yH6pL/UF3yH6pL/kN1yX8AAAAAAHis7Nl/85cUEQsv72w8Mr2tup5SIwM2W63sAIDSuMUPVJepP1Bd3uMDaY36vrYHrXXkambOPMLBAAAAAAAAAAAAAFA5B/ZZ/w9VZf0/VJf1/1Bd+fr//SXHAWw97/GBWGMlf+H6/zWPAgAAAAAAAAAAAAA6aXb+6oWJ6empKzbe3B5hbOVGvV7/OPsp2C7x/Mc38qnw2yWeR9oo9/cSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw378BAAD//2QiJqY=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x0, @vifc_lcl_ifindex, @local}, 0x10)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000011c0), &(0x7f0000001200), 0x80000000, r3}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000000)={r3, &(0x7f0000000080), 0x0}, 0x20)
r4 = inotify_init()
inotify_add_watch(r4, &(0x7f0000000700)='./file0\x00', 0x400097e)
lremovexattr(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)=@known='system.posix_acl_access\x00')

2.170147959s ago: executing program 0 (id=515):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x81, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r2}, @generic={0x2d}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

1.971883557s ago: executing program 0 (id=516):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{r0}, &(0x7f0000000500), &(0x7f0000000540)='%+9llu \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.events\x00', 0x275a, 0x0)
writev(r3, &(0x7f0000000300)=[{&(0x7f00000000c0)="c0", 0x1}], 0x1)
syz_clone(0x4200000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

1.971433697s ago: executing program 1 (id=519):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r1}, 0x10)
ioctl$PPPIOCATTACH(0xffffffffffffffff, 0x4004743d, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a841d", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x20}}, 0x0)

1.970636487s ago: executing program 3 (id=520):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=@newqdisc={0x180, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8}}, @qdisc_kind_options=@q_netem={{0xa}, {0x13c, 0x2, {{0x0, 0xff13, 0x0, 0x0, 0x0, 0x10f}, [@TCA_NETEM_RATE={0x14, 0x6, {0x0, 0x2, 0x100, 0x8}}, @TCA_NETEM_CORR={0x10, 0x1, {0x8001, 0x510e}}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x8, 0x0, 0x8001, 0x3, 0xbfa9, 0x10001}}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0xfff, 0x2}}, @TCA_NETEM_JITTER64={0xc, 0xb, 0x80000000}, @TCA_NETEM_LOSS={0x58, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x4, 0x43, 0x10000, 0xffffffff, 0x8000}}, @NETEM_LOSS_GE={0x14, 0x2, {0x4, 0x6, 0x2, 0x7}}, @NETEM_LOSS_GE={0x14, 0x2, {0x7fffffff, 0x8}}, @NETEM_LOSS_GE={0x14, 0x2, {0x8001, 0xffffffff, 0x62, 0x1}}]}, @TCA_NETEM_CORR={0x10, 0x1, {0x87c, 0x8, 0x1}}, @TCA_NETEM_DELAY_DIST={0x50, 0x2, "bb31dd582025a5bfe05b342a891035fe2abd168e2c8b8d284dcd49405a3da4233a46fc0f50f25bb2abef41f435190e7d58e97dac5d759d1138e8b1e6821e0d9f9be0a90d6a87ad3aa42cf362"}]}}}]}, 0x180}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
bind$packet(r0, &(0x7f0000000400)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$packet(r0, &(0x7f0000000080)="1555f6acfd136f8ed06375bd86dd", 0xe, 0x0, 0x0, 0x0)

1.966508048s ago: executing program 4 (id=522):
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r0 = getpid()
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
prlimit64(0x0, 0x4, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_setup(0x6, &(0x7f00000001c0))
syz_open_procfs(0x0, 0x0)

1.914693633s ago: executing program 0 (id=523):
r0 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x77, 0x141301)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])
ioctl$USBDEVFS_RELEASE_PORT(r0, 0x4004550d, 0x0)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x20000000, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @empty}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
ioctl$sock_inet_SIOCGIFDSTADDR(r1, 0x8917, &(0x7f0000000040)={'bond_slave_0\x00', {0x2, 0x0, @broadcast}})
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x182, 0x0, 0x27)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)

1.913841883s ago: executing program 3 (id=524):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xad2}, 0xd951}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x53, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = inotify_init()
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x200, 0x0, 0x38e}, 0x0, 0x0)
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e)
r1 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
write$binfmt_elf32(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000002000000380000000000000000191bda000020000100006b5e0200000000000003"], 0x69)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r2)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00'})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x14, r3, 0x6a98047402e98331}, 0x14}}, 0x0)

1.879863176s ago: executing program 3 (id=525):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004"], 0x48)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a09040000000000000000020000000900020073797a32000000000900010073797a3000000000300004"], 0x84}}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f000019"], 0xfe33)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0)

1.032147794s ago: executing program 3 (id=526):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpid()
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x20040a, &(0x7f00000001c0)={[{@grpjquota}, {@errors_continue}, {@abort}, {@bsdgroups}]}, 0x12, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
r1 = semget$private(0x0, 0x3, 0x864ee8df52df9e4)
semtimedop(r1, &(0x7f0000000200)=[{0x0, 0x2}, {}], 0x2, 0x0)
timer_create(0x0, &(0x7f0000000540)={0x0, 0x12}, &(0x7f0000000580))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

1.031839194s ago: executing program 4 (id=527):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x22400049, &(0x7f00000002c0)={[{@dioread_nolock}, {@noinit_itable}, {@nomblk_io_submit}, {@noblock_validity}, {@data_err_abort}, {@jqfmt_vfsold}, {@jqfmt_vfsv0}, {@barrier_val={'barrier', 0x3d, 0xd95a}}, {@debug}]}, 0x84, 0x471, &(0x7f0000000bc0)="$eJzs3M9vFFUcAPDvzLZFfpQuiD9AlFUkNqItLagcvGg04WJiogc91lIJsoChNRFCBI3Bo/EvUI8m/gWe9GLUk8ar3o0JMVxED2bN7M7Att3WdrfLgvP5JNN9b3699+bN67yZt7MBlFYt+5NEbIuIXyJirBVdvEKt9XH92sXZv65dnE2i0Xjlj6S53p/XLs4Wq27LP7fm+xxPI9IPk7jcId358xdOzdTrc+fy+OTC6bcn589fePLk6ZkTcyfmzkwfPXrk8NQzT08/tSHlHM3yuue9s3t3H3v9k5dmG/HG919m+a/ky9vL0VLtOc1a1KLRaDTSRXNHmn8P9Lz328toWzgZGmBGWJfs/M+qa7jZ/seiEjcrbyxe/GCgmQP6Krs+7Vg2t3VVTA8kzeXA/5U2DmVVXPGz+99iurU9kMG6+lzrBigr9/V8ai0Ziuy+Pam27tgrfUp/W0S8dvnvT7MpOj6HAADYWF9n/Z8nOvX/0ri3bb3t+dhQNSIORsTOiLg7InZFxD0RzXXvi4j715l+bUl8ef/np81dFWyNsv7fs/nY1uL+341Rm2olj402yz+cvHmyPncoPybjMbwpi0+tksY3L/z88UrLam39v2zK0i/6gnk+fh/atHib4zMLM72Uud3V9yP2DHUqf3JjJCCJiN0RsaeL/WfH7OTjX+zNwtu3Ll/+3+VfxQaMMzU+j3isVf+XY0n5C0krpZXGJyfvivrcocnirFjuhx+vvNweH24L91T+DZDV/5aO539e/qIZFOO18+tP48qvH614T9Pt+T+SvNoMj+Tz3p1ZWDg3FTGSz1g0f/rmtkW8WD8r//j+zu1/Z8Q/n+XbPRAR2Un8YEQ8FBH78rw/HBGPRMT+Vcr/3fOPvrX6ERps/R9frf4jqkn7eH0Xgcqpb79aKf211f+RZmg8n7OW/39rzWAvxw4AAADuFGlzDDpJJ26E03RiovUd/l2xJa2fnV84WIt3zhxvjVVXYzgtnnSNtT0PncqfDRfx6SXxwxGxo/lNo83N+MTs2frooAsPJbd1hfaf+a1fX3oBbh/rGkdL+pcP4NbzviaUl/YP5aX9Q3lp/1Bendr/pYjrA8gKcIu5/kN5af9QXto/lJf2D6W0/JX44udWunnT/2Zg57GeNi9RoNKnPUf7j3b0IRDpwA9d94H0dsjGvjywKSLWutWlvtbp0vMHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgzvdvAAAA//+bHeQQ")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1}, 0x18)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/attr/current\x00', 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
add_key$user(0x0, &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:ksm_device_t:s0\x00', 0x22)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

1.030399434s ago: executing program 0 (id=536):
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x8800)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r2, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x40041)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)

1.029807574s ago: executing program 2 (id=528):
r0 = gettid()
r1 = eventfd2(0x0, 0x0)
write$eventfd(r1, &(0x7f0000000140)=0xfffffffffffffff8, 0x8)
write$eventfd(r1, &(0x7f0000000040)=0x8, 0x8)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xcd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

1.029539544s ago: executing program 1 (id=529):
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
r2 = gettid()
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r2}}]}, 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)

847.219492ms ago: executing program 0 (id=530):
socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000003e00)={0x0, 0x0, 0x0}, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendmsg$xdp(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r0, &(0x7f00000033c0)=[{{0x0, 0x0, 0x0}}], 0x1f8, 0x122, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x1e, 0x4, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x5}, 0x0, 0x0)

825.080183ms ago: executing program 4 (id=531):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000200000000000000006b79009500000000000000"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r3, r5, 0x25, 0x0, @val=@iter={0x0}}, 0x40)
sendto$inet(r2, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10}}}}}}, 0x0)

592.318425ms ago: executing program 1 (id=532):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r3 = inotify_init1(0x0)
fcntl$setown(r3, 0x8, 0xffffffffffffffff)
fcntl$getownex(r3, 0x10, &(0x7f0000000140)={0x0, <r4=>0x0})
r5 = syz_open_procfs(r4, &(0x7f0000000040)='fd/4\x00')
fcntl$setstatus(r5, 0x4, 0xfa3bc5f6db25437e)
pread64(r5, &(0x7f00000002c0)=""/80, 0x50, 0x400000000000)

571.835627ms ago: executing program 1 (id=533):
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000240)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x11, 0x800000003, 0x0)
bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c0000001400210100000000000000000a000000", @ANYRES32=r3, @ANYBLOB="140002000000000000000000000001"], 0x2c}}, 0x0)
r4 = socket(0x11, 0x800000003, 0x0)
bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r4, &(0x7f0000000740)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000780)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x14, 0x2, @loopback={0xfec0ffff00000000}}]}, 0x2c}}, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000300010000004500000025000000190011000600ad000200000000000006040000008847000000", 0x39}], 0x1)

179.223233ms ago: executing program 2 (id=534):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket(0xa, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000180)=""/224, 0x26, 0xe0, 0x1, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
acct(0xfffffffffffffffe)

178.483564ms ago: executing program 1 (id=545):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r5, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, r6, 0x1, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000084}, 0x40)

73.108713ms ago: executing program 2 (id=535):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=@newqdisc={0x180, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8}}, @qdisc_kind_options=@q_netem={{0xa}, {0x13c, 0x2, {{0x0, 0xff13, 0x0, 0x0, 0x0, 0x10f}, [@TCA_NETEM_RATE={0x14, 0x6, {0x0, 0x2, 0x100, 0x8}}, @TCA_NETEM_CORR={0x10, 0x1, {0x8001, 0x510e}}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x8, 0x0, 0x8001, 0x3, 0xbfa9, 0x10001}}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0xfff, 0x2}}, @TCA_NETEM_JITTER64={0xc, 0xb, 0x80000000}, @TCA_NETEM_LOSS={0x58, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x4, 0x43, 0x10000, 0xffffffff, 0x8000}}, @NETEM_LOSS_GE={0x14, 0x2, {0x4, 0x6, 0x2, 0x7}}, @NETEM_LOSS_GE={0x14, 0x2, {0x7fffffff, 0x8}}, @NETEM_LOSS_GE={0x14, 0x2, {0x8001, 0xffffffff, 0x62, 0x1}}]}, @TCA_NETEM_CORR={0x10, 0x1, {0x87c, 0x8, 0x1}}, @TCA_NETEM_DELAY_DIST={0x50, 0x2, "bb31dd582025a5bfe05b342a891035fe2abd168e2c8b8d284dcd49405a3da4233a46fc0f50f25bb2abef41f435190e7d58e97dac5d759d1138e8b1e6821e0d9f9be0a90d6a87ad3aa42cf362"}]}}}]}, 0x180}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
bind$packet(r0, &(0x7f0000000400)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$packet(r0, &(0x7f0000000080)="1555f6acfd136f8ed06375bd86dd", 0xe, 0x0, 0x0, 0x0)

72.818593ms ago: executing program 3 (id=537):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffc, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r1, 0x4)
accept(r1, &(0x7f0000000080)=@can, 0x0)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000040)={0x0, 0x9, 0x790f, 0x80, 0x7f, 0x6}, 0x14)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x1, @loopback}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

44.724036ms ago: executing program 2 (id=538):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004"], 0x48)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a09040000000000000000020000000900020073797a32000000000900010073797a3000000000300004"], 0x84}}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f000019"], 0xfe33)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0)

0s ago: executing program 0 (id=539):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
creat(&(0x7f0000000240)='./bus\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

kernel console output (not intermixed with test programs):

7899][ T3684] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   40.852150][ T3684] EXT4-fs (loop1): 1 truncate cleaned up
[   40.858459][ T3684] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.881082][ T3692] loop3: detected capacity change from 0 to 512
[   40.887967][ T3692] EXT4-fs: Ignoring removed nomblk_io_submit option
[   40.888301][ T3264] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.905054][ T3692] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   40.913019][ T3692] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=1842c01c, mo2=0002]
[   40.921157][ T3692] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[   40.930805][ T3692] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[   40.944984][ T3692] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   40.946220][ T3696] syz.1.112[3696] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   40.957527][ T3696] syz.1.112[3696] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   40.972134][ T3692] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[   40.994106][ T3692] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[   41.035982][ T3265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.051369][ T3698] loop1: detected capacity change from 0 to 512
[   41.059014][ T3698] EXT4-fs: Ignoring removed oldalloc option
[   41.066814][ T3698] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.113: Parent and EA inode have the same ino 15
[   41.079517][ T3698] EXT4-fs (loop1): Remounting filesystem read-only
[   41.086231][ T3698] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2862: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   41.099336][ T3698] EXT4-fs warning (device loop1): ext4_evict_inode:254: couldn't mark inode dirty (err -5)
[   41.110317][ T3698] EXT4-fs (loop1): 1 orphan inode deleted
[   41.116437][ T3698] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.128817][ T3698] SELinux: (dev loop1, type ext4) getxattr errno 5
[   41.136211][ T3698] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.443948][ T3710] netlink: 8 bytes leftover after parsing attributes in process `syz.3.117'.
[   41.456754][ T3710] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.513825][ T3710] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.574052][ T3710] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.654283][ T3710] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.721269][ T3710] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.732856][ T3710] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.743805][ T3710] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.754515][ T3710] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.778941][ T3715] loop4: detected capacity change from 0 to 1024
[   41.796766][ T3715] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.825044][ T3260] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.853896][ T3721] loop3: detected capacity change from 0 to 764
[   41.864834][ T3721] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   42.023825][ T3738] loop4: detected capacity change from 0 to 128
[   42.036797][ T3738] netlink: 2 bytes leftover after parsing attributes in process `syz.4.127'.
[   42.084230][ T3741] netlink: 12 bytes leftover after parsing attributes in process `syz.0.129'.
[   42.113322][ T3743] loop0: detected capacity change from 0 to 128
[   42.120556][ T3743] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[   42.139007][ T3743] syz.0.130: attempt to access beyond end of device
[   42.139007][ T3743] loop0: rw=3, sector=6950, nr_sectors = 2 limit=128
[   42.152284][ T3743] syz.0.130: attempt to access beyond end of device
[   42.152284][ T3743] loop0: rw=2051, sector=6952, nr_sectors = 942 limit=128
[   42.243247][ T3749] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   42.367820][ T3754] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[   42.378286][ T3754] syzkaller0: entered promiscuous mode
[   42.383835][ T3754] syzkaller0: entered allmulticast mode
[   42.576161][ T3759] loop0: detected capacity change from 0 to 256
[   42.680107][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies.
[   42.816945][ T3765] netlink: 'syz.4.139': attribute type 4 has an invalid length.
[   42.860942][ T3765] netlink: 'syz.4.139': attribute type 17 has an invalid length.
[   43.132771][ T3769] loop4: detected capacity change from 0 to 512
[   43.176646][ T3769] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   43.194996][ T3769] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.497345][ T3776] loop0: detected capacity change from 0 to 128
[   43.541587][ T3779] loop0: detected capacity change from 0 to 512
[   43.564114][ T3779] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.581748][ T3779] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.594939][   T29] kauditd_printk_skb: 97 callbacks suppressed
[   43.594966][   T29] audit: type=1326 audit(1726654333.435:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3778 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   43.624867][   T29] audit: type=1326 audit(1726654333.465:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3778 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   43.647931][   T29] audit: type=1326 audit(1726654333.465:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3778 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   43.670946][   T29] audit: type=1326 audit(1726654333.465:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3778 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   43.693812][   T29] audit: type=1326 audit(1726654333.465:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3778 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   43.716688][   T29] audit: type=1326 audit(1726654333.465:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3778 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   43.740190][   T29] audit: type=1326 audit(1726654333.515:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3778 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   43.763100][   T29] audit: type=1326 audit(1726654333.535:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3778 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   43.786349][   T29] audit: type=1326 audit(1726654333.535:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3778 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   43.809139][   T29] audit: type=1326 audit(1726654333.535:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3778 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   43.842509][ T3266] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.852469][ T3260] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   43.914735][ T3791] bridge0: port 3(veth0_to_bond) entered blocking state
[   43.921863][ T3791] bridge0: port 3(veth0_to_bond) entered disabled state
[   43.937769][ T3791] veth0_to_bond: entered allmulticast mode
[   43.954617][ T3791] veth0_to_bond: entered promiscuous mode
[   43.960592][ T3791] bridge0: port 3(veth0_to_bond) entered blocking state
[   43.967662][ T3791] bridge0: port 3(veth0_to_bond) entered forwarding state
[   44.521799][ T3808] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   44.607105][ T3810] netlink: 64 bytes leftover after parsing attributes in process `syz.0.155'.
[   44.632299][ T3812] netlink: 60 bytes leftover after parsing attributes in process `syz.0.156'.
[   44.641269][ T3812] netlink: 60 bytes leftover after parsing attributes in process `syz.0.156'.
[   44.658751][ T3812] netlink: 60 bytes leftover after parsing attributes in process `syz.0.156'.
[   44.667812][ T3812] netlink: 60 bytes leftover after parsing attributes in process `syz.0.156'.
[   44.845673][ T3826] loop0: detected capacity change from 0 to 256
[   44.859901][ T3826] FAT-fs (loop0): Directory bread(block 64) failed
[   44.866773][ T3826] FAT-fs (loop0): Directory bread(block 65) failed
[   44.873476][ T3826] FAT-fs (loop0): Directory bread(block 66) failed
[   44.880120][ T3826] FAT-fs (loop0): Directory bread(block 67) failed
[   44.886976][ T3826] FAT-fs (loop0): Directory bread(block 68) failed
[   44.893813][ T3826] FAT-fs (loop0): Directory bread(block 69) failed
[   44.900445][ T3826] FAT-fs (loop0): Directory bread(block 70) failed
[   44.907052][ T3826] FAT-fs (loop0): Directory bread(block 71) failed
[   44.913768][ T3826] FAT-fs (loop0): Directory bread(block 72) failed
[   44.920327][ T3826] FAT-fs (loop0): Directory bread(block 73) failed
[   44.938617][ T3826] syz.0.160: attempt to access beyond end of device
[   44.938617][ T3826] loop0: rw=524288, sector=1736, nr_sectors = 32 limit=256
[   44.952597][ T3826] syz.0.160: attempt to access beyond end of device
[   44.952597][ T3826] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256
[   44.999569][ T3828] bridge0: port 3(veth0_to_bond) entered blocking state
[   45.006648][ T3828] bridge0: port 3(veth0_to_bond) entered disabled state
[   45.014135][ T3828] veth0_to_bond: entered allmulticast mode
[   45.021669][ T3828] veth0_to_bond: entered promiscuous mode
[   45.027879][ T3828] bridge0: port 3(veth0_to_bond) entered blocking state
[   45.029772][ T3830] serio: Serial port pts0
[   45.034906][ T3828] bridge0: port 3(veth0_to_bond) entered forwarding state
[   45.097453][ T3837] loop0: detected capacity change from 0 to 512
[   45.118522][ T3837] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.124429][ T3840] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   45.133204][ T3837] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.324631][ T3266] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.433189][ T3844] chnl_net:caif_netlink_parms(): no params data found
[   45.468337][ T3844] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.475458][ T3844] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.482790][ T3844] bridge_slave_0: entered allmulticast mode
[   45.489157][ T3844] bridge_slave_0: entered promiscuous mode
[   45.496123][ T3844] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.503282][ T3844] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.510460][ T3844] bridge_slave_1: entered allmulticast mode
[   45.516943][ T3844] bridge_slave_1: entered promiscuous mode
[   45.535193][ T3844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.545934][ T3844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.566383][ T3844] team0: Port device team_slave_0 added
[   45.572864][ T3844] team0: Port device team_slave_1 added
[   45.589314][ T3844] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.596296][ T3844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.622253][ T3844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.633820][ T3844] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.640901][ T3844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.667065][ T3844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.724160][ T3844] hsr_slave_0: entered promiscuous mode
[   45.728558][ T3867] loop3: detected capacity change from 0 to 512
[   45.736486][ T3844] hsr_slave_1: entered promiscuous mode
[   45.741644][ T3867] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.169: corrupted in-inode xattr: invalid ea_ino
[   45.755909][ T3867] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.169: couldn't read orphan inode 15 (err -117)
[   45.756116][ T3844] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.769251][ T3867] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.794151][ T3844] Cannot create hsr debugfs directory
[   45.850762][ T3867] loop3: detected capacity change from 512 to 0
[   45.860925][ T3867] syz.3.169: attempt to access beyond end of device
[   45.860925][ T3867] loop3: rw=524288, sector=10, nr_sectors = 2 limit=0
[   45.861059][ T3844] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.887669][ T3867] syz.3.169: attempt to access beyond end of device
[   45.887669][ T3867] loop3: rw=524288, sector=12, nr_sectors = 2 limit=0
[   45.901176][ T3867] syz.3.169: attempt to access beyond end of device
[   45.901176][ T3867] loop3: rw=524288, sector=16, nr_sectors = 2 limit=0
[   45.914598][ T3867] syz.3.169: attempt to access beyond end of device
[   45.914598][ T3867] loop3: rw=524288, sector=18, nr_sectors = 2 limit=0
[   45.928270][ T3867] syz.3.169: attempt to access beyond end of device
[   45.928270][ T3867] loop3: rw=524288, sector=20, nr_sectors = 2 limit=0
[   45.947753][ T3867] syz.3.169: attempt to access beyond end of device
[   45.947753][ T3867] loop3: rw=524288, sector=22, nr_sectors = 2 limit=0
[   45.961863][ T3867] syz.3.169: attempt to access beyond end of device
[   45.961863][ T3867] loop3: rw=524288, sector=24, nr_sectors = 2 limit=0
[   45.977495][ T3867] syz.3.169: attempt to access beyond end of device
[   45.977495][ T3867] loop3: rw=524288, sector=26, nr_sectors = 2 limit=0
[   45.992417][ T3844] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.009594][ T3875] EXT4-fs error (device loop3): ext4_get_inode_loc:4571: inode #12: block 7: comm syz.3.169: unable to read itable block
[   46.029153][ T3867] EXT4-fs error (device loop3): ext4_get_inode_loc:4571: inode #12: block 7: comm syz.3.169: unable to read itable block
[   46.053616][ T3867] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[   46.054384][ T3844] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.068721][ T3875] EXT4-fs (loop3): previous I/O error to superblock detected
[   46.084191][ T3875] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[   46.099036][ T3867] EXT4-fs (loop3): I/O error while writing superblock
[   46.114071][ T3844] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.132509][ T3265] EXT4-fs warning (device loop3): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[   46.175478][ T3349] EXT4-fs error (device loop3): __ext4_get_inode_loc_noinmem:4556: inode #18: block 9: comm kworker/u8:7: unable to read itable block
[   46.203644][ T3349] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[   46.216439][ T3844] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   46.230822][ T3349] EXT4-fs (loop3): I/O error while writing superblock
[   46.239855][ T3844] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   46.244725][ T3349] EXT4-fs error (device loop3): __ext4_get_inode_loc_noinmem:4556: inode #12: block 7: comm kworker/u8:7: unable to read itable block
[   46.262614][ T3844] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   46.278446][ T3349] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[   46.286961][ T3349] EXT4-fs (loop3): I/O error while writing superblock
[   46.290207][ T3844] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   46.301786][ T3265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.324550][ T3265] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[   46.343386][ T3265] EXT4-fs (loop3): I/O error while writing superblock
[   46.397302][ T3844] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.426366][ T3844] 8021q: adding VLAN 0 to HW filter on device team0
[   46.444900][ T3272] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.452025][ T3272] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.480394][ T3272] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.487569][ T3272] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.540858][ T3272] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.632334][ T3272] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.649544][ T3844] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.692809][ T3272] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.803088][ T3272] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.840154][ T3907] netlink: 'syz.0.187': attribute type 4 has an invalid length.
[   46.864407][ T3907] netlink: 'syz.0.187': attribute type 4 has an invalid length.
[   46.878978][ T3844] veth0_vlan: entered promiscuous mode
[   46.912005][ T3908] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[   46.935784][ T3908] syzkaller0: entered promiscuous mode
[   46.941813][ T3908] syzkaller0: entered allmulticast mode
[   46.964764][ T3844] veth1_vlan: entered promiscuous mode
[   46.992488][ T3272] veth0_to_bond: left allmulticast mode
[   46.998107][ T3272] veth0_to_bond: left promiscuous mode
[   47.003827][ T3272] bridge0: port 3(veth0_to_bond) entered disabled state
[   47.013744][ T3272] bridge_slave_1: left allmulticast mode
[   47.019435][ T3272] bridge_slave_1: left promiscuous mode
[   47.025201][ T3272] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.033082][ T3272] bridge_slave_0: left allmulticast mode
[   47.038720][ T3272] bridge_slave_0: left promiscuous mode
[   47.044423][ T3272] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.213636][ T3272] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   47.224119][ T3272] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   47.235844][ T3272] bond0 (unregistering): Released all slaves
[   47.246473][ T3272] bond1 (unregistering): Released all slaves
[   47.354464][ T3890] chnl_net:caif_netlink_parms(): no params data found
[   47.410074][ T3272] hsr_slave_0: left promiscuous mode
[   47.430770][ T3272] hsr_slave_1: left promiscuous mode
[   47.477809][ T3272] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   47.485394][ T3272] batman_adv: batadv0: Removing interface: batadv_slave_0
[   47.528243][ T3272] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   47.535754][ T3272] batman_adv: batadv0: Removing interface: batadv_slave_1
[   47.628248][ T3272] veth1_macvtap: left promiscuous mode
[   47.633949][ T3272] veth0_macvtap: left promiscuous mode
[   47.639484][ T3272] veth1_vlan: left promiscuous mode
[   47.644827][ T3272] veth0_vlan: left promiscuous mode
[   47.742300][ T3272] pimreg (unregistering): left allmulticast mode
[   47.782086][ T3272] team0 (unregistering): Port device team_slave_1 removed
[   47.792854][ T3272] team0 (unregistering): Port device team_slave_0 removed
[   47.848111][ T3890] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.855256][ T3890] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.862803][ T3890] bridge_slave_0: entered allmulticast mode
[   47.869281][ T3890] bridge_slave_0: entered promiscuous mode
[   47.876304][ T3890] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.883597][ T3890] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.890832][ T3890] bridge_slave_1: entered allmulticast mode
[   47.897297][ T3890] bridge_slave_1: entered promiscuous mode
[   47.918696][ T3844] veth0_macvtap: entered promiscuous mode
[   47.926813][ T3844] veth1_macvtap: entered promiscuous mode
[   47.939394][ T3844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.949997][ T3844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.959836][ T3844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.970459][ T3844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.980296][ T3844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.990751][ T3844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.000603][ T3844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.011078][ T3844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.022959][ T3844] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.039581][ T3890] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   48.050148][ T3943] __nla_validate_parse: 8 callbacks suppressed
[   48.050161][ T3943] netlink: 60 bytes leftover after parsing attributes in process `syz.1.182'.
[   48.051642][ T3844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.075708][ T3844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.085657][ T3844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.096183][ T3844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.106034][ T3844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.116509][ T3844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.126354][ T3844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.136858][ T3844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.147735][ T3943] netlink: 60 bytes leftover after parsing attributes in process `syz.1.182'.
[   48.148131][ T3844] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.175380][ T3890] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   48.196076][ T3844] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.204942][ T3844] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.213698][ T3844] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.222483][ T3844] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.229441][ T3943] netlink: 60 bytes leftover after parsing attributes in process `syz.1.182'.
[   48.248532][ T3943] netlink: 60 bytes leftover after parsing attributes in process `syz.1.182'.
[   48.280217][ T3943] netlink: 60 bytes leftover after parsing attributes in process `syz.1.182'.
[   48.284404][ T3890] team0: Port device team_slave_0 added
[   48.297785][ T3890] team0: Port device team_slave_1 added
[   48.304054][ T3943] netlink: 60 bytes leftover after parsing attributes in process `syz.1.182'.
[   48.339910][ T3959] loop4: detected capacity change from 0 to 2048
[   48.375604][ T3959] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.392980][ T3890] batman_adv: batadv0: Adding interface: batadv_slave_0
[   48.399966][ T3890] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.426001][ T3890] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   48.452499][ T3260] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.466112][ T3890] batman_adv: batadv0: Adding interface: batadv_slave_1
[   48.466211][ T3972] netlink: 64 bytes leftover after parsing attributes in process `syz.2.167'.
[   48.473101][ T3890] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.508239][ T3890] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   48.579418][ T3970] loop0: detected capacity change from 0 to 512
[   48.594104][ T3970] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[   48.609268][ T3970] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[   48.621441][ T3970] System zones: 1-12
[   48.625587][ T3970] EXT4-fs (loop0): orphan cleanup on readonly fs
[   48.635957][ T3980] loop4: detected capacity change from 0 to 2048
[   48.648847][ T3970] EXT4-fs error (device loop0): ext4_read_inode_bitmap:168: comm syz.0.191: Inode bitmap for bg 0 marked uninitialized
[   48.664540][ T3987] loop1: detected capacity change from 0 to 512
[   48.674356][ T3890] hsr_slave_0: entered promiscuous mode
[   48.687290][ T3890] hsr_slave_1: entered promiscuous mode
[   48.698687][ T3970] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   48.698856][ T3980] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.711943][   T29] kauditd_printk_skb: 112 callbacks suppressed
[   48.711957][   T29] audit: type=1326 audit(1726654338.555:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3968 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5d71b4c890 code=0x7ffc0000
[   48.753020][ T3890] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   48.753716][ T3987] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.194: corrupted in-inode xattr: invalid ea_ino
[   48.760570][ T3890] Cannot create hsr debugfs directory
[   48.793182][ T3979] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   48.815426][   T29] audit: type=1326 audit(1726654338.595:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3968 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f5d71b4cc77 code=0x7ffc0000
[   48.830829][ T3979] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   48.838645][   T29] audit: type=1326 audit(1726654338.595:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3968 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5d71b4c890 code=0x7ffc0000
[   48.850799][ T3979] EXT4-fs (loop4): This should not happen!! Data will be lost
[   48.850799][ T3979] 
[   48.873960][   T29] audit: type=1326 audit(1726654338.595:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3968 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   48.883605][ T3979] EXT4-fs (loop4): Total free blocks count 0
[   48.906812][   T29] audit: type=1326 audit(1726654338.595:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3968 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   48.912785][ T3979] EXT4-fs (loop4): Free/Dirty block details
[   48.912801][ T3979] EXT4-fs (loop4): free_blocks=2415919104
[   48.912817][ T3979] EXT4-fs (loop4): dirty_blocks=64
[   48.912832][ T3979] EXT4-fs (loop4): Block reservation details
[   48.936022][   T29] audit: type=1326 audit(1726654338.625:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3968 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5d71b4def9 code=0x7ffc0000
[   48.941985][ T3979] EXT4-fs (loop4): i_reserved_data_blocks=4
[   48.957323][ T3987] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.194: couldn't read orphan inode 15 (err -117)
[   48.958887][   T29] audit: type=1326 audit(1726654338.625:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3968 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5d71b4df33 code=0x7ffc0000
[   48.986584][ T3987] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.988033][   T29] audit: type=1326 audit(1726654338.645:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3968 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5d71b4c9df code=0x7ffc0000
[   49.058923][   T29] audit: type=1326 audit(1726654338.655:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3968 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5d71b4df87 code=0x7ffc0000
[   49.082104][   T29] audit: type=1326 audit(1726654338.655:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3968 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5d71b4c890 code=0x7ffc0000
[   49.130912][ T3987] loop1: detected capacity change from 512 to 0
[   49.141014][ T3994] EXT4-fs error (device loop1): ext4_get_inode_loc:4571: inode #12: block 7: comm syz.1.194: unable to read itable block
[   49.144458][    C1] I/O error, dev loop1, sector 10 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   49.154024][ T3994] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   49.176043][ T3294] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 26 with max blocks 26 with error 28
[   49.178040][ T3994] EXT4-fs (loop1): I/O error while writing superblock
[   49.195890][ T3266] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.271484][ T3987] EXT4-fs error (device loop1): ext4_get_inode_loc:4571: inode #12: block 7: comm syz.1.194: unable to read itable block
[   49.310838][ T3987] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   49.319232][ T3987] EXT4-fs (loop1): I/O error while writing superblock
[   49.357215][ T3264] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[   49.379426][ T4007] loop4: detected capacity change from 0 to 512
[   49.409937][ T3272] EXT4-fs error (device loop1): __ext4_get_inode_loc_noinmem:4556: inode #18: block 9: comm kworker/u8:5: unable to read itable block
[   49.424591][ T3272] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   49.434360][ T3272] EXT4-fs (loop1): I/O error while writing superblock
[   49.441320][ T3272] EXT4-fs error (device loop1): __ext4_get_inode_loc_noinmem:4556: inode #12: block 7: comm kworker/u8:5: unable to read itable block
[   49.448509][ T4007] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.455340][ T3272] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   49.476328][ T3272] EXT4-fs (loop1): I/O error while writing superblock
[   49.483761][ T4007] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.500254][ T3264] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.512083][ T3264] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   49.541478][ T3264] EXT4-fs (loop1): I/O error while writing superblock
[   49.595782][ T3260] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.618358][ T3890] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   49.633273][ T3890] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   49.656463][ T3890] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   49.665531][ T3890] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   49.718556][ T3890] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.739652][ T3890] 8021q: adding VLAN 0 to HW filter on device team0
[   49.759059][ T3349] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.766203][ T3349] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.796105][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.803231][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.825592][ T3294] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.884825][ T4047] serio: Serial port pts0
[   49.899148][ T4045] (unnamed net_device) (uninitialized): peer notification delay (31) is not a multiple of miimon (100), value rounded to 0 ms
[   49.930912][ T4051] loop4: detected capacity change from 0 to 128
[   49.963899][ T3294] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.975864][ T4051] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   49.990815][ T3890] 8021q: adding VLAN 0 to HW filter on device batadv0
[   50.021380][ T4051] ext4 filesystem being mounted at /56/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   50.058497][ T3294] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.097677][ T3260] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   50.110770][ T3294] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.198501][ T4090] loop4: detected capacity change from 0 to 2048
[   50.242829][ T4090] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.302562][ T3294] bridge_slave_1: left allmulticast mode
[   50.308249][ T3294] bridge_slave_1: left promiscuous mode
[   50.314106][ T3294] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.329020][ T3294] bridge_slave_0: left allmulticast mode
[   50.334933][ T3294] bridge_slave_0: left promiscuous mode
[   50.340867][ T3294] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.359298][ T3260] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.514199][ T3294] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   50.524838][ T3294] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   50.536920][ T3294] bond0 (unregistering): Released all slaves
[   50.549267][ T3890] veth0_vlan: entered promiscuous mode
[   50.565890][ T3890] veth1_vlan: entered promiscuous mode
[   50.617017][ T3294] hsr_slave_0: left promiscuous mode
[   50.624698][ T3294] hsr_slave_1: left promiscuous mode
[   50.632205][ T3294] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   50.639749][ T3294] batman_adv: batadv0: Removing interface: batadv_slave_0
[   50.657016][ T3294] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   50.664698][ T3294] batman_adv: batadv0: Removing interface: batadv_slave_1
[   50.682215][ T3294] veth1_macvtap: left promiscuous mode
[   50.687820][ T3294] veth0_macvtap: left promiscuous mode
[   50.693451][ T3294] veth1_vlan: left promiscuous mode
[   50.698752][ T3294] veth0_vlan: left promiscuous mode
[   50.867936][ T3294] team0 (unregistering): Port device team_slave_1 removed
[   50.879475][ T3294] team0 (unregistering): Port device team_slave_0 removed
[   50.928281][ T4055] chnl_net:caif_netlink_parms(): no params data found
[   50.940461][ T4127] netlink: 'syz.2.211': attribute type 10 has an invalid length.
[   50.956533][ T4127] 8021q: adding VLAN 0 to HW filter on device batadv0
[   50.971542][ T4127] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   50.988447][ T3890] veth0_macvtap: entered promiscuous mode
[   51.016752][ T3272] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.034726][ T3890] veth1_macvtap: entered promiscuous mode
[   51.041435][ T4140] loop0: detected capacity change from 0 to 2048
[   51.074966][ T4140] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.112567][ T4152] loop2: detected capacity change from 0 to 128
[   51.119228][ T3890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   51.129828][ T3890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.139966][ T3890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   51.150524][ T3890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.160801][ T3890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   51.171413][ T3890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.181335][ T3890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   51.191863][ T3890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.204924][ T4152] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   51.205807][ T3890] batman_adv: batadv0: Interface activated: batadv_slave_0
[   51.231785][ T3890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   51.242761][ T3890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.252634][ T3890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   51.263088][ T3890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.272949][ T3890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   51.283634][ T3890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.293523][ T3890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   51.304162][ T3890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.314554][ T3266] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.315986][ T3890] batman_adv: batadv0: Interface activated: batadv_slave_1
[   51.332584][ T3890] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   51.341482][ T3890] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   51.350191][ T3890] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   51.359014][ T3890] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   51.368794][ T3272] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   51.443732][ T4055] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.451074][ T4055] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.459201][ T4055] bridge_slave_0: entered allmulticast mode
[   51.465937][ T4055] bridge_slave_0: entered promiscuous mode
[   51.473824][ T4164] loop2: detected capacity change from 0 to 1024
[   51.474722][ T4055] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.487377][ T4055] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.495142][ T4055] bridge_slave_1: entered allmulticast mode
[   51.498434][ T4164] EXT4-fs: Ignoring removed i_version option
[   51.501739][ T4055] bridge_slave_1: entered promiscuous mode
[   51.546640][ T4164] EXT4-fs (loop2): can't mount with commit=4095, fs mounted w/o journal
[   51.579905][ T4055] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   51.599950][ T4164] SELinux:  Context system_u:object_r:clock_device_t:s0 is not valid (left unmapped).
[   51.626957][ T4055] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   51.652818][ T4167] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   51.676298][ T4055] team0: Port device team_slave_0 added
[   51.683192][ T4055] team0: Port device team_slave_1 added
[   51.700984][ T4055] batman_adv: batadv0: Adding interface: batadv_slave_0
[   51.708158][ T4055] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.734294][ T4055] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   51.746117][ T4055] batman_adv: batadv0: Adding interface: batadv_slave_1
[   51.753158][ T4055] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.779409][ T4055] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   51.810129][ T4176] loop3: detected capacity change from 0 to 256
[   51.831869][ T4176] FAT-fs (loop3): Directory bread(block 64) failed
[   51.838571][ T4176] FAT-fs (loop3): Directory bread(block 65) failed
[   51.845892][ T4176] FAT-fs (loop3): Directory bread(block 66) failed
[   51.852851][ T4176] FAT-fs (loop3): Directory bread(block 67) failed
[   51.859454][ T4176] FAT-fs (loop3): Directory bread(block 68) failed
[   51.866709][ T4176] FAT-fs (loop3): Directory bread(block 69) failed
[   51.875520][ T4055] hsr_slave_0: entered promiscuous mode
[   51.881963][ T4176] FAT-fs (loop3): Directory bread(block 70) failed
[   51.888584][ T4176] FAT-fs (loop3): Directory bread(block 71) failed
[   51.895633][ T4055] hsr_slave_1: entered promiscuous mode
[   51.902861][ T4176] FAT-fs (loop3): Directory bread(block 72) failed
[   51.909430][ T4176] FAT-fs (loop3): Directory bread(block 73) failed
[   51.916212][ T4055] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   51.929057][ T4055] Cannot create hsr debugfs directory
[   52.032029][ T4176] bio_check_eod: 75 callbacks suppressed
[   52.032048][ T4176] syz.3.175: attempt to access beyond end of device
[   52.032048][ T4176] loop3: rw=524288, sector=1736, nr_sectors = 32 limit=256
[   52.052190][ T4176] syz.3.175: attempt to access beyond end of device
[   52.052190][ T4176] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256
[   52.235293][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.251310][ T4218] netlink: 'syz.0.226': attribute type 10 has an invalid length.
[   52.281459][ T4218] 8021q: adding VLAN 0 to HW filter on device batadv0
[   52.292670][ T4230] loop4: detected capacity change from 0 to 512
[   52.294119][ T4218] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   52.313323][ T4230] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.229: corrupted in-inode xattr: invalid ea_ino
[   52.328406][ T4230] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.229: couldn't read orphan inode 15 (err -117)
[   52.341433][ T4230] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.374802][ T4234] syz.3.230[4234] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.374881][ T4234] syz.3.230[4234] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.391339][ T4230] loop4: detected capacity change from 512 to 0
[   52.444799][ T4230] syz.4.229: attempt to access beyond end of device
[   52.444799][ T4230] loop4: rw=524288, sector=10, nr_sectors = 2 limit=0
[   52.461044][ T4230] syz.4.229: attempt to access beyond end of device
[   52.461044][ T4230] loop4: rw=524288, sector=12, nr_sectors = 2 limit=0
[   52.476031][ T4230] syz.4.229: attempt to access beyond end of device
[   52.476031][ T4230] loop4: rw=524288, sector=16, nr_sectors = 2 limit=0
[   52.495549][ T4230] syz.4.229: attempt to access beyond end of device
[   52.495549][ T4230] loop4: rw=524288, sector=18, nr_sectors = 2 limit=0
[   52.506419][ T4055] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   52.516253][ T4230] syz.4.229: attempt to access beyond end of device
[   52.516253][ T4230] loop4: rw=524288, sector=20, nr_sectors = 2 limit=0
[   52.534741][ T4055] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   52.556396][ T4055] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   52.565428][ T4230] syz.4.229: attempt to access beyond end of device
[   52.565428][ T4230] loop4: rw=524288, sector=22, nr_sectors = 2 limit=0
[   52.568667][ T4055] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   52.597920][ T4230] syz.4.229: attempt to access beyond end of device
[   52.597920][ T4230] loop4: rw=524288, sector=24, nr_sectors = 2 limit=0
[   52.611741][ T4230] syz.4.229: attempt to access beyond end of device
[   52.611741][ T4230] loop4: rw=524288, sector=26, nr_sectors = 2 limit=0
[   52.626291][ T4230] EXT4-fs error (device loop4): ext4_get_inode_loc:4571: inode #12: block 7: comm syz.4.229: unable to read itable block
[   52.629379][ T4242] EXT4-fs error (device loop4): ext4_get_inode_loc:4571: inode #12: block 7: comm syz.4.229: unable to read itable block
[   52.640455][ T4230] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[   52.660116][ T4242] EXT4-fs (loop4): previous I/O error to superblock detected
[   52.685881][ T4242] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[   52.696128][ T4255] netlink: 104 bytes leftover after parsing attributes in process `syz.0.234'.
[   52.696970][ T4242] EXT4-fs (loop4): I/O error while writing superblock
[   52.725988][ T4055] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.748999][ T4055] 8021q: adding VLAN 0 to HW filter on device team0
[   52.772430][ T3349] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.779560][ T3349] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.806379][ T4259] loop2: detected capacity change from 0 to 256
[   52.827487][ T3260] EXT4-fs warning (device loop4): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[   52.844665][  T320] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.851927][  T320] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.882288][ T4262] loop0: detected capacity change from 0 to 2048
[   52.922359][ T4262] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.945496][  T320] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:4556: inode #18: block 9: comm kworker/u8:4: unable to read itable block
[   52.967670][  T320] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[   52.980087][ T3266] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.989418][  T320] EXT4-fs (loop4): I/O error while writing superblock
[   53.002617][  T320] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:4556: inode #12: block 7: comm kworker/u8:4: unable to read itable block
[   53.026102][ T4055] 8021q: adding VLAN 0 to HW filter on device batadv0
[   53.034086][  T320] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[   53.050131][  T320] EXT4-fs (loop4): I/O error while writing superblock
[   53.060451][ T4196] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.073539][ T4196] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[   53.083595][ T4196] EXT4-fs (loop4): I/O error while writing superblock
[   53.189988][ T4055] veth0_vlan: entered promiscuous mode
[   53.206117][ T4299] loop0: detected capacity change from 0 to 2048
[   53.220690][ T4055] veth1_vlan: entered promiscuous mode
[   53.255517][ T4055] veth0_macvtap: entered promiscuous mode
[   53.281320][ T4055] veth1_macvtap: entered promiscuous mode
[   53.294161][ T4299] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.301888][ T4314] loop3: detected capacity change from 0 to 2048
[   53.319388][ T4055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   53.330132][ T4055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   53.340077][ T4055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   53.350549][ T4055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   53.360473][ T4055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   53.371108][ T4055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   53.381003][ T4055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   53.391593][ T4055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   53.401520][ T4055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   53.411976][ T4055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   53.429751][ T4299] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.247: bg 0: block 234: padding at end of block bitmap is not set
[   53.449079][ T4299] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117
[   53.459707][ T4314] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.461925][ T4299] EXT4-fs (loop0): This should not happen!! Data will be lost
[   53.461925][ T4299] 
[   53.485627][ T4055] batman_adv: batadv0: Interface activated: batadv_slave_0
[   53.510171][   T50] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.524605][ T4055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   53.535142][ T4055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   53.545053][ T4055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   53.555581][ T4055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   53.565622][ T4055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   53.576084][ T4055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   53.585968][ T4055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   53.596438][ T4055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   53.606328][ T4055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   53.616803][ T4055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   53.640826][ T3266] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.659515][ T4055] batman_adv: batadv0: Interface activated: batadv_slave_1
[   53.677528][ T4055] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.686429][ T4055] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.695250][ T4055] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.704051][ T4055] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.713248][ T3890] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.743286][ T4353] loop2: detected capacity change from 0 to 512
[   53.817541][ T4353] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.841311][ T4353] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.851810][   T29] kauditd_printk_skb: 62 callbacks suppressed
[   53.851823][   T29] audit: type=1326 audit(1726654343.685:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d9c3def9 code=0x7ffc0000
[   53.878971][ T4320] chnl_net:caif_netlink_parms(): no params data found
[   53.881431][   T29] audit: type=1326 audit(1726654343.685:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d9c3def9 code=0x7ffc0000
[   53.911488][   T29] audit: type=1326 audit(1726654343.685:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50d9c3def9 code=0x7ffc0000
[   53.934723][   T29] audit: type=1326 audit(1726654343.685:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d9c3def9 code=0x7ffc0000
[   53.958055][   T29] audit: type=1326 audit(1726654343.685:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d9c3def9 code=0x7ffc0000
[   53.982007][   T29] audit: type=1326 audit(1726654343.775:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50d9c3def9 code=0x7ffc0000
[   54.005264][   T29] audit: type=1326 audit(1726654343.775:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d9c3def9 code=0x7ffc0000
[   54.028607][   T29] audit: type=1326 audit(1726654343.775:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d9c3def9 code=0x7ffc0000
[   54.052016][   T29] audit: type=1326 audit(1726654343.775:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50d9c3def9 code=0x7ffc0000
[   54.075398][   T29] audit: type=1400 audit(1726654343.805:580): avc:  denied  { read } for  pid=4352 comm="syz.2.255" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   54.144108][ T3844] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   54.159323][ T4365] loop1: detected capacity change from 0 to 512
[   54.168892][ T4365] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[   54.170165][ T4374] netlink: 104 bytes leftover after parsing attributes in process `syz.3.246'.
[   54.191240][ T4365] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[   54.199308][ T4365] System zones: 1-12
[   54.207238][ T4365] EXT4-fs (loop1): orphan cleanup on readonly fs
[   54.209043][ T4320] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.220607][ T4365] EXT4-fs error (device loop1): ext4_read_inode_bitmap:168: comm syz.1.206: Inode bitmap for bg 0 marked uninitialized
[   54.220705][ T4320] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.235044][ T4365] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   54.260581][ T4320] bridge_slave_0: entered allmulticast mode
[   54.282261][ T4320] bridge_slave_0: entered promiscuous mode
[   54.301810][ T4320] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.309034][ T4320] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.319920][ T4055] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.329905][ T4320] bridge_slave_1: entered allmulticast mode
[   54.343213][ T4385] syz.2.249[4385] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.343414][ T4385] syz.2.249[4385] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.356168][ T4320] bridge_slave_1: entered promiscuous mode
[   54.386582][ T4389] loop0: detected capacity change from 0 to 1024
[   54.408063][ T4389] EXT4-fs: test_dummy_encryption option not supported
[   54.430610][ T4320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.453144][ T4389] loop0: detected capacity change from 0 to 128
[   54.456560][ T4320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.487674][ T4389] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   54.511330][ T4389] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   54.523821][ T4320] team0: Port device team_slave_0 added
[   54.531494][ T4320] team0: Port device team_slave_1 added
[   54.550977][ T4320] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.557959][ T4320] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.584057][ T4320] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.585247][ T4320] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.585262][ T4320] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.585375][ T4320] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.692398][ T4320] hsr_slave_0: entered promiscuous mode
[   54.693041][ T4320] hsr_slave_1: entered promiscuous mode
[   54.693552][ T4320] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   54.693569][ T4320] Cannot create hsr debugfs directory
[   54.788817][ T3266] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   54.802201][ T4320] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.842535][ T4405] ALSA: seq fatal error: cannot create timer (-22)
[   54.844898][ T4406] loop3: detected capacity change from 0 to 512
[   54.876688][ T4320] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.914986][ T4320] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.970007][ T4411] syzkaller0: entered promiscuous mode
[   54.975882][ T4411] syzkaller0: entered allmulticast mode
[   54.985367][ T4320] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.056753][ T4320] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   55.065491][ T4320] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   55.074403][ T4320] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   55.083210][ T4320] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   55.213699][ T4320] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.250739][ T4320] 8021q: adding VLAN 0 to HW filter on device team0
[   55.261511][ T4426] netlink: 44 bytes leftover after parsing attributes in process `syz.2.274'.
[   55.270559][ T4426] netlink: 40 bytes leftover after parsing attributes in process `syz.2.274'.
[   55.302587][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.309708][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.324167][ T4431] loop1: detected capacity change from 0 to 512
[   55.339744][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.346915][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.360983][ T4433] loop2: detected capacity change from 0 to 512
[   55.367434][ T4431] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   55.403854][ T4433] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   55.416217][ T4431] EXT4-fs (loop1): 1 truncate cleaned up
[   55.424502][ T4320] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   55.441194][ T4431] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.461195][ T4433] EXT4-fs (loop2): 1 truncate cleaned up
[   55.469561][ T4433] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.519956][ T3844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.547562][ T4444] netlink: 44 bytes leftover after parsing attributes in process `syz.3.287'.
[   55.556520][ T4444] netlink: 40 bytes leftover after parsing attributes in process `syz.3.287'.
[   55.604960][ T4320] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.614693][ T4055] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.692865][ T4461] syz.0.281[4461] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.692959][ T4461] syz.0.281[4461] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.780280][ T4320] veth0_vlan: entered promiscuous mode
[   55.800571][ T4320] veth1_vlan: entered promiscuous mode
[   55.817198][ T4320] veth0_macvtap: entered promiscuous mode
[   55.825134][ T4320] veth1_macvtap: entered promiscuous mode
[   55.836199][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   55.846691][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   55.856755][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   55.867282][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   55.877127][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   55.887560][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   55.897380][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   55.907903][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   55.917739][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   55.928170][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   55.938151][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   55.948616][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   55.959552][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.971724][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   55.982422][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   55.992288][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   56.002841][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.012764][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   56.023235][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.033322][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   56.043766][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.053591][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   56.064023][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.073840][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   56.084314][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.095263][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.104543][ T4320] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.113298][ T4320] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.122095][ T4320] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.130803][ T4320] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.212606][ T4471] loop4: detected capacity change from 0 to 2048
[   56.223727][ T4471] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.253: bad orphan inode 8192
[   56.234362][ T4471] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.261502][ T4471] netlink: 4 bytes leftover after parsing attributes in process `syz.4.253'.
[   56.270463][ T4471] bridge_slave_1: left allmulticast mode
[   56.276246][ T4471] bridge_slave_1: left promiscuous mode
[   56.282035][ T4471] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.290034][ T4471] bridge_slave_0: left allmulticast mode
[   56.295745][ T4471] bridge_slave_0: left promiscuous mode
[   56.301439][ T4471] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.038943][ T4486] loop2: detected capacity change from 0 to 1024
[   58.249014][ T4512] loop2: detected capacity change from 0 to 764
[   58.267688][ T4516] netlink: 'syz.4.300': attribute type 1 has an invalid length.
[   58.276616][ T4512] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   58.291967][ T4516] netlink: 'syz.4.300': attribute type 9 has an invalid length.
[   58.438351][ T4518] syzkaller0: entered allmulticast mode
[   58.450872][ T4524] netlink: 'syz.3.305': attribute type 27 has an invalid length.
[   58.542785][ T4532] netlink: 64 bytes leftover after parsing attributes in process `syz.0.308'.
[   58.563732][ T4524] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.636528][ T4524] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   58.663085][ T4524] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   58.698690][ T4545] netlink: 'syz.1.314': attribute type 1 has an invalid length.
[   58.708830][ T4545] netlink: 'syz.1.314': attribute type 9 has an invalid length.
[   58.718165][ T4524] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.727289][ T4524] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.736547][ T4524] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.745768][ T4524] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.773278][ T4525] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.781447][ T4525] 8021q: adding VLAN 0 to HW filter on device team0
[   58.790995][ T4525] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   58.808963][ T4528] syzkaller0 (unregistering): left allmulticast mode
[   58.967747][ T4550] loop0: detected capacity change from 0 to 764
[   58.983917][ T4550] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   59.100582][   T29] kauditd_printk_skb: 182 callbacks suppressed
[   59.100598][   T29] audit: type=1400 audit(1726654348.935:762): avc:  denied  { create } for  pid=4560 comm="syz.1.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   59.151299][   T29] audit: type=1400 audit(1726654348.975:763): avc:  denied  { write } for  pid=4560 comm="syz.1.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   59.171633][   T29] audit: type=1400 audit(1726654348.975:764): avc:  denied  { nlmsg_read } for  pid=4560 comm="syz.1.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   59.173502][ T4563] loop2: detected capacity change from 0 to 128
[   59.257145][ T4563] netlink: 2 bytes leftover after parsing attributes in process `syz.2.320'.
[   59.264532][   T29] audit: type=1400 audit(1726654349.095:765): avc:  denied  { mount } for  pid=4556 comm="syz.2.320" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   59.387340][   T29] audit: type=1400 audit(1726654349.225:766): avc:  denied  { unmount } for  pid=3844 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   59.454769][   T29] audit: type=1326 audit(1726654349.295:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4568 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6013def9 code=0x7ffc0000
[   59.484601][ T4573] netlink: 'syz.4.328': attribute type 27 has an invalid length.
[   59.502221][   T29] audit: type=1326 audit(1726654349.325:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4568 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7fca6013def9 code=0x7ffc0000
[   59.525481][   T29] audit: type=1326 audit(1726654349.325:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4568 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6013def9 code=0x7ffc0000
[   59.548971][   T29] audit: type=1326 audit(1726654349.325:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4568 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7fca6013def9 code=0x7ffc0000
[   59.572313][   T29] audit: type=1326 audit(1726654349.325:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4568 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6013def9 code=0x7ffc0000
[   59.609609][ T4577] netlink: 'syz.2.326': attribute type 1 has an invalid length.
[   59.621376][ T4577] netlink: 'syz.2.326': attribute type 9 has an invalid length.
[   59.685038][ T4573] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   59.695650][ T4573] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   59.730638][ T4573] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   59.739590][ T4573] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   59.748556][ T4573] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   59.757468][ T4573] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   59.785929][ T4579] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.794764][ T4579] 8021q: adding VLAN 0 to HW filter on device team0
[   59.803888][ T4579] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   59.856805][ T4584] netlink: 64 bytes leftover after parsing attributes in process `syz.1.330'.
[   59.914335][ T4594] loop4: detected capacity change from 0 to 764
[   59.942599][ T4594] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   59.981659][ T4587] netlink: 'syz.0.339': attribute type 1 has an invalid length.
[   59.999868][ T4587] netlink: 'syz.0.339': attribute type 9 has an invalid length.
[   60.039092][ T4601] syz.2.335[4601] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.039170][ T4601] syz.2.335[4601] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.111330][ T4606] Illegal XDP return value 4606 on prog  (id 297) dev N/A, expect packet loss!
[   60.127119][ T4609] Unknown options in mask 5
[   60.134600][ T4610] loop0: detected capacity change from 0 to 128
[   60.167032][ T4610] netlink: 2 bytes leftover after parsing attributes in process `syz.0.334'.
[   60.176282][ T4609] loop2: detected capacity change from 0 to 2048
[   60.177249][ T4600] loop3: detected capacity change from 0 to 764
[   60.201580][ T4600] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   60.285034][ T4617] bridge: RTM_NEWNEIGH with invalid state 0x0
[   60.294314][ T4616] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   60.395561][   T36] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   60.416180][   T36] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   60.428700][   T36] EXT4-fs (loop2): This should not happen!! Data will be lost
[   60.428700][   T36] 
[   60.438402][   T36] EXT4-fs (loop2): Total free blocks count 0
[   60.444410][   T36] EXT4-fs (loop2): Free/Dirty block details
[   60.450322][   T36] EXT4-fs (loop2): free_blocks=2415919104
[   60.456090][   T36] EXT4-fs (loop2): dirty_blocks=2080
[   60.461408][   T36] EXT4-fs (loop2): Block reservation details
[   60.467517][   T36] EXT4-fs (loop2): i_reserved_data_blocks=130
[   60.472438][ T4623] netlink: 64 bytes leftover after parsing attributes in process `syz.4.345'.
[   60.484654][   T36] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 16 with error 28
[   60.497316][   T36] EXT4-fs (loop2): This should not happen!! Data will be lost
[   60.497316][   T36] 
[   60.620827][ T4633] syzkaller0: entered allmulticast mode
[   60.636041][ T4633] syzkaller0 (unregistering): left allmulticast mode
[   60.722857][ T4642] syz.3.352[4642] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.722957][ T4642] syz.3.352[4642] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.776109][ T4644] bridge: RTM_NEWNEIGH with invalid state 0x0
[   60.997597][ T4654] Unknown options in mask 5
[   61.026655][ T4654] loop0: detected capacity change from 0 to 2048
[   61.189648][ T4640] loop2: detected capacity change from 0 to 764
[   61.197532][ T4652] syzkaller0: entered allmulticast mode
[   61.203463][ T4640] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   61.217509][   T36] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, 
[   61.225899][   T36] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   61.237951][   T36] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1344 with error 28
[   61.238797][ T4652] syzkaller0 (unregistering): left allmulticast mode
[   61.250454][   T36] EXT4-fs (loop0): This should not happen!! Data will be lost
[   61.250454][   T36] 
[   61.250476][   T36] EXT4-fs (loop0): Total free blocks count 0
[   61.273263][   T36] EXT4-fs (loop0): Free/Dirty block details
[   61.279249][   T36] EXT4-fs (loop0): free_blocks=2415919104
[   61.285045][   T36] EXT4-fs (loop0): dirty_blocks=1360
[   61.290429][   T36] EXT4-fs (loop0): Block reservation details
[   61.296477][   T36] EXT4-fs (loop0): i_reserved_data_blocks=85
[   61.454092][ T4665] netlink: 64 bytes leftover after parsing attributes in process `syz.3.360'.
[   61.465772][ T4668] loop1: detected capacity change from 0 to 128
[   61.471757][ T4667] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   61.511933][ T4668] netlink: 2 bytes leftover after parsing attributes in process `syz.1.359'.
[   61.645189][ T4681] loop4: detected capacity change from 0 to 128
[   61.738984][ T4690] syz.0.374[4690] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.739188][ T4690] syz.0.374[4690] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.766355][ T4686] Unknown options in mask 5
[   61.804205][ T4686] loop4: detected capacity change from 0 to 2048
[   61.812416][ T4684] bridge: RTM_NEWNEIGH with invalid state 0x0
[   61.985563][ T4697] loop1: detected capacity change from 0 to 128
[   62.013806][ T4704] netlink: 12 bytes leftover after parsing attributes in process `syz.3.377'.
[   62.032737][ T4697] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[   62.070030][ T4704] vlan2: entered promiscuous mode
[   62.075131][ T4704] syz_tun: entered promiscuous mode
[   62.090015][ T4704] syz_tun: left promiscuous mode
[   62.103677][ T3272] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   62.132783][ T3272] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1504 with error 28
[   62.142798][ T4697] bio_check_eod: 34 callbacks suppressed
[   62.142815][ T4697] syz.1.375: attempt to access beyond end of device
[   62.142815][ T4697] loop1: rw=3, sector=6950, nr_sectors = 2 limit=128
[   62.145282][ T3272] EXT4-fs (loop4): This should not happen!! Data will be lost
[   62.145282][ T3272] 
[   62.160594][ T4697] syz.1.375: attempt to access beyond end of device
[   62.160594][ T4697] loop1: rw=2051, sector=6952, nr_sectors = 942 limit=128
[   62.164062][ T3272] EXT4-fs (loop4): Total free blocks count 0
[   62.164079][ T3272] EXT4-fs (loop4): Free/Dirty block details
[   62.164091][ T3272] EXT4-fs (loop4): free_blocks=2415919104
[   62.164103][ T3272] EXT4-fs (loop4): dirty_blocks=1520
[   62.164114][ T3272] EXT4-fs (loop4): Block reservation details
[   62.164125][ T3272] EXT4-fs (loop4): i_reserved_data_blocks=95
[   62.617481][ T4714] loop3: detected capacity change from 0 to 128
[   62.654319][ T4715] loop1: detected capacity change from 0 to 2048
[   62.810179][ T4727] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   62.824047][ T4730] loop2: detected capacity change from 0 to 128
[   62.835432][ T4729] syz.4.387[4729] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.835508][ T4729] syz.4.387[4729] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.863407][ T4730] netlink: 2 bytes leftover after parsing attributes in process `syz.2.384'.
[   62.957060][ T4732] loop3: detected capacity change from 0 to 2048
[   62.974613][ T4736] loop2: detected capacity change from 0 to 128
[   62.982237][ T4736] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[   63.003129][ T4736] syz.2.390: attempt to access beyond end of device
[   63.003129][ T4736] loop2: rw=3, sector=6950, nr_sectors = 2 limit=128
[   63.004917][ T4738] loop1: detected capacity change from 0 to 512
[   63.024828][ T4732] Alternate GPT is invalid, using primary GPT.
[   63.031198][ T4732]  loop3: p2 p3 p7
[   63.040999][ T4736] syz.2.390: attempt to access beyond end of device
[   63.040999][ T4736] loop2: rw=2051, sector=6952, nr_sectors = 942 limit=128
[   63.095014][ T2962] Alternate GPT is invalid, using primary GPT.
[   63.101485][ T2962]  loop3: p2 p3 p7
[   63.108672][ T4738] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.392: bg 0: block 248: padding at end of block bitmap is not set
[   63.133268][ T4738] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.392: Failed to acquire dquot type 1
[   63.181509][ T4738] EXT4-fs (loop1): 1 truncate cleaned up
[   63.187642][ T4738] ext4 filesystem being mounted at /31/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   63.201511][ T4636] udevd[4636]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory
[   63.217448][ T3253] udevd[3253]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   63.229616][ T3678] udevd[3678]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   63.307828][ T4750] syzkaller0: entered promiscuous mode
[   63.313416][ T4750] syzkaller0: entered allmulticast mode
[   63.704212][ T4753] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[   63.709852][ T4752] loop4: detected capacity change from 0 to 2048
[   63.838761][ T4764] syz.2.401[4764] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   63.838834][ T4764] syz.2.401[4764] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   63.852826][ T4766] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[   63.910261][ T4764] validate_nla: 8 callbacks suppressed
[   63.910279][ T4764] netlink: 'syz.2.401': attribute type 4 has an invalid length.
[   63.944088][ T4768] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[   63.974002][ T4770] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[   64.025991][ T4772] loop2: detected capacity change from 0 to 2048
[   64.065394][ T4774] dvmrp0: entered allmulticast mode
[   64.090383][ T4782] loop4: detected capacity change from 0 to 128
[   64.099590][ T4782] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[   64.111242][   T29] kauditd_printk_skb: 149 callbacks suppressed
[   64.111282][   T29] audit: type=1326 audit(1726654353.955:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f029c3fc890 code=0x7ffc0000
[   64.144515][ T4781] loop3: detected capacity change from 0 to 512
[   64.154771][ T4772] Alternate GPT is invalid, using primary GPT.
[   64.161356][ T4772]  loop2: p2 p3 p7
[   64.169091][   T29] audit: type=1326 audit(1726654353.985:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f029c3fcc77 code=0x7ffc0000
[   64.181548][ T4782] syz.4.408: attempt to access beyond end of device
[   64.181548][ T4782] loop4: rw=3, sector=6950, nr_sectors = 2 limit=128
[   64.192499][   T29] audit: type=1326 audit(1726654353.985:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f029c3fc890 code=0x7ffc0000
[   64.208430][ T4782] syz.4.408: attempt to access beyond end of device
[   64.208430][ T4782] loop4: rw=2051, sector=6952, nr_sectors = 942 limit=128
[   64.228756][   T29] audit: type=1326 audit(1726654353.985:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   64.266274][   T29] audit: type=1326 audit(1726654353.985:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   64.289863][   T29] audit: type=1326 audit(1726654353.985:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   64.313199][   T29] audit: type=1326 audit(1726654353.985:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   64.323711][ T4781] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.409: bg 0: block 248: padding at end of block bitmap is not set
[   64.336454][   T29] audit: type=1326 audit(1726654353.985:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   64.374265][   T29] audit: type=1326 audit(1726654354.085:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   64.397610][   T29] audit: type=1326 audit(1726654354.085:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   64.427948][ T4790] loop1: detected capacity change from 0 to 512
[   64.434770][ T4781] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.409: Failed to acquire dquot type 1
[   64.472822][ T4781] EXT4-fs (loop3): 1 truncate cleaned up
[   64.480509][ T4781] ext4 filesystem being mounted at /42/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.508043][ T3253] udevd[3253]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   64.521183][ T4790] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.533247][ T3250] udevd[3250]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[   64.551325][ T3678] udevd[3678]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   64.572056][ T4781] syz.3.409 (4781) used greatest stack depth: 9408 bytes left
[   64.607361][ T4799] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[   64.756532][ T4807] sch_tbf: burst 0 is lower than device lo mtu (18) !
[   64.807145][ T4813] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[   64.911759][ T4816] loop1: detected capacity change from 0 to 2048
[   64.975135][ T4816] netlink: 120 bytes leftover after parsing attributes in process `syz.1.422'.
[   64.994718][ T4824] loop4: detected capacity change from 0 to 256
[   65.029489][ T4825] loop2: detected capacity change from 0 to 512
[   65.097759][ T4825] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[   65.107894][ T4825] EXT4-fs (loop2): 1 truncate cleaned up
[   65.263337][ T4828] syz.2.425[4828] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.263509][ T4828] syz.2.425[4828] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.678788][ T4836] loop0: detected capacity change from 0 to 2048
[   65.725716][ T4840] loop2: detected capacity change from 0 to 512
[   65.738267][ T4840] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   65.758314][ T4836] Alternate GPT is invalid, using primary GPT.
[   65.764804][ T4836]  loop0: p2 p3 p7
[   65.788295][ T4840] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.800191][ T2962] Alternate GPT is invalid, using primary GPT.
[   65.806685][ T2962]  loop0: p2 p3 p7
[   65.890008][ T3675] udevd[3675]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[   65.894028][ T3253] udevd[3253]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   65.902020][ T4636] udevd[4636]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[   66.673627][ T4855] loop4: detected capacity change from 0 to 512
[   66.673758][ T4854] loop3: detected capacity change from 0 to 2048
[   66.687707][ T4857] loop2: detected capacity change from 0 to 512
[   66.702428][ T4855] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   66.711175][ T4855] EXT4-fs (loop4): 1 truncate cleaned up
[   66.713657][ T4857] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.436: corrupted in-inode xattr: invalid ea_ino
[   66.732805][ T4857] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.436: couldn't read orphan inode 15 (err -117)
[   66.740972][ T4854] netlink: 120 bytes leftover after parsing attributes in process `syz.3.437'.
[   66.784200][ T4869] syz.4.440[4869] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.784283][ T4869] syz.4.440[4869] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.871395][ T4857] loop2: detected capacity change from 512 to 0
[   66.898909][ T4874] syz.2.436: attempt to access beyond end of device
[   66.898909][ T4874] loop2: rw=524288, sector=12, nr_sectors = 2 limit=0
[   66.914180][ T4874] syz.2.436: attempt to access beyond end of device
[   66.914180][ T4874] loop2: rw=524288, sector=16, nr_sectors = 2 limit=0
[   66.927810][ T4874] syz.2.436: attempt to access beyond end of device
[   66.927810][ T4874] loop2: rw=524288, sector=18, nr_sectors = 2 limit=0
[   66.941088][ T4874] syz.2.436: attempt to access beyond end of device
[   66.941088][ T4874] loop2: rw=524288, sector=20, nr_sectors = 2 limit=0
[   66.954588][ T4874] EXT4-fs error (device loop2): ext4_get_inode_loc:4571: inode #12: block 7: comm syz.2.436: unable to read itable block
[   66.955585][    C1] I/O error, dev loop2, sector 10 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   66.967246][ T4874] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[   66.967270][ T4874] EXT4-fs (loop2): I/O error while writing superblock
[   67.022193][ T4857] EXT4-fs error (device loop2): ext4_get_inode_loc:4571: inode #12: block 7: comm syz.2.436: unable to read itable block
[   67.035087][ T4857] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[   67.045584][ T4857] EXT4-fs (loop2): I/O error while writing superblock
[   67.078521][ T3844] EXT4-fs warning (device loop2): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[   67.171305][ T3349] bio_check_eod: 16 callbacks suppressed
[   67.171320][ T3349] kworker/u8:7: attempt to access beyond end of device
[   67.171320][ T3349] loop2: rw=524288, sector=10, nr_sectors = 2 limit=0
[   67.198548][ T3349] kworker/u8:7: attempt to access beyond end of device
[   67.198548][ T3349] loop2: rw=524288, sector=12, nr_sectors = 2 limit=0
[   67.214908][ T3349] kworker/u8:7: attempt to access beyond end of device
[   67.214908][ T3349] loop2: rw=524288, sector=14, nr_sectors = 2 limit=0
[   67.229753][ T3349] kworker/u8:7: attempt to access beyond end of device
[   67.229753][ T3349] loop2: rw=524288, sector=16, nr_sectors = 2 limit=0
[   67.245479][ T3349] kworker/u8:7: attempt to access beyond end of device
[   67.245479][ T3349] loop2: rw=524288, sector=20, nr_sectors = 2 limit=0
[   67.259864][ T3349] kworker/u8:7: attempt to access beyond end of device
[   67.259864][ T3349] loop2: rw=524288, sector=22, nr_sectors = 2 limit=0
[   67.275320][ T3349] kworker/u8:7: attempt to access beyond end of device
[   67.275320][ T3349] loop2: rw=524288, sector=24, nr_sectors = 2 limit=0
[   67.290247][ T3349] kworker/u8:7: attempt to access beyond end of device
[   67.290247][ T3349] loop2: rw=524288, sector=26, nr_sectors = 2 limit=0
[   67.305820][ T3349] kworker/u8:7: attempt to access beyond end of device
[   67.305820][ T3349] loop2: rw=12288, sector=18, nr_sectors = 2 limit=0
[   67.320173][ T3349] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4556: inode #18: block 9: comm kworker/u8:7: unable to read itable block
[   67.336392][ T3349] kworker/u8:7: attempt to access beyond end of device
[   67.336392][ T3349] loop2: rw=145409, sector=2, nr_sectors = 2 limit=0
[   67.349942][ T3349] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[   67.358381][ T3349] EXT4-fs (loop2): I/O error while writing superblock
[   67.365568][ T3349] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4556: inode #12: block 7: comm kworker/u8:7: unable to read itable block
[   67.379474][ T3349] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[   67.387853][ T3349] EXT4-fs (loop2): I/O error while writing superblock
[   67.396081][ T3844] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[   67.404647][ T3844] EXT4-fs (loop2): I/O error while writing superblock
[   67.536179][ T4883] loop4: detected capacity change from 0 to 2048
[   67.587479][ T4883] Alternate GPT is invalid, using primary GPT.
[   67.594442][ T4883]  loop4: p2 p3 p7
[   67.720127][  T320] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   67.752145][ T4893] loop4: detected capacity change from 0 to 512
[   67.782267][ T4890] loop3: detected capacity change from 0 to 256
[   67.833952][ T4893] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   67.849304][ T4898] loop0: detected capacity change from 0 to 512
[   67.863936][ T4898] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[   67.887095][ T4898] EXT4-fs (loop0): 1 truncate cleaned up
[   67.893249][  T320] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   67.909614][ T4898] EXT4-fs mount: 31 callbacks suppressed
[   67.909632][ T4898] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.910096][ T4893] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   67.961893][ T4893] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.994695][  T320] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.120296][ T3266] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.154797][  T320] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.385987][  T320] bridge_slave_1: left allmulticast mode
[   68.391813][  T320] bridge_slave_1: left promiscuous mode
[   68.397571][  T320] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.450714][  T320] bridge_slave_0: left allmulticast mode
[   68.456522][  T320] bridge_slave_0: left promiscuous mode
[   68.462376][  T320] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.469899][ T4913] syz.0.454[4913] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   68.469969][ T4913] syz.0.454[4913] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   68.521358][ T4915] loop0: detected capacity change from 0 to 512
[   68.564635][ T4915] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.455: corrupted in-inode xattr: invalid ea_ino
[   68.633036][ T4915] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.455: couldn't read orphan inode 15 (err -117)
[   68.661907][ T4320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   68.662247][  T320] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   68.692553][  T320] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   68.694829][ T4915] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.724211][  T320] bond0 (unregistering): (slave batadv0): Releasing backup interface
[   68.747324][  T320] bond0 (unregistering): Released all slaves
[   68.789494][ T4922] loop4: detected capacity change from 0 to 128
[   68.820788][ T4915] loop0: detected capacity change from 512 to 0
[   68.834396][ T4915] EXT4-fs error (device loop0): ext4_get_inode_loc:4571: inode #12: block 7: comm syz.0.455: unable to read itable block
[   68.852172][ T4915] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[   68.861585][  T320] hsr_slave_0: left promiscuous mode
[   68.867897][  T320] hsr_slave_1: left promiscuous mode
[   68.875140][ T4915] EXT4-fs (loop0): I/O error while writing superblock
[   68.884565][  T320] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   68.892223][  T320] batman_adv: batadv0: Removing interface: batadv_slave_0
[   68.915163][  T320] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   68.922737][  T320] batman_adv: batadv0: Removing interface: batadv_slave_1
[   68.932834][ T4915] EXT4-fs error (device loop0): ext4_get_inode_loc:4571: inode #12: block 7: comm syz.0.455: unable to read itable block
[   68.945782][  T320] veth1_macvtap: left promiscuous mode
[   68.950374][ T4915] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[   68.951289][  T320] veth0_macvtap: left promiscuous mode
[   68.965431][ T4915] EXT4-fs (loop0): I/O error while writing superblock
[   69.029690][ T4933] netlink: 202920 bytes leftover after parsing attributes in process `syz.4.463'.
[   69.035925][ T3266] EXT4-fs warning (device loop0): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[   69.039040][ T4933] openvswitch: netlink: Flow key attr not present in new flow.
[   69.078017][   T50] EXT4-fs error (device loop0): __ext4_get_inode_loc_noinmem:4556: inode #18: block 9: comm kworker/u8:3: unable to read itable block
[   69.102827][   T50] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[   69.106356][ T4937] syz.1.475[4937] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.111396][   T50] EXT4-fs (loop0): I/O error while writing superblock
[   69.118686][ T4937] syz.1.475[4937] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.124908][   T50] EXT4-fs error (device loop0): __ext4_get_inode_loc_noinmem:4556: inode #12: block 7: comm kworker/u8:3: unable to read itable block
[   69.159203][ T4939] loop3: detected capacity change from 0 to 512
[   69.174298][   T50] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[   69.183087][ T4939] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[   69.183375][  T320] team0 (unregistering): Port device team_slave_1 removed
[   69.199810][   T50] EXT4-fs (loop0): I/O error while writing superblock
[   69.207802][ T4939] EXT4-fs (loop3): 1 truncate cleaned up
[   69.214214][ T4939] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.214229][  T320] team0 (unregistering): Port device team_slave_0 removed
[   69.230105][ T3266] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.248072][ T3266] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[   69.257143][ T3266] EXT4-fs (loop0): I/O error while writing superblock
[   69.288073][ T4886] chnl_net:caif_netlink_parms(): no params data found
[   69.319384][ T3890] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.388574][ T4950] netlink: 'syz.4.469': attribute type 3 has an invalid length.
[   69.407679][ T4886] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.414845][ T4886] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.428923][ T4886] bridge_slave_0: entered allmulticast mode
[   69.441339][ T4886] bridge_slave_0: entered promiscuous mode
[   69.449348][ T4957] syz.3.466[4957] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.449430][ T4957] syz.3.466[4957] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.451478][ T4886] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.479144][ T4886] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.486645][ T4886] bridge_slave_1: entered allmulticast mode
[   69.493294][ T4886] bridge_slave_1: entered promiscuous mode
[   69.500294][ T4950] netlink: 'syz.4.469': attribute type 3 has an invalid length.
[   69.551417][ T4886] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.575541][   T29] kauditd_printk_skb: 48 callbacks suppressed
[   69.575559][   T29] audit: type=1326 audit(1726654359.415:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4969 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   69.606551][ T4886] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.639809][   T29] audit: type=1326 audit(1726654359.445:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4969 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   69.663134][   T29] audit: type=1326 audit(1726654359.445:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4969 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   69.686407][   T29] audit: type=1326 audit(1726654359.445:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4969 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   69.709737][   T29] audit: type=1326 audit(1726654359.445:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4969 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   69.733060][   T29] audit: type=1326 audit(1726654359.445:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4969 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   69.756436][   T29] audit: type=1326 audit(1726654359.445:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4969 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   69.775582][ T4980] loop3: detected capacity change from 0 to 128
[   69.779724][   T29] audit: type=1326 audit(1726654359.445:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4969 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   69.809135][   T29] audit: type=1326 audit(1726654359.445:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4969 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   69.832610][   T29] audit: type=1326 audit(1726654359.455:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4969 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   69.891353][ T4886] team0: Port device team_slave_0 added
[   69.897894][ T4886] team0: Port device team_slave_1 added
[   69.941756][ T4886] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.948806][ T4886] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.974946][ T4886] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.994372][ T4886] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.001441][ T4886] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.027586][ T4886] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.112309][  T320] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.125495][ T5003] loop3: detected capacity change from 0 to 1024
[   70.174774][ T4886] hsr_slave_0: entered promiscuous mode
[   70.184115][ T4886] hsr_slave_1: entered promiscuous mode
[   70.184235][ T5003] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.206659][ T4886] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   70.224785][ T4886] Cannot create hsr debugfs directory
[   70.231564][  T320] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.366400][  T320] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.383408][ T4953] chnl_net:caif_netlink_parms(): no params data found
[   70.438569][  T320] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.682161][ T4953] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.689284][ T4953] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.708509][ T4953] bridge_slave_0: entered allmulticast mode
[   70.718028][ T4953] bridge_slave_0: entered promiscuous mode
[   70.758014][  T320] veth0_to_bond: left allmulticast mode
[   70.763706][  T320] veth0_to_bond: left promiscuous mode
[   70.769310][  T320] bridge0: port 3(veth0_to_bond) entered disabled state
[   70.786481][  T320] bridge_slave_1: left allmulticast mode
[   70.792282][  T320] bridge_slave_1: left promiscuous mode
[   70.797947][  T320] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.805838][  T320] bridge_slave_0: left allmulticast mode
[   70.811592][  T320] bridge_slave_0: left promiscuous mode
[   70.817384][  T320] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.914228][  T320] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   70.924846][  T320] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   70.943182][  T320] bond0 (unregistering): (slave batadv0): Releasing backup interface
[   70.964806][ T5039] netlink: 202920 bytes leftover after parsing attributes in process `syz.1.481'.
[   70.974223][ T5039] openvswitch: netlink: Flow key attr not present in new flow.
[   70.987820][  T320] bond0 (unregistering): Released all slaves
[   70.996353][ T3890] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.997050][  T320] bond1 (unregistering): Released all slaves
[   71.024093][ T4953] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.031297][ T4953] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.039254][ T4953] bridge_slave_1: entered allmulticast mode
[   71.045931][ T4953] bridge_slave_1: entered promiscuous mode
[   71.068731][  T320] hsr_slave_0: left promiscuous mode
[   71.074500][  T320] hsr_slave_1: left promiscuous mode
[   71.080240][  T320] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   71.087775][  T320] batman_adv: batadv0: Removing interface: batadv_slave_0
[   71.096851][  T320] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   71.104437][  T320] batman_adv: batadv0: Removing interface: batadv_slave_1
[   71.119648][  T320] veth1_macvtap: left promiscuous mode
[   71.125231][  T320] veth0_macvtap: left promiscuous mode
[   71.131484][ T5045] netlink: 'syz.3.483': attribute type 3 has an invalid length.
[   71.281757][  T320] team0 (unregistering): Port device team_slave_1 removed
[   71.303146][  T320] team0 (unregistering): Port device team_slave_0 removed
[   71.381607][ T4953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.397674][ T5045] netlink: 'syz.3.483': attribute type 3 has an invalid length.
[   71.434421][ T4953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.507774][ T4886] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   71.531071][ T4953] team0: Port device team_slave_0 added
[   71.537902][ T4953] team0: Port device team_slave_1 added
[   71.556334][ T4886] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   71.579357][ T4886] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   71.608318][ T4953] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.615353][ T4953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.641353][ T4953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.654554][ T4886] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   71.671037][ T4953] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.678065][ T4953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.704151][ T4953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.745105][ T4953] hsr_slave_0: entered promiscuous mode
[   71.751540][ T4953] hsr_slave_1: entered promiscuous mode
[   71.758033][ T4953] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.765881][ T4953] Cannot create hsr debugfs directory
[   71.845308][ T4886] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.892174][ T4886] 8021q: adding VLAN 0 to HW filter on device team0
[   71.920079][  T320] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.927353][  T320] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.945401][  T320] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.952494][  T320] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.981271][ T4886] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   71.991775][ T4886] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.096912][ T4886] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.179815][ T4886] veth0_vlan: entered promiscuous mode
[   72.190360][ T4886] veth1_vlan: entered promiscuous mode
[   72.211338][ T4886] veth0_macvtap: entered promiscuous mode
[   72.218701][ T4886] veth1_macvtap: entered promiscuous mode
[   72.229062][ T4886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.239557][ T4886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.249448][ T4886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.259922][ T4886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.269862][ T4886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.280349][ T4886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.293951][ T4886] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.312907][ T4886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.323515][ T4886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.333440][ T4886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.343985][ T4886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.354027][ T4886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.364579][ T4886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.375510][ T4886] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.384067][ T4886] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.392838][ T4886] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.401587][ T4886] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.410430][ T4886] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.450363][ T4953] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   72.462957][ T4953] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   72.477807][ T4953] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   72.486789][ T4953] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   72.519154][ T5136] netlink: 'syz.1.497': attribute type 3 has an invalid length.
[   72.527847][ T5136] netlink: 'syz.1.497': attribute type 3 has an invalid length.
[   72.578944][ T4953] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.615768][ T4953] 8021q: adding VLAN 0 to HW filter on device team0
[   72.636303][ T3349] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.643487][ T3349] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.687947][  T320] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.695081][  T320] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.748642][ T5157] loop4: detected capacity change from 0 to 1024
[   72.772068][ T5157] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.865332][ T5176] netlink: 202920 bytes leftover after parsing attributes in process `syz.2.494'.
[   72.874809][ T5176] openvswitch: netlink: Flow key attr not present in new flow.
[   72.914225][ T4953] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.239579][ T4953] veth0_vlan: entered promiscuous mode
[   73.283410][ T4953] veth1_vlan: entered promiscuous mode
[   73.339508][ T4953] veth0_macvtap: entered promiscuous mode
[   73.347052][ T4953] veth1_macvtap: entered promiscuous mode
[   73.357295][ T4953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.367808][ T4953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.377671][ T4953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.388217][ T4953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.398075][ T4953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.408672][ T4953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.418829][ T4953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.429343][ T4953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.450362][ T4953] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.481757][ T4953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.492277][ T4953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.502200][ T4953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.512671][ T4953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.522548][ T4953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.533204][ T4953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.543055][ T4953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.553589][ T4953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.578011][ T4953] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.631197][ T4320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.636511][ T4953] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.649002][ T4953] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.657787][ T4953] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.666635][ T4953] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.682991][ T5218] loop1: detected capacity change from 0 to 1024
[   73.694277][ T5218] EXT4-fs: Ignoring removed orlov option
[   73.699974][ T5218] EXT4-fs: Ignoring removed nomblk_io_submit option
[   73.753498][ T5218] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[   73.773580][ T5218] System zones: 0-1, 3-36
[   73.781382][ T5218] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.831207][ T5232] loop0: detected capacity change from 0 to 512
[   73.878902][ T5232] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   73.908535][ T4055] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.948334][ T5232] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   73.967500][ T5232] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.979158][ T5240] netlink: 4 bytes leftover after parsing attributes in process `syz.2.502'.
[   74.002153][ T5240] hsr_slave_1 (unregistering): left promiscuous mode
[   74.642130][ T5286] dvmrp0: entered allmulticast mode
[   74.667903][ T5288] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   74.994970][ T4953] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   75.010378][ T5295] netlink: 12 bytes leftover after parsing attributes in process `syz.4.512'.
[   75.036614][   T29] kauditd_printk_skb: 16 callbacks suppressed
[   75.036630][   T29] audit: type=1326 audit(1726654364.877:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   75.037025][ T5297] netlink: 202920 bytes leftover after parsing attributes in process `syz.0.509'.
[   75.049116][ T5299] loop4: detected capacity change from 0 to 512
[   75.066249][ T5297] openvswitch: netlink: Flow key attr not present in new flow.
[   75.075498][   T29] audit: type=1326 audit(1726654364.887:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   75.112830][   T29] audit: type=1326 audit(1726654364.887:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   75.136210][   T29] audit: type=1326 audit(1726654364.887:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   75.141878][ T5299] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   75.159578][   T29] audit: type=1326 audit(1726654364.887:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   75.170437][ T5299] EXT4-fs (loop4): 1 truncate cleaned up
[   75.190853][   T29] audit: type=1326 audit(1726654364.887:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   75.190914][   T29] audit: type=1326 audit(1726654364.887:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   75.199699][ T5299] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.219783][   T29] audit: type=1326 audit(1726654364.887:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   75.219816][   T29] audit: type=1326 audit(1726654364.887:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   75.219845][   T29] audit: type=1326 audit(1726654364.887:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029c3fdef9 code=0x7ffc0000
[   75.350467][ T4320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.390946][ T5307] loop4: detected capacity change from 0 to 1024
[   75.398729][ T5307] EXT4-fs: Ignoring removed orlov option
[   75.405127][ T5307] EXT4-fs: Ignoring removed nomblk_io_submit option
[   75.425535][ T5307] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[   75.435702][ T5307] System zones: 0-1, 3-36
[   75.441403][ T5307] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.479941][ T5307] pimreg: entered allmulticast mode
[   75.499072][ T4320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.580200][ T5311] netlink: 12 bytes leftover after parsing attributes in process `syz.3.520'.
[   75.637784][ T5322] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   75.720150][ T5326] netlink: 'syz.3.525': attribute type 1 has an invalid length.
[   75.727956][ T5326] netlink: 'syz.3.525': attribute type 4 has an invalid length.
[   75.735802][ T5326] netlink: 15334 bytes leftover after parsing attributes in process `syz.3.525'.
[   76.523903][ T5329] loop4: detected capacity change from 0 to 512
[   76.528062][ T5335] loop3: detected capacity change from 0 to 512
[   76.531742][ T5329] EXT4-fs: Ignoring removed nomblk_io_submit option
[   76.543457][ T5335] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   76.555859][ T5329] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   76.563970][ T5329] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=1842c01c, mo2=0002]
[   76.572292][ T5335] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   76.572609][ T5329] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[   76.589099][ T5336] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.594378][ T5329] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[   76.614118][ T5329] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   76.626238][ T5335] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.648079][ T5342] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.536'.
[   76.658033][ T5329] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[   76.658191][ T5337] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.536'.
[   76.669857][ T5329] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[   76.695907][ T5336] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.715792][ T4320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.744820][ T5336] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.844341][ T5336] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.886792][ T5336] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.898624][ T5336] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.909743][ T5336] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.920876][ T5336] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.976376][ T5353] netlink: 'syz.1.533': attribute type 4 has an invalid length.
[   76.991259][ T5353] netlink: 'syz.1.533': attribute type 17 has an invalid length.
[   77.366842][ T3890] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   77.478049][ T5364] netlink: 12 bytes leftover after parsing attributes in process `syz.2.535'.
[   77.551191][ T5369] loop0: detected capacity change from 0 to 1024
[   77.557992][ T5370] netlink: 'syz.2.538': attribute type 1 has an invalid length.
[   77.558584][ T5369] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   77.565703][ T5370] netlink: 'syz.2.538': attribute type 4 has an invalid length.
[   77.582305][ T5370] netlink: 15334 bytes leftover after parsing attributes in process `syz.2.538'.
[   77.587149][ T5369] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.682601][ T5372] ==================================================================
[   77.690740][ T5372] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode
[   77.699997][ T5372] 
[   77.702339][ T5372] write to 0xffff88810687e5f8 of 4 bytes by task 5369 on cpu 1:
[   77.709996][ T5372]  writeback_single_inode+0x14f/0x3f0
[   77.715419][ T5372]  sync_inode_metadata+0x5c/0x90
[   77.720421][ T5372]  generic_buffers_fsync_noflush+0xd8/0x120
[   77.726437][ T5372]  ext4_sync_file+0x1ff/0x6c0
[   77.731169][ T5372]  vfs_fsync_range+0x116/0x130
[   77.735987][ T5372]  ext4_buffered_write_iter+0x326/0x370
[   77.741580][ T5372]  ext4_file_write_iter+0x293/0xe10
[   77.746809][ T5372]  iter_file_splice_write+0x5f1/0x980
[   77.752212][ T5372]  direct_splice_actor+0x160/0x2c0
[   77.757367][ T5372]  splice_direct_to_actor+0x302/0x670
[   77.762783][ T5372]  do_splice_direct+0xd7/0x150
[   77.767590][ T5372]  do_sendfile+0x39b/0x970
[   77.772074][ T5372]  __x64_sys_sendfile64+0x110/0x150
[   77.777325][ T5372]  x64_sys_call+0xed5/0x2d60
[   77.781953][ T5372]  do_syscall_64+0xc9/0x1c0
[   77.786494][ T5372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.792444][ T5372] 
[   77.794804][ T5372] read to 0xffff88810687e5f8 of 4 bytes by task 5372 on cpu 0:
[   77.802463][ T5372]  generic_buffers_fsync_noflush+0x83/0x120
[   77.808442][ T5372]  ext4_sync_file+0x1ff/0x6c0
[   77.813200][ T5372]  vfs_fsync_range+0x116/0x130
[   77.818184][ T5372]  ext4_buffered_write_iter+0x326/0x370
[   77.823855][ T5372]  ext4_file_write_iter+0x293/0xe10
[   77.829082][ T5372]  iter_file_splice_write+0x5f1/0x980
[   77.834495][ T5372]  direct_splice_actor+0x160/0x2c0
[   77.839652][ T5372]  splice_direct_to_actor+0x302/0x670
[   77.845142][ T5372]  do_splice_direct+0xd7/0x150
[   77.849948][ T5372]  do_sendfile+0x39b/0x970
[   77.854395][ T5372]  __x64_sys_sendfile64+0x110/0x150
[   77.859719][ T5372]  x64_sys_call+0xed5/0x2d60
[   77.864366][ T5372]  do_syscall_64+0xc9/0x1c0
[   77.868904][ T5372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.874853][ T5372] 
[   77.877233][ T5372] value changed: 0x00000038 -> 0x00000002
[   77.882970][ T5372] 
[   77.885306][ T5372] Reported by Kernel Concurrency Sanitizer on:
[   77.891482][ T5372] CPU: 0 UID: 0 PID: 5372 Comm: syz.0.539 Tainted: G        W          6.11.0-syzkaller-04744-gbdf56c7580d2 #0
[   77.903250][ T5372] Tainted: [W]=WARN
[   77.907079][ T5372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   77.917270][ T5372] ==================================================================
[   77.933034][ T5372] ==================================================================
[   77.941202][ T5372] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[   77.948367][ T5372] 
[   77.950703][ T5372] write to 0xffff88810687e6e4 of 4 bytes by task 5369 on cpu 1:
[   77.958347][ T5372]  xas_set_mark+0x131/0x150
[   77.962881][ T5372]  __folio_start_writeback+0x1f1/0x450
[   77.968383][ T5372]  ext4_bio_write_folio+0x58b/0x9a0
[   77.973618][ T5372]  mpage_process_page_bufs+0x486/0x5d0
[   77.979304][ T5372]  mpage_prepare_extent_to_map+0x788/0xb80
[   77.985162][ T5372]  ext4_do_writepages+0xa20/0x2110
[   77.990312][ T5372]  ext4_writepages+0x159/0x2e0
[   77.995124][ T5372]  do_writepages+0x1d8/0x480
[   77.999836][ T5372]  filemap_fdatawrite_wbc+0xdb/0x100
[   78.005160][ T5372]  file_write_and_wait_range+0xc2/0x170
[   78.010770][ T5372]  generic_buffers_fsync_noflush+0x46/0x120
[   78.016698][ T5372]  ext4_sync_file+0x1ff/0x6c0
[   78.021417][ T5372]  vfs_fsync_range+0x116/0x130
[   78.026214][ T5372]  ext4_buffered_write_iter+0x326/0x370
[   78.031797][ T5372]  ext4_file_write_iter+0x293/0xe10
[   78.037033][ T5372]  iter_file_splice_write+0x5f1/0x980
[   78.042446][ T5372]  direct_splice_actor+0x160/0x2c0
[   78.047581][ T5372]  splice_direct_to_actor+0x302/0x670
[   78.053040][ T5372]  do_splice_direct+0xd7/0x150
[   78.057840][ T5372]  do_sendfile+0x39b/0x970
[   78.062290][ T5372]  __x64_sys_sendfile64+0x110/0x150
[   78.067522][ T5372]  x64_sys_call+0xed5/0x2d60
[   78.072144][ T5372]  do_syscall_64+0xc9/0x1c0
[   78.076676][ T5372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.082617][ T5372] 
[   78.084971][ T5372] read to 0xffff88810687e6e4 of 4 bytes by task 5372 on cpu 0:
[   78.092534][ T5372]  xas_find_marked+0x60a/0x660
[   78.097316][ T5372]  find_get_entry+0x54/0x390
[   78.101928][ T5372]  filemap_get_folios_tag+0x9e/0x210
[   78.107233][ T5372]  mpage_prepare_extent_to_map+0x329/0xb80
[   78.113091][ T5372]  ext4_do_writepages+0x6ea/0x2110
[   78.118235][ T5372]  ext4_writepages+0x159/0x2e0
[   78.123028][ T5372]  do_writepages+0x1d8/0x480
[   78.127645][ T5372]  filemap_fdatawrite_wbc+0xdb/0x100
[   78.132976][ T5372]  file_write_and_wait_range+0xc2/0x170
[   78.138570][ T5372]  generic_buffers_fsync_noflush+0x46/0x120
[   78.144504][ T5372]  ext4_sync_file+0x1ff/0x6c0
[   78.149212][ T5372]  vfs_fsync_range+0x116/0x130
[   78.154014][ T5372]  ext4_buffered_write_iter+0x326/0x370
[   78.159604][ T5372]  ext4_file_write_iter+0x293/0xe10
[   78.164856][ T5372]  iter_file_splice_write+0x5f1/0x980
[   78.170263][ T5372]  direct_splice_actor+0x160/0x2c0
[   78.175410][ T5372]  splice_direct_to_actor+0x302/0x670
[   78.180821][ T5372]  do_splice_direct+0xd7/0x150
[   78.185608][ T5372]  do_sendfile+0x39b/0x970
[   78.190056][ T5372]  __x64_sys_sendfile64+0x110/0x150
[   78.195290][ T5372]  x64_sys_call+0xed5/0x2d60
[   78.199909][ T5372]  do_syscall_64+0xc9/0x1c0
[   78.204437][ T5372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.210375][ T5372] 
[   78.212710][ T5372] value changed: 0x0a000021 -> 0x04000021
[   78.218444][ T5372] 
[   78.220778][ T5372] Reported by Kernel Concurrency Sanitizer on:
[   78.226940][ T5372] CPU: 0 UID: 0 PID: 5372 Comm: syz.0.539 Tainted: G        W          6.11.0-syzkaller-04744-gbdf56c7580d2 #0
[   78.238688][ T5372] Tainted: [W]=WARN
[   78.242494][ T5372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   78.252560][ T5372] ==================================================================
[   78.438151][ T5372] syz.0.539 (5372) used greatest stack depth: 8936 bytes left
[   78.446641][ T4953] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.