last executing test programs:

1m11.245516298s ago: executing program 4 (id=968):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r4}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@bridge_newneigh={0x28, 0x1c, 0x1, 0x70bd28, 0x25dfdbfc, {0x7, 0x0, 0x0, r2, 0x80, 0x26, 0xb}, [@NDA_LLADDR={0xa, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xc}}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x20040010)

1m11.19157411s ago: executing program 4 (id=971):
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r2, &(0x7f0000000340)={0x2, 0x4e24, @loopback}, 0x10)

1m11.089251361s ago: executing program 4 (id=974):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000001940)='kmem_cache_free\x00', r1}, 0x18)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
socket$packet(0x11, 0xa, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d00010075"], 0x54}}, 0x0)

1m10.69409639s ago: executing program 4 (id=984):
syz_mount_image$iso9660(&(0x7f0000000340), &(0x7f0000000c80)='./file0\x00', 0x1004491, &(0x7f0000000000)=ANY=[], 0x2, 0x838, &(0x7f0000000cc0)="$eJzs3U9sHFcZAPBvXDtOHDVUgEoUpekkKVIiUnfXbl2sHsp2PXamtXet3TVKhKq2apwS1WmrVlVphGhyaQGBECeOpdeql0oggZBA4gCckOiBC4dKlXoBFQQSAiGQ0c7uJv63dv44Tim/3yr7Zt988+a92fF8no1nNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACASKpTpVI5idm8tnAq7a861ajPbTK/194vVhWbrDciaf+L3btjf6dq/2evzL6z/XQkDnZeHYzd7WJ3XNh75x0PfWZwoLf8Jh26Xof7zxpa+SKJuBiRDEYsLS2+eBM6soO+/bPuxO6rXuSfy+3nmayWN+v5XGUmS/NmPZ2cmCjdd3K6mU7ns1nzdLOVzaXVRlZp1RvpserxtDw5OZ5mo6frC7WZqcps1qt88N6xUmkifXR0Pqs0mvXafY+ONocjn53NazNFzFjplWjHPNjeER/LW2krq8yl6dlzS4vjW3W1HVReVTO8asc5eM8dH778wd/OLbZ3yH6NJN0dc6xcHhsrTzww+cCDpdLgWGlsdUVpjbgcEQND0Y64KTstt9beDeoGu3vMuhkRy5/apqM33JiBbv6P2cijFgtxKtJIY6B4vvIYimpMRSPqMdd+/fuhNfPX5f/P3/fn32623pX5v5fl91+ZfSCK/H+o8+pQv/y/rhfb8Bjs12rtnU5vVta9FK/GhXg2noqlWIrFeHHtUrvWLrHB42pibvgx3CkHtrfVmciiFnk0I4k85qJS1KRFTT3SmIyJmIhSPBEnYzqakcZ05DEbWTTjdDSjFVmxR1WjEVlUohX1aEQax6IaxyONckzGZIxHGlmMxumox0LUYiamolK0cjbOFdt9fE2/7vzGkz995ncfvtmevhxU3mQgycWI2Pt+xF83CVqX7q8h/7cjBrp7947kJHbI7i3f1dVzt+W4Ddthucj/g7e6GwAAAMBNlBSfvicRMRR3FVPT+Wz2lVvdLQAAAGAbFX/XfLBdDLWn7oqkff5f2iDyvYjhHe8eAAAAsA2S4hq7JCJG4u7OVO9yqY0+BAAAAAD+BxX//3+oXYxEvFZUOP8HAACAT5hv9rvH/ge7invsjkRzfjj5+V+i0RhKLs2fuic5X2nHVc7f1lmuW3z5cout6QPJvm4jRTExeGFvEhGD1exg0rv75b+71xJ81H76z/Lycm/xfvf6T7boQGzegeJVfCcOd2IOn+mUZ3pzOmsZmc5ns9FqffahctL9cKT18nPnvhbF8L9Vm9uXxNlzS4ujTz+/dKboy6V2K5fOd28Pn/SWiuhcULFJX5Z7V1PctfGIh4oLMbrrHemst7Ry/N27yQ5sPv5k5TpfjyOdmCMjnXJk9fh3t9dZHn2oHJXKvoFWdqr18vKK0Xd7Ub4y8uHeaJNreBdej6OdmKPHjnaKDXoxtqoXz63vxdjK7X912+Kqe/Hm4ddO/f1X9SQb36oX4zfYC4Bb5Wxx158rWWhPkYX+tdzRTmhr8u6eXtq6lqPc2Su/ZezpRq/IdYOxLrun15PdX49jnZhjB4oD6+CBDfJKaYMj+gvnXvh194h+/9s/+OHjh37z7pq8HnFx31X24u043onpFvHpX/bJse0xf3dNVn2rvcRb5/tl1ebsWPLK8PhQEheL1xfuPXf+qWcWn1l8bmxsfKJ0f6n0wFgMFb8qdIs+PZV5AP6/bfUdO+9+/XJov2/hSe7f4qw6Gez9ScFoPB3Px1KciRPF1QYRcffGrY6s+DOEE1uctY7Ej37cmVGOE1ucW15pd2xt7PDRJPrEjq/YYp/7flH842a8GwCwM45skYeTuKNz259Xbu8usSbitiQ5sfK8+6sRcaBfzm3n8uPFF+dePjuOfrHlVf38Y7f84k5sFAD4hMsaHyUjrTeSRiOff6I8OVmutE5maaNefSxt5FMzWZrXWlmjerJSm8nS+Ua9Va/2Pjqeypppc2F+vt5opdP1Rjpfb+anim9+T7tf/d7M5iq1Vl5tzs9mlWaWVuu1VqXaSqfyZjWdX3hkNm+ezBrFws35rJpP59VKK6/X0mZ9oVHNRtO0mWUrAvOprNbKp/NsKM1r6Xwjn6s0LkXE7MJclk5lzWojn2/VOw321pXXpvc15opmR9cP/087vb0B4OPgpVcvPPvU0tLii9c38YerCb7VYwQAVpOlAQAAAAAAAAAAAADg42/95Xrt2mu6EHAorvvywZeGoz2x53oXb0883h3JDVzFuMnEYGxzg5tPfOGdzmC2o8H17Qz1am7f6rrPPcV7eqlbs6u7iXdoI2znxJMPP/zshUsRUdQkgys37yOv7T/5fha90W3SzsY/KRtd6vrGvohdP/lep+ZLG8TcFu1ubPNI3+sN8NoWX042+cHf0cMQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyV/wYAAP//yfVIlw==")
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r4, &(0x7f0000000100)='.\x00', 0x9000, &(0x7f0000001dc0)={0x0, 0x85, 0x20000}, 0x20)

1m10.581043992s ago: executing program 4 (id=986):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@newtfilter={0xf0, 0x28, 0xd27, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r4}, [@filter_kind_options=@f_flow={{0x9}, {0xb8, 0x2, [@TCA_FLOW_RSHIFT={0x8, 0x4, 0x8f}, @TCA_FLOW_ADDEND={0x8, 0x5, 0x800}, @TCA_FLOW_KEYS={0x8, 0x1, 0xdd96}, @TCA_FLOW_XOR={0x2, 0x7, 0x1}, @TCA_FLOW_EMATCHES={0x94, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_LIST={0x58, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0x400}, {0x400, 0x2, 0x1, "8876"}}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x7, 0x1, 0xb}, {0x6, 0x2, 0x3, 0x0, 0x6}}}, @TCF_EM_CONTAINER={0xc, 0x3, 0x0, 0x0, {{0x3}}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x2, 0x3, 0x6}, {0x5, 0x8, 0x3, 0x2fba}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x800}}]}]}}, @TCA_RATE={0x6, 0x5, {0xb8, 0x1}}]}, 0xf0}}, 0x0)

1m10.488329003s ago: executing program 4 (id=988):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0xc7)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000280), 0x84, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

1m10.460899284s ago: executing program 32 (id=988):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0xc7)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000280), 0x84, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

3.250976377s ago: executing program 5 (id=2260):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7902009875f37538e486dd6317ce62667f2c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa88"], 0xfdef)
sendmsg$NFC_CMD_SE_IO(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x8010)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.472175792s ago: executing program 5 (id=2263):
gettid()
socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0xa0000000})
r0 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = fcntl$dupfd(r2, 0x406, r2)
read$snapshot(r3, 0x0, 0xffffffbf)

1.477068621s ago: executing program 3 (id=2272):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}}, 0x0)

1.476813601s ago: executing program 5 (id=2273):
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000080), &(0x7f0000004040)}, 0x25)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r2, 0x0, 0x8000000000000}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffe}, 0x94)

1.434596212s ago: executing program 1 (id=2275):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7902009875f37538e486dd6317ce62667f2c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa88"], 0xfdef)
sendmsg$NFC_CMD_SE_IO(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x8010)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.291332285s ago: executing program 3 (id=2279):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x0, 0x0, 0xfffffff}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x8000002b)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="50000000270001000000", @ANYRES32=0x0, @ANYRES32=0x0], 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000280)={'syztnl2\x00', &(0x7f0000000340)={'ip6gre0\x00', <r2=>0x0, 0x29, 0x68, 0x7, 0x0, 0x22, @mcast2, @loopback, 0x40, 0x20, 0x800, 0x9}})
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000003c0)={@empty, @remote, r2}, 0xc)

1.234352416s ago: executing program 5 (id=2280):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x8100, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xc0}, 0x94)
recvmmsg(r0, &(0x7f0000003d40)=[{{0x0, 0x94, 0x0}, 0x5}], 0x1, 0x2, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.195849857s ago: executing program 3 (id=2282):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x100, 0x2000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)='cpuset.mem_hardwall\x00', 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080))

1.195237977s ago: executing program 1 (id=2283):
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x4, 0x127d, &(0x7f00000011c0)="$eJzs3U1rJMUfB/DfJJPH/SeTv66ruyAWelGEcZODJy9BdkEMKNEsqKdeM9EhkwcyQyAi7njyJPgyRD16E8Q3kIsXz4IgkovHPYgtyUw085BsYjIJyOdz6aK6vlXV6U5DD1303itfrK2u1MsrWSOGCoUobo5E8WGKFEMxHC3NeOHeTz8//dY7774+v7BwZzGlu/Nvz76cUpp+5vv3Pv7m2R8a1+59O/3dWOzODO39PvfL7o3dm3t/fh3VeqrW0/pGI2Xp/sZGI7tfq6Tlan21nNKbtUpWr6Tqer2y1bF/pbaxubmTsvXlqcnNrUq9nrL1nbRa2UmNQmps7aTsg6y6nsrlcpqaDM5j6auHeZ5H5PlIjEae5/lETMa1+F9MxXSUYib+H4/F43E9nogb8WQ8FTcPWl31vAEAAAAAAAAAAAAAAAAAAOC/5RHr/wvW/wMAAAAAAAAAAAAAAAAAAMDgda//L0b4/j8AAAAAAAAAAAAAAAAAAABcskd8/79r/f+L1v8DAAAAAAAAAAAAAAAAAADAIIy3NospjUesfba9tL3U2rbq51eiGrWoxO0oxR9xsPq/pVW++9rCndvpwEy8tPagnX+wvTTcmZ8dKcVMoW9+diIiUkqd+bGYPJqfi1Jc7z/+XGv8rvx4PP/cfv7TVr4cpfjx/diIWixHFNpHf5D/ZDalV99YmOjM39pvd6zhAZ8WAAAAuEjl9Lfe5/dmu1Hf/a1d7efz1G5ZOOH3ga7n82LcKl7VUXOovvPRalarVbb+ZWH0+H5Gz9dzT6EQEVkcrZme/HVxf/BT9nN4uV3QfI4Uhi+6wxMLIye3Occ5jeKp/5gDKkSzuyYvRZy1n9++PFIzfub4+QpD7cssqzVPfbFFM88HOrG+/4xjJ6WOv2cUBnxP4vL8c9KveiYAAAAAAAAAAACcRd+3/yYioud9wA97ag5fD++M9/Z8/OifX8IRAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sQPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK8CAAD//w+Ty90=")
mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002)
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
socket(0x840000000002, 0x3, 0x100)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x18)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x100000000)

953.792152ms ago: executing program 3 (id=2284):
r0 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddb, 0x10100, 0x1, 0x92}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r0, 0xd81, 0x0, 0x0, 0x0, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMIWAIT(r6, 0x545c, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r5)

759.666725ms ago: executing program 0 (id=2291):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000f8dbdf2503"], 0x114}], 0x1, 0x0, 0x0, 0x44}, 0x20004080)

703.196797ms ago: executing program 0 (id=2294):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe2$9p(0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000500)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[])

666.291287ms ago: executing program 1 (id=2295):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5875}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x1000c16, &(0x7f0000000500), 0xff, 0x260, &(0x7f0000000980)="$eJzs3U9IHFccB/DfzO7Wqkux7aVQ+gdKKa0g9lboxV5aEIpIKYW2YCmllxYtWKU37SmXHJJjSIKnXCTkFpNj8CK5JARyMokHcwkkkkMkhySwYXcU/LOJxl13gvP5wDoz+ub93jDzfSPiMAEUVl9EDEVEKSL6I6ISEcnWBh9nn76NzbnupbGIWu2Hh0mjXbad2dyvNyJmI+KriFhMk/irHDG98Mvq4+XvPjs+Vfn03MLP3R09yA1rqyvfr58dOXZx+Mvp6zfvjyQxFNVtx9V+SZPvlZOIdw6j2GsiKec9AvZj9L8Lt+q5fzciPmnkvxJpZCfvxOQbi5X44syL9j354Mb7nRwr0H61WqV+D5ytAYWTRkQ1knQgIrL1NB0YyH6Hv13qSf+emPy3/8+JqfE/8p6pgHapRqx8e7nrUu+O/N8rZfkHjqjsj1IrP47O36mvrJfyHhDQER9ki/r9v/+3mc9D/qFw5B+KS/6huOQfikv+4ehp9v+mzcg/FJf8Q3HJPxSX/ENxHTj/p54d3qCAjtiafwCgWGpdB3pquP0PIgMdl/f8AwAAAAAAAAAAAAAAAAAA7DbXvTS2+WlPj+U9W1w9HbH2TdZ0d/1S433EEW82vvY8Srb1mOyrwsv9+lGLHbTofM5PX791N9/61z7Mt/7MeMTs/xExWC43rr1tF1Sycf0d3Nt7/Lzye4sFXtHOdwN8/VNn6+/0dD7f+sPLEVfq889gs/knjfcay+bzT7V+/lqs/8+TFjsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgY54HAAD//7UiauA=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
listxattr(&(0x7f0000000180)='./file1\x00', 0x0, 0x0)

621.259158ms ago: executing program 0 (id=2297):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb8000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)

494.947111ms ago: executing program 1 (id=2299):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000004c0)={0xa, 0x0, 0x0, @mcast2, 0x28}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="05000000080000000a00000008"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

393.015482ms ago: executing program 1 (id=2300):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@nomblk_io_submit}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
creat(0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r2, 0x5, 0x4)

392.269782ms ago: executing program 2 (id=2302):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0xc048056}, 0x40040)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x2404c031}, 0x40)

351.778534ms ago: executing program 5 (id=2303):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7}, 0x18)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
write$selinux_load(r1, &(0x7f0000000000)=ANY=[], 0xffa8)

304.883015ms ago: executing program 2 (id=2304):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000740)='bridge0\x00', 0x10)
connect$inet(r0, &(0x7f0000000140)={0x2, 0xc000, @multicast1}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000000)={'lo\x00', {0x2, 0x4e23, @empty}})
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0), 0x4)

238.253465ms ago: executing program 5 (id=2305):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
setxattr$incfs_metadata(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0)
epoll_create1(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)

237.750005ms ago: executing program 0 (id=2306):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvfrom$unix(r2, &(0x7f0000000140)=""/263, 0x107, 0x0, 0x0, 0x701)

213.677206ms ago: executing program 0 (id=2307):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000080000000000000003000000180600000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r4], 0xfd45}}, 0x0)
close(0x4)

195.911917ms ago: executing program 2 (id=2308):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
tee(0xffffffffffffffff, r2, 0x100, 0xa)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0xa00, 0xb)
r4 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000140)={r3, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "280991800000598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f000000155cc30cf11d0bc000", [0x4, 0x7]}})

178.125137ms ago: executing program 2 (id=2309):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4, 0x2}, {0xc}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xfffffffffffffffe}}}]}, {0x25}, {0xffffff06}, {0xc}}}]}]}, 0x8c}}, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0xfffffe51)

99.665998ms ago: executing program 1 (id=2310):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r0, 0x1000)
r1 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
ioctl$HIDIOCGRAWPHYS(r1, 0x4004480d, 0x0)
poll(&(0x7f0000000040)=[{r0, 0x1}, {r1, 0x1000}, {r0, 0x626}, {r1, 0xc20}, {r0}], 0x5, 0x101)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@dev, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@private=0xa010101, 0x0, 0x33}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xfd}, 0x200, 0x0, 0x0, 0x7}}, 0xe8)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x80049367, &(0x7f0000000000))

99.072138ms ago: executing program 0 (id=2311):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x2, 0x0, 0x4, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1c, r4, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x1c}}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

53.082369ms ago: executing program 2 (id=2312):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)

52.117809ms ago: executing program 3 (id=2313):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x3, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe00}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x7e1f, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x300}}], 0x3, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

38.359349ms ago: executing program 2 (id=2314):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x572, &(0x7f0000001600)="$eJzs3d9rU+cbAPDnpKm/v99WENnGGAUv5nCmtt0PB7twl2OTCdu9C2ks0tRIk4rthOnFvNnNkMEYE8but3svZf/A/gphCjKkbBe76TjpSW1t0jbamur5fCDyvnlP+p7nvOd5fU9OQgLIrZH0n0LEqxHxXRIxFBFJ1laMrHFkebvFR9cq6SOJpaXP/0pa26X19t9qv+5gVnklIn7/JuJEYX2/jfmF6XKtVp3N6qPNmcujjfmFkxdnylPVqeql8YmJ0+9OjH/w/nvbFutb5/758bO7H5/+9tjiD789OHwriTNxKGtbHcem9nVtub66MhIj2TEZjDNPbDjWy46/AJJ+7wBPZSDL88FI54ChGMiyHnj5fR0RS0BOJfIfcqq9Dmhf2/d0HfwSePjR8gXQ+viLy++NxL7WtdGBxWTNlVF6vTu8Df2nfdy5f/tW+ohe34cAeAbXb0TEqWJx/fyXZPPf0zu1hW2e7MP8B8/P3XT983an9U9hZf0THdY/Bzvk7tPYPP8LD7ahm67S9d+HHde/Kzethgey2v9aa77B5MLFWjWd2/4fEcdjcG9a3+h+zunFe0vd2lav/+6kh/rRtUp7LZjtx4Pi3rWvmSw3y88S82oPb0S81nH9m6yMf9Jh/NPjcW6LfRyt3n6jW9ua+O/fvrW4Lv6dtfRLxJsdx//xHa1k4/uTo63zYbR9Vqz3982jf3Trv9/xp+N/YOP4h5PV92sbvffx875/q93a1sQfneLvfP7vSb5olfdkz10tN5uzYxF7kk/XPz/++LXtenv7NP7jxzae/zqd//sj4sstxn/zyK+vbyn+Po3/ZE/j33vh3idf/dSt/83jT8f/nVbpePZMNv8NbRTXVnfwWY8fAAAAAAAA7CaFiDgUSaG0Ui4USqXlz3cciQOFWr3RPHGhPndpMlrflR2OwUL7TvfQqs9DjGWfh23Xx5+oT0TE4Yj4fmB/q16q1GuT/Q4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/pzoN97B+w4P/kN+bVp/m/HLz0Bu5L//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+rc2bPpY2nx0bVKWp+8Mj83Xb9ycrLamC7NzFVKlfrs5dJUvT5Vq5Yq9ZnN/l6tXr88Nh5zV0eb1UZztDG/cH6mPnepef7iTHmqer46+FyiAgAAAAAAAAAAAAAAAAAAgBdLY35hulyrVWd3qpDsfBcK/SwUd8du5KdQjOfSV79nJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB47L8AAAD//84fMw8=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20042, 0x1)
fallocate(r2, 0x0, 0x0, 0x8000c62)
r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r3, r3, 0x0, 0x100000800000009)

0s ago: executing program 3 (id=2315):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb8000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)

kernel console output (not intermixed with test programs):

   90.389161][ T7070] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.396919][ T7075]  loop3: p2 p3 p7
[   90.473221][ T7070] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.496140][ T7079] loop5: detected capacity change from 0 to 1024
[   90.527693][ T7079] EXT4-fs: Ignoring removed orlov option
[   90.576725][ T7079] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.950330][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.005496][ T7087] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.037133][ T7087] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.050861][ T7091] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=7091 comm=syz.3.1256
[   91.088222][ T7087] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.123816][   T29] kauditd_printk_skb: 819 callbacks suppressed
[   91.123830][   T29] audit: type=1326 audit(1758440595.456:5286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7089 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb8ccfb5be7 code=0x7ffc0000
[   91.156180][ T7087] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.170772][   T29] audit: type=1326 audit(1758440595.486:5287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7089 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb8ccf5ae09 code=0x7ffc0000
[   91.193817][   T29] audit: type=1326 audit(1758440595.486:5288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7089 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb8ccfb5be7 code=0x7ffc0000
[   91.217115][   T29] audit: type=1326 audit(1758440595.486:5289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7089 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb8ccf5ae09 code=0x7ffc0000
[   91.240546][   T29] audit: type=1326 audit(1758440595.486:5290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7089 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fb8ccfbec29 code=0x7ffc0000
[   91.263550][   T29] audit: type=1326 audit(1758440595.506:5291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7089 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb8ccfb5be7 code=0x7ffc0000
[   91.286538][   T29] audit: type=1326 audit(1758440595.506:5292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7089 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb8ccf5ae09 code=0x7ffc0000
[   91.309381][   T29] audit: type=1326 audit(1758440595.506:5293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7089 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fb8ccfbec29 code=0x7ffc0000
[   91.361766][   T29] audit: type=1326 audit(1758440595.556:5294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7089 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb8ccfb5be7 code=0x7ffc0000
[   91.384775][   T29] audit: type=1326 audit(1758440595.556:5295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7089 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb8ccf5ae09 code=0x7ffc0000
[   91.423500][ T4012] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.443322][ T4012] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.456437][ T4012] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.467193][ T4012] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.468604][ T7116] netlink: zone id is out of range
[   92.473819][ T7116] netlink: zone id is out of range
[   92.479429][ T7116] netlink: zone id is out of range
[   92.484582][ T7116] netlink: zone id is out of range
[   92.489972][ T7116] netlink: zone id is out of range
[   92.495225][ T7116] netlink: zone id is out of range
[   92.508851][ T7116] netlink: zone id is out of range
[   92.514400][ T7116] netlink: zone id is out of range
[   92.522693][ T7116] netlink: zone id is out of range
[   92.530735][ T7116] netlink: zone id is out of range
[   92.562161][ T4012] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.574995][ T7112] lo speed is unknown, defaulting to 1000
[   92.585388][ T4012] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.621777][ T4012] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.641780][ T4012] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.210384][ T7179] __nla_validate_parse: 7 callbacks suppressed
[   93.210398][ T7179] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1288'.
[   93.318760][ T7190] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1293'.
[   93.370451][ T7195] batman_adv: batadv0: Interface deactivated: veth1_vlan
[   93.379345][ T7195] team1: left promiscuous mode
[   93.384131][ T7195] team1: left allmulticast mode
[   93.423139][ T7200] veth1_to_bond: entered allmulticast mode
[   93.432500][ T7200] veth1_to_bond: left allmulticast mode
[   93.448986][ T7204] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1300'.
[   93.542598][ T7215] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1305'.
[   93.600523][ T7219] loop5: detected capacity change from 0 to 4096
[   93.609275][ T7219] EXT4-fs: Ignoring removed nomblk_io_submit option
[   93.619098][ T7219] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.872177][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.889154][ T7251] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7251 comm=syz.2.1320
[   93.901760][ T7251] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7251 comm=syz.2.1320
[   93.936460][ T7255] tipc: Enabled bearer <eth:team0>, priority 0
[   93.981851][ T7262] netlink: 64985 bytes leftover after parsing attributes in process `syz.2.1324'.
[   94.225039][ T7285] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1335'.
[   94.236524][ T7285] batman_adv: batadv0: Removing interface: batadv_slave_0
[   94.249456][ T7285] batman_adv: batadv0: Removing interface: batadv_slave_1
[   94.375870][ T7295] loop3: detected capacity change from 0 to 256
[   94.383486][ T7295] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   94.439327][ T7295] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   94.559592][ T7306] geneve3: entered promiscuous mode
[   94.564850][ T7306] geneve3: entered allmulticast mode
[   94.826223][ T7329] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1352'.
[   95.003018][ T7341] 9pnet: p9_errstr2errno: server reported unknown error 
[   95.207343][ T7361] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1367'.
[   95.291680][ T7364] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1368'.
[   95.630350][ T7374] loop3: detected capacity change from 0 to 1024
[   95.653463][ T7374] EXT4-fs: Ignoring removed bh option
[   95.663722][ T7374] EXT4-fs: inline encryption not supported
[   95.688077][ T7374] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   95.705242][ T7374] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   95.718130][ T7374] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.1372: lblock 2 mapped to illegal pblock 2 (length 1)
[   95.756209][ T7374] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.1372: lblock 0 mapped to illegal pblock 48 (length 1)
[   95.787134][ T7374] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1372: Failed to acquire dquot type 0
[   95.806188][ T7374] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   95.819690][ T7374] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.1372: mark_inode_dirty error
[   95.831356][ T7374] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   95.841914][ T7374] EXT4-fs (loop3): 1 orphan inode deleted
[   95.848262][ T7374] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.861274][ T4012] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:55: lblock 1 mapped to illegal pblock 1 (length 1)
[   95.947441][ T4012] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:55: Failed to release dquot type 0
[   96.059156][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.074191][ T3315] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[   96.102467][ T3315] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   96.123900][ T3315] EXT4-fs error (device loop3): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[   96.249412][ T7390] netlink: 'syz.0.1379': attribute type 39 has an invalid length.
[   96.309261][ T7396] veth1_to_bond: entered allmulticast mode
[   96.315664][ T7396] veth1_to_bond: left allmulticast mode
[   96.450607][ T7403] netlink: 'syz.3.1384': attribute type 10 has an invalid length.
[   96.470414][ T7403] team0: Port device dummy0 added
[   96.486566][ T7403] netlink: 'syz.3.1384': attribute type 10 has an invalid length.
[   96.495606][ T7403] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   96.528917][ T7403] team0: Failed to send options change via netlink (err -105)
[   96.536841][ T7403] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   96.546303][ T7403] team0: Port device dummy0 removed
[   96.556197][ T7403] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   96.639191][   T29] kauditd_printk_skb: 361 callbacks suppressed
[   96.639209][   T29] audit: type=1326 audit(1758440600.976:5654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[   96.673870][ T7415] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7415 comm=syz.0.1391
[   96.686540][ T7415] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7415 comm=syz.0.1391
[   96.737800][   T29] audit: type=1326 audit(1758440601.006:5655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[   96.761535][   T29] audit: type=1326 audit(1758440601.006:5656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[   96.785193][   T29] audit: type=1326 audit(1758440601.006:5657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[   96.808674][   T29] audit: type=1326 audit(1758440601.006:5658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[   96.832181][   T29] audit: type=1326 audit(1758440601.006:5659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[   96.855717][   T29] audit: type=1326 audit(1758440601.006:5660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[   96.879205][   T29] audit: type=1326 audit(1758440601.006:5661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[   96.902663][   T29] audit: type=1326 audit(1758440601.006:5662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[   96.926136][   T29] audit: type=1326 audit(1758440601.006:5663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[   97.073794][ T7431] pimreg: entered allmulticast mode
[   97.082180][ T7431] pimreg: left allmulticast mode
[   97.093749][ T7433] loop5: detected capacity change from 0 to 512
[   97.119764][ T7433] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.132820][ T7433] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.282927][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.420412][ T7455] loop0: detected capacity change from 0 to 512
[   97.448946][ T7455] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.465958][ T7455] ext4 filesystem being mounted at /299/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.533244][ T7471] pimreg: entered allmulticast mode
[   97.540077][ T7472] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #19: comm syz.0.1408: corrupted inode contents
[   97.542666][ T7471] pimreg: left allmulticast mode
[   97.559431][ T7472] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #19: comm syz.0.1408: mark_inode_dirty error
[   97.574787][ T7472] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #19: comm syz.0.1408: corrupted inode contents
[   97.588357][ T7472] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #19: comm syz.0.1408: mark_inode_dirty error
[   97.624803][ T7472] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #19: comm syz.0.1408: mark inode dirty (error -117)
[   97.675941][ T7472] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117)
[   98.239448][ T7492] bond0: (slave dummy0): Releasing backup interface
[   98.266070][ T7492] bridge_slave_0: left allmulticast mode
[   98.271805][ T7492] bridge_slave_0: left promiscuous mode
[   98.277513][ T7492] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.288702][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.299381][ T7492] bridge_slave_1: left allmulticast mode
[   98.299539][ T7495] netlink: 'syz.3.1423': attribute type 10 has an invalid length.
[   98.305162][ T7492] bridge_slave_1: left promiscuous mode
[   98.313062][ T7495] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1423'.
[   98.318913][ T7492] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.340641][ T7492] bond0: (slave bond_slave_0): Releasing backup interface
[   98.351394][ T7492] bond0: (slave bond_slave_1): Releasing backup interface
[   98.388444][ T7492] team0: Port device team_slave_0 removed
[   98.407402][ T7492] team0: Port device team_slave_1 removed
[   98.423707][ T7492] batadv1: left allmulticast mode
[   98.428903][ T7492] batadv1: left promiscuous mode
[   98.434015][ T7492] bridge0: port 3(batadv1) entered disabled state
[   98.459741][ T7492] bond1: (slave ip6gretap0): Releasing backup interface
[   98.475919][ T7507] loop5: detected capacity change from 0 to 512
[   98.491636][ T7507] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   98.521381][ T7507] EXT4-fs (loop5): orphan cleanup on readonly fs
[   98.542092][ T7507] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.1428: corrupted inode contents
[   98.557219][ T7513] loop3: detected capacity change from 0 to 512
[   98.564775][ T7513] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   98.581774][ T7507] EXT4-fs (loop5): Remounting filesystem read-only
[   98.593655][ T7513] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.1429: invalid indirect mapped block 4294967295 (level 0)
[   98.615516][ T7507] EXT4-fs (loop5): 1 truncate cleaned up
[   98.622318][ T7517] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1430'.
[   98.631410][ T4012] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   98.631545][ T7517] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   98.642010][ T4012] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   98.657971][ T4012] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[   98.660083][ T7517] batman_adv: batadv0: Removing interface: batadv_slave_0
[   98.676944][ T7513] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.1429: invalid indirect mapped block 4294967295 (level 1)
[   98.681179][ T7507] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   98.704675][ T7517] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   98.712114][ T7517] batman_adv: batadv0: Removing interface: batadv_slave_1
[   98.712713][ T7507] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.733920][ T7513] EXT4-fs (loop3): 1 orphan inode deleted
[   98.739768][ T7513] EXT4-fs (loop3): 1 truncate cleaned up
[   98.757566][ T7513] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.785946][ T7507] lo speed is unknown, defaulting to 1000
[   98.812345][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.860900][ T7524] loop3: detected capacity change from 0 to 4096
[   98.869243][ T7524] EXT4-fs: Ignoring removed nomblk_io_submit option
[   98.878650][ T7524] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.038141][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.115653][ T7542] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1438'.
[   99.232473][ T7557] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1445'.
[   99.250365][ T7558] siw: device registration error -23
[   99.364655][ T7571] loop3: detected capacity change from 0 to 512
[   99.414908][ T7580] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1455'.
[   99.428701][ T7571] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.459846][ T7582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1456'.
[   99.502310][ T7582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1456'.
[   99.560057][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.861971][ T7606] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1467'.
[   99.920446][ T7609] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1468'.
[   99.929682][ T7609] batman_adv: batadv0: Removing interface: veth1_vlan
[  100.256836][ T7631] loop0: detected capacity change from 0 to 4096
[  100.264642][ T7631] EXT4-fs: Ignoring removed nomblk_io_submit option
[  100.275717][ T7631] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.302707][ T7634] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.348639][ T7634] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.418774][ T7634] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.490686][ T7643] unsupported nla_type 52263
[  100.499741][ T7634] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.569715][ T4015] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.582325][ T4015] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.606272][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.619107][ T4015] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.646203][ T3973] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.695721][ T7664] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7664 comm=syz.1.1490
[  100.840457][ T7679] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  100.882368][ T7683] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1500'.
[  100.900211][ T7683] 8021q: adding VLAN 0 to HW filter on device bond1
[  100.908761][ T7679] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  100.929535][ T7683] bond1 (unregistering): Released all slaves
[  100.968702][ T7679] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  101.028351][ T7679] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  101.084427][ T3973] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  101.096760][ T3993] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  101.111802][ T3993] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  101.123065][ T3993] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  101.574815][ T7717] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.649367][ T7717] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.710122][ T7717] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.794036][   T29] kauditd_printk_skb: 166 callbacks suppressed
[  101.794065][   T29] audit: type=1326 audit(101.777:5824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.2.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  101.826815][ T7717] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.856736][   T29] audit: type=1326 audit(101.827:5825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.2.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  101.879760][   T29] audit: type=1326 audit(101.827:5826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.2.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  101.902755][   T29] audit: type=1326 audit(101.827:5827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.2.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  101.925658][   T29] audit: type=1326 audit(101.827:5828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.2.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  101.948556][   T29] audit: type=1326 audit(101.827:5829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.2.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  101.971468][   T29] audit: type=1326 audit(101.827:5830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.2.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  101.994338][   T29] audit: type=1326 audit(101.827:5831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.2.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  102.017174][   T29] audit: type=1326 audit(101.827:5832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.2.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  102.040213][   T29] audit: type=1326 audit(101.827:5833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.2.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  102.116856][ T4015] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.157258][ T4015] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.195277][ T4015] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.226511][ T4015] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.268781][ T7749] netlink: 'syz.5.1526': attribute type 13 has an invalid length.
[  102.299382][ T7749] gretap0: refused to change device tx_queue_len
[  102.312193][ T7749] net_ratelimit: 2 callbacks suppressed
[  102.312209][ T7749] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  102.362791][ T7755] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.506152][ T7755] bond0 (unregistering): Released all slaves
[  102.798871][ T7773] wg2: left promiscuous mode
[  102.803582][ T7773] wg2: left allmulticast mode
[  102.814951][ T7773] wg2: entered promiscuous mode
[  102.819975][ T7773] wg2: entered allmulticast mode
[  103.354792][ T7801] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.437760][ T7801] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.505455][ T7806] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.519371][ T7801] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.539131][ T7806] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.568342][ T7801] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.596313][ T7809] __nla_validate_parse: 4 callbacks suppressed
[  103.596382][ T7809] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1552'.
[  103.630611][ T7806] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.666834][ T3993] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  103.679806][ T3993] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  103.695953][ T7813] loop5: detected capacity change from 0 to 1024
[  103.702671][ T3993] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  103.713497][ T7806] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.724701][ T7813] EXT4-fs: Ignoring removed orlov option
[  103.730609][ T3993] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  103.751987][ T7813] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.826024][ T7824] netlink: zone id is out of range
[  103.831561][ T7824] netlink: zone id is out of range
[  103.837174][ T7824] netlink: zone id is out of range
[  103.842325][ T7824] netlink: zone id is out of range
[  103.847734][ T7824] netlink: zone id is out of range
[  103.852864][ T7824] netlink: zone id is out of range
[  103.858329][ T7824] netlink: zone id is out of range
[  103.863549][ T7824] netlink: zone id is out of range
[  103.869247][ T7824] netlink: zone id is out of range
[  104.053276][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.203466][ T4012] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.215221][ T4012] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.227205][ T3973] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.238950][ T3993] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.292075][ T7837] bridge0: entered promiscuous mode
[  104.305950][ T7837] macsec1: entered promiscuous mode
[  104.313266][ T7837] bridge0: port 3(macsec1) entered blocking state
[  104.320063][ T7837] bridge0: port 3(macsec1) entered disabled state
[  104.327113][ T7837] macsec1: entered allmulticast mode
[  104.332541][ T7837] bridge0: entered allmulticast mode
[  104.339802][ T7837] macsec1: left allmulticast mode
[  104.344935][ T7837] bridge0: left allmulticast mode
[  104.352291][ T7837] bridge0: left promiscuous mode
[  104.363435][ T7841] loop0: detected capacity change from 0 to 8192
[  104.408679][ T7841]  loop0: p1 p2 < > p3 p4 < p5 >
[  104.413702][ T7841] loop0: partition table partially beyond EOD, truncated
[  104.421087][ T7841] loop0: p1 size 100663296 extends beyond EOD, truncated
[  104.430113][ T7841] loop0: p2 start 591104 is beyond EOD, truncated
[  104.436563][ T7841] loop0: p3 start 33572980 is beyond EOD, truncated
[  104.448957][ T7841] loop0: p5 size 100663296 extends beyond EOD, truncated
[  104.462892][ T7847] netlink: 248 bytes leftover after parsing attributes in process `syz.5.1564'.
[  104.485756][ T7846] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1565'.
[  104.496994][ T7846] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1565'.
[  104.530728][ T7850] pim6reg: entered allmulticast mode
[  104.538305][ T7850] pim6reg: left allmulticast mode
[  104.677291][ T7861] batman_adv: batadv0: Removing interface: veth1_vlan
[  104.733999][ T7856] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.843230][ T7856] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.890192][ T7856] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.959502][ T7856] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.611000][ T7866] netlink: 39 bytes leftover after parsing attributes in process `syz.3.1576'.
[  105.854406][ T4023] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.931394][ T4023] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.942263][ T7883] pim6reg: entered allmulticast mode
[  105.947704][ T4023] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.955964][ T7883] pim6reg: left allmulticast mode
[  105.958516][ T7891] loop5: detected capacity change from 0 to 1024
[  105.969241][ T7891] EXT4-fs: Ignoring removed bh option
[  105.975101][ T7891] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  106.012801][ T7891] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.025037][ T4023] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.112841][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.385189][ T7935] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.473674][ T7935] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.560268][ T7935] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.610092][ T7935] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.650835][   T29] kauditd_printk_skb: 589 callbacks suppressed
[  107.650851][   T29] audit: type=1326 audit(107.637:6423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7940 comm="syz.3.1601" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f031047ec29 code=0x0
[  107.744860][ T7949] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  107.808367][ T7949] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  107.898455][ T7949] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  107.951207][ T7949] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  107.999522][ T4007] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  108.011278][ T4007] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  108.027628][ T4007] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  108.036338][ T4007] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  108.512994][ T7963] loop0: detected capacity change from 0 to 128
[  108.535537][ T7963] syz.0.1620: attempt to access beyond end of device
[  108.535537][ T7963] loop0: rw=2049, sector=154, nr_sectors = 6 limit=128
[  108.577183][ T7963] syz.0.1620: attempt to access beyond end of device
[  108.577183][ T7963] loop0: rw=2049, sector=158, nr_sectors = 2 limit=128
[  108.590682][ T7963] Buffer I/O error on dev loop0, logical block 79, lost async page write
[  108.636946][ T7963] syz.0.1620: attempt to access beyond end of device
[  108.636946][ T7963] loop0: rw=2049, sector=160, nr_sectors = 2 limit=128
[  108.650480][ T7963] Buffer I/O error on dev loop0, logical block 80, lost async page write
[  108.687183][ T7963] syz.0.1620: attempt to access beyond end of device
[  108.687183][ T7963] loop0: rw=2049, sector=162, nr_sectors = 6 limit=128
[  108.717219][ T7963] syz.0.1620: attempt to access beyond end of device
[  108.717219][ T7963] loop0: rw=2049, sector=166, nr_sectors = 2 limit=128
[  108.730694][ T7963] Buffer I/O error on dev loop0, logical block 83, lost async page write
[  108.776913][ T7963] syz.0.1620: attempt to access beyond end of device
[  108.776913][ T7963] loop0: rw=2049, sector=168, nr_sectors = 2 limit=128
[  108.790404][ T7963] Buffer I/O error on dev loop0, logical block 84, lost async page write
[  108.799683][ T7963] syz.0.1620: attempt to access beyond end of device
[  108.799683][ T7963] loop0: rw=2049, sector=186, nr_sectors = 6 limit=128
[  108.814791][ T7963] syz.0.1620: attempt to access beyond end of device
[  108.814791][ T7963] loop0: rw=2049, sector=190, nr_sectors = 2 limit=128
[  108.828325][ T7963] Buffer I/O error on dev loop0, logical block 95, lost async page write
[  108.866551][ T7963] syz.0.1620: attempt to access beyond end of device
[  108.866551][ T7963] loop0: rw=2049, sector=192, nr_sectors = 2 limit=128
[  108.880107][ T7963] Buffer I/O error on dev loop0, logical block 96, lost async page write
[  108.889241][ T7963] syz.0.1620: attempt to access beyond end of device
[  108.889241][ T7963] loop0: rw=2049, sector=194, nr_sectors = 6 limit=128
[  108.903073][ T7963] Buffer I/O error on dev loop0, logical block 99, lost async page write
[  108.911626][ T7963] Buffer I/O error on dev loop0, logical block 100, lost async page write
[  108.920567][ T7963] Buffer I/O error on dev loop0, logical block 111, lost async page write
[  108.929173][ T7963] Buffer I/O error on dev loop0, logical block 112, lost async page write
[  109.340723][ T7986] pim6reg: entered allmulticast mode
[  109.348656][ T7986] pim6reg: left allmulticast mode
[  109.388916][ T7991] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  109.448478][ T7991] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  109.498058][ T7991] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  109.548516][ T7991] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  109.942263][ T4007] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.954031][ T4007] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.965498][ T3583] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.976848][ T3583] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.010232][   T29] audit: type=1326 audit(109.997:6424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7995 comm="syz.5.1621" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8e0fd2ec29 code=0x0
[  110.117784][ T4007] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  110.138583][ T4007] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  110.157405][ T4007] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  110.188408][ T4007] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  110.331219][ T8011] loop3: detected capacity change from 0 to 512
[  110.350491][ T8011] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  110.380477][ T8011] EXT4-fs (loop3): 1 truncate cleaned up
[  110.397465][ T8011] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.607273][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.642781][ T8020] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1632'.
[  110.652025][ T8020] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1632'.
[  110.879586][ T8027] netlink: 'syz.5.1636': attribute type 10 has an invalid length.
[  110.917555][ T8027] team0: Port device dummy0 added
[  110.931257][ T8027] netlink: 'syz.5.1636': attribute type 10 has an invalid length.
[  110.936995][ T8029] bridge0: entered promiscuous mode
[  110.944606][ T8029] macsec1: entered promiscuous mode
[  110.952768][ T8029] bridge0: port 3(macsec1) entered blocking state
[  110.959504][ T8029] bridge0: port 3(macsec1) entered disabled state
[  110.966269][ T8029] macsec1: entered allmulticast mode
[  110.971626][ T8029] bridge0: entered allmulticast mode
[  110.977884][ T8029] macsec1: left allmulticast mode
[  110.982947][ T8029] bridge0: left allmulticast mode
[  110.991417][ T8029] bridge0: left promiscuous mode
[  111.000833][ T8027] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  111.011756][ T8027] team0: Failed to send options change via netlink (err -105)
[  111.019393][ T8027] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  111.028608][ T8027] team0: Port device dummy0 removed
[  111.036051][ T8027] .`: (slave dummy0): Enslaving as an active interface with an up link
[  111.085777][ T8037] $Hÿ: renamed from bond0
[  111.093806][ T8038] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1648'.
[  111.095477][ T8037] $Hÿ: entered promiscuous mode
[  111.116039][ T8038] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1648'.
[  111.230983][ T8043] loop5: detected capacity change from 0 to 2048
[  111.264276][ T8043]  loop5: p2 p3 p7
[  111.330013][   T29] audit: type=1400 audit(111.317:6425): avc:  denied  { read } for  pid=8049 comm="syz.5.1644" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  111.352659][   T29] audit: type=1400 audit(111.317:6426): avc:  denied  { open } for  pid=8049 comm="syz.5.1644" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  112.065276][   T29] audit: type=1326 audit(112.047:6427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8063 comm="syz.0.1647" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb8ccfbec29 code=0x0
[  112.094200][   T29] audit: type=1400 audit(112.077:6428): avc:  denied  { mounton } for  pid=8065 comm="syz.3.1653" path="/syzcgroup/unified/syz3" dev="cgroup2" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  112.119794][   T29] audit: type=1400 audit(112.107:6429): avc:  denied  { write } for  pid=8065 comm="syz.3.1653" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  112.295551][ T8066] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.1653' sets config #0
[  112.484794][ T4007] batadv1: left allmulticast mode
[  112.489935][ T4007] batadv1: left promiscuous mode
[  112.495160][ T4007] bridge0: port 3(batadv1) entered disabled state
[  112.504082][ T4007] bridge_slave_1: left allmulticast mode
[  112.509822][ T4007] bridge_slave_1: left promiscuous mode
[  112.515583][ T4007] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.525479][ T4007] bridge_slave_0: left allmulticast mode
[  112.531317][ T4007] bridge_slave_0: left promiscuous mode
[  112.537143][ T4007] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.609513][ T4007] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  112.620754][ T4007] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  112.630411][ T4007] bond0 (unregistering): Released all slaves
[  112.639261][   T36] infiniband syz2: ib_query_port failed (-19)
[  112.674103][ T4007] batman_adv: batadv0: Removing interface: batadv_slave_0
[  112.682008][ T4007] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.693791][ T4007] pimreg (unregistering): left allmulticast mode
[  112.733041][ T4007] team0 (unregistering): Port device team_slave_1 removed
[  112.743540][ T4007] team0 (unregistering): Port device team_slave_0 removed
[  113.065199][ T4007] ------------[ cut here ]------------
[  113.070779][ T4007] WARNING: CPU: 0 PID: 4007 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x179/0x1f0
[  113.080536][ T4007] Modules linked in:
[  113.084479][ T4007] CPU: 0 UID: 0 PID: 4007 Comm: kworker/u8:50 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  113.094547][ T4007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  113.104673][ T4007] Workqueue: netns cleanup_net
[  113.109527][ T4007] RIP: 0010:xfrm_state_fini+0x179/0x1f0
[  113.115132][ T4007] Code: 48 8d bb 30 0e 00 00 e8 a5 aa bc fc 48 8b bb 30 0e 00 00 e8 39 2b c9 fc 5b 41 5e 41 5f 5d e9 4e 8e b3 00 cc e8 38 ed a1 fc 90 <0f> 0b 90 e9 d9 fe ff ff e8 2a ed a1 fc 90 0f 0b 90 4c 89 f7 e8 6e
[  113.134919][ T4007] RSP: 0018:ffffc9000f1f3c60 EFLAGS: 00010293
[  113.141063][ T4007] RAX: ffffffff84b60c18 RBX: ffff88810c510000 RCX: ffff88811a1d0000
[  113.149125][ T4007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88810c510e00
[  113.157191][ T4007] RBP: ffffffff86c8b980 R08: 0001ffff86847f7f R09: 0000000000000000
[  113.165294][ T4007] R10: ffffc9000f1f3be8 R11: 0001c9000f1f3be8 R12: ffffffff86c8b9a0
[  113.173362][ T4007] R13: ffff88810c510028 R14: ffff88810c510e00 R15: ffff88810c510000
[  113.181548][ T4007] FS:  0000000000000000(0000) GS:ffff8882aee40000(0000) knlGS:0000000000000000
[  113.190558][ T4007] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  113.197243][ T4007] CR2: 0000001b3351cff8 CR3: 00000001168fe000 CR4: 00000000003506f0
[  113.205602][ T4007] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  113.213694][ T4007] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  113.221717][ T4007] Call Trace:
[  113.225081][ T4007]  <TASK>
[  113.228075][ T4007]  xfrm_net_exit+0x2d/0x60
[  113.232524][ T4007]  ops_undo_list+0x27b/0x410
[  113.237204][ T4007]  cleanup_net+0x2de/0x4d0
[  113.241734][ T4007]  process_scheduled_works+0x4cb/0x9d0
[  113.247318][ T4007]  worker_thread+0x582/0x770
[  113.252048][ T4007]  kthread+0x489/0x510
[  113.256350][ T4007]  ? finish_task_switch+0xad/0x2b0
[  113.261548][ T4007]  ? __pfx_worker_thread+0x10/0x10
[  113.266841][ T4007]  ? __pfx_kthread+0x10/0x10
[  113.271512][ T4007]  ret_from_fork+0x11f/0x1b0
[  113.276142][ T4007]  ? __pfx_kthread+0x10/0x10
[  113.280801][ T4007]  ret_from_fork_asm+0x1a/0x30
[  113.285653][ T4007]  </TASK>
[  113.288721][ T4007] ---[ end trace 0000000000000000 ]---
[  113.295109][ T4007] ------------[ cut here ]------------
[  113.300636][ T4007] WARNING: CPU: 0 PID: 4007 at net/xfrm/xfrm_state.c:3310 xfrm_state_fini+0x1b9/0x1f0
[  113.310287][ T4007] Modules linked in:
[  113.314292][ T4007] CPU: 0 UID: 0 PID: 4007 Comm: kworker/u8:50 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  113.326100][ T4007] Tainted: [W]=WARN
[  113.329944][ T4007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  113.340057][ T4007] Workqueue: netns cleanup_net
[  113.344843][ T4007] RIP: 0010:xfrm_state_fini+0x1b9/0x1f0
[  113.350461][ T4007] Code: aa bc fc 4d 8b 3e e9 06 ff ff ff e8 11 ed a1 fc 90 0f 0b 90 4c 89 f7 e8 55 aa bc fc 4d 8b 3e e9 24 ff ff ff e8 f8 ec a1 fc 90 <0f> 0b 90 4c 89 f7 e8 3c aa bc fc 4d 8b 3e e9 42 ff ff ff e8 df ec
[  113.370277][ T4007] RSP: 0018:ffffc9000f1f3c60 EFLAGS: 00010293
[  113.376457][ T4007] RAX: ffffffff84b60c58 RBX: ffff88810c510000 RCX: ffff88811a1d0000
[  113.384503][ T4007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881162c62c0
[  113.392579][ T4007] RBP: 0000000000000040 R08: 000188810c510e1f R09: 0000000000000000
[  113.400732][ T4007] R10: ffff8881162c6340 R11: 00018881162c633f R12: ffffffff86c8b9a0
[  113.408765][ T4007] R13: ffff88810c510028 R14: ffff88810c510e18 R15: ffff8881162c62c0
[  113.416770][ T4007] FS:  0000000000000000(0000) GS:ffff8882aee40000(0000) knlGS:0000000000000000
[  113.425771][ T4007] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  113.432437][ T4007] CR2: 0000001b3351cff8 CR3: 00000001168fe000 CR4: 00000000003506f0
[  113.440470][ T4007] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  113.448487][ T4007] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  113.456780][ T4007] Call Trace:
[  113.460492][ T4007]  <TASK>
[  113.463622][ T4007]  xfrm_net_exit+0x2d/0x60
[  113.468238][ T4007]  ops_undo_list+0x27b/0x410
[  113.472873][ T4007]  cleanup_net+0x2de/0x4d0
[  113.477426][ T4007]  process_scheduled_works+0x4cb/0x9d0
[  113.482968][ T4007]  worker_thread+0x582/0x770
[  113.487670][ T4007]  kthread+0x489/0x510
[  113.491833][ T4007]  ? finish_task_switch+0xad/0x2b0
[  113.497026][ T4007]  ? __pfx_worker_thread+0x10/0x10
[  113.502192][ T4007]  ? __pfx_kthread+0x10/0x10
[  113.506848][ T4007]  ret_from_fork+0x11f/0x1b0
[  113.511538][ T4007]  ? __pfx_kthread+0x10/0x10
[  113.516238][ T4007]  ret_from_fork_asm+0x1a/0x30
[  113.521114][ T4007]  </TASK>
[  113.524151][ T4007] ---[ end trace 0000000000000000 ]---
[  113.530640][ T4007] ------------[ cut here ]------------
[  113.536111][ T4007] WARNING: CPU: 0 PID: 4007 at net/xfrm/xfrm_state.c:3312 xfrm_state_fini+0x1d2/0x1f0
[  113.545763][ T4007] Modules linked in:
[  113.549774][ T4007] CPU: 0 UID: 0 PID: 4007 Comm: kworker/u8:50 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  113.561507][ T4007] Tainted: [W]=WARN
[  113.565321][ T4007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  113.575464][ T4007] Workqueue: netns cleanup_net
[  113.580303][ T4007] RIP: 0010:xfrm_state_fini+0x1d2/0x1f0
[  113.585966][ T4007] Code: aa bc fc 4d 8b 3e e9 24 ff ff ff e8 f8 ec a1 fc 90 0f 0b 90 4c 89 f7 e8 3c aa bc fc 4d 8b 3e e9 42 ff ff ff e8 df ec a1 fc 90 <0f> 0b 90 4c 89 f7 e8 23 aa bc fc 4d 8b 3e e9 60 ff ff ff 66 66 2e
[  113.605754][ T4007] RSP: 0018:ffffc9000f1f3c60 EFLAGS: 00010293
[  113.612177][ T4007] RAX: ffffffff84b60c71 RBX: ffff88810c510000 RCX: ffff88811a1d0000
[  113.620235][ T4007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881162c6280
[  113.628644][ T4007] RBP: 0000000000000040 R08: 000188810c510e17 R09: 0000000000000000
[  113.636774][ T4007] R10: ffff8881162c6300 R11: 00018881162c62ff R12: ffffffff86c8b9a0
[  113.642934][ T8091] loop5: detected capacity change from 0 to 1024
[  113.645023][ T4007] R13: ffff88810c510028 R14: ffff88810c510e10 R15: ffff8881162c6280
[  113.659306][ T4007] FS:  0000000000000000(0000) GS:ffff8882aee40000(0000) knlGS:0000000000000000
[  113.668306][ T4007] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  113.674972][ T4007] CR2: 0000001b3351cff8 CR3: 0000000006834000 CR4: 00000000003506f0
[  113.683146][ T4007] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  113.691176][ T4007] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  113.698200][ T8083] netlink: 'syz.2.1668': attribute type 30 has an invalid length.
[  113.699227][ T4007] Call Trace:
[  113.710659][ T4007]  <TASK>
[  113.713610][ T4007]  xfrm_net_exit+0x2d/0x60
[  113.714243][ T8091] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  113.718083][ T4007]  ops_undo_list+0x27b/0x410
[  113.734401][ T8091] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 3: comm syz.5.1661: lblock 3 mapped to illegal pblock 3 (length 3)
[  113.734694][ T4007]  cleanup_net+0x2de/0x4d0
[  113.750473][ T8091] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  113.753156][ T4007]  process_scheduled_works+0x4cb/0x9d0
[  113.765463][ T8091] EXT4-fs (loop5): This should not happen!! Data will be lost
[  113.765463][ T8091] 
[  113.770986][ T4007]  worker_thread+0x582/0x770
[  113.771082][ T4007]  kthread+0x489/0x510
[  113.789435][ T4007]  ? finish_task_switch+0xad/0x2b0
[  113.794646][ T4007]  ? __pfx_worker_thread+0x10/0x10
[  113.799821][ T4007]  ? __pfx_kthread+0x10/0x10
[  113.804566][ T4007]  ret_from_fork+0x11f/0x1b0
[  113.809367][ T4007]  ? __pfx_kthread+0x10/0x10
[  113.813994][ T4007]  ret_from_fork_asm+0x1a/0x30
[  113.818807][ T4007]  </TASK>
[  113.821886][ T4007] ---[ end trace 0000000000000000 ]---
[  113.830615][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  113.960387][ T8116] loop0: detected capacity change from 0 to 512
[  113.975343][ T8116] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  113.988843][ T8116] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.1669: invalid indirect mapped block 4294967295 (level 0)
[  114.004260][ T8116] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.1669: invalid indirect mapped block 4294967295 (level 1)
[  114.021213][ T8116] EXT4-fs (loop0): 1 orphan inode deleted
[  114.027200][ T8116] EXT4-fs (loop0): 1 truncate cleaned up
[  114.033701][ T8116] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.090741][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.465492][ T8179] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1672'.
[  114.476239][ T8179] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1672'.
[  114.505631][   T29] audit: type=1326 audit(114.487:6430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8184 comm="syz.2.1674" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb25c69ec29 code=0x0
[  114.974995][ T8246] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1681'.
[  115.019585][ T8246] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1681'.
[  115.571750][ T8281] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  115.580581][ T8279] loop3: detected capacity change from 0 to 2048
[  115.597632][   T29] audit: type=1400 audit(115.567:6431): avc:  denied  { relabelto } for  pid=8278 comm="syz.0.1694" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  115.623140][   T29] audit: type=1400 audit(115.567:6432): avc:  denied  { associate } for  pid=8278 comm="syz.0.1694" name="/" dev="cgroup2" ino=1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[  115.655765][   T29] audit: type=1400 audit(115.587:6433): avc:  denied  { unmount } for  pid=3305 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  115.683021][ T8279] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.792064][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.812526][ T8296] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1689'.
[  115.813846][ T8298] loop0: detected capacity change from 0 to 4096
[  115.828344][ T8298] EXT4-fs: Ignoring removed nomblk_io_submit option
[  115.840100][ T8296] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1689'.
[  115.870192][ T8298] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.905890][ T8307] netlink: 'syz.2.1696': attribute type 12 has an invalid length.
[  115.913814][ T8307] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1696'.
[  115.981678][ T4020] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  115.995642][ T8307] netlink: 'syz.2.1696': attribute type 12 has an invalid length.
[  116.003601][ T8307] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1696'.
[  116.017085][ T4020] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  116.037787][ T4020] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  116.054680][ T3583] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  116.068285][ T8313] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.118843][ T8313] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.168622][ T8313] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.198816][ T8313] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.262656][ T3583] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.271189][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.298264][ T3583] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.313514][ T3583] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.328621][ T3583] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.724318][ T8410] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.792799][ T8412] loop5: detected capacity change from 0 to 2048
[  116.802091][ T8410] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.848820][ T8410] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.865156][ T8412]  loop5: p2 p3 p7
[  116.909080][ T8410] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.948301][ T8448] loop5: detected capacity change from 0 to 164
[  116.973054][ T4020] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  116.990137][ T3590] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  117.010681][ T3583] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  117.034396][ T3590] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  117.121946][ T8467] loop0: detected capacity change from 0 to 2048
[  117.167514][ T8467]  loop0: p1 < > p4
[  117.173926][ T8467] loop0: p4 size 8388608 extends beyond EOD, truncated
[  117.241528][   T29] audit: type=1400 audit(117.227:6434): avc:  denied  { ioctl } for  pid=8483 comm="syz.5.1732" path="/dev/virtual_nci" dev="devtmpfs" ino=132 ioctlcmd=0x0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  117.384169][ T8504] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  117.428917][   T29] audit: type=1400 audit(117.417:6435): avc:  denied  { ioctl } for  pid=8514 comm="syz.0.1739" path="socket:[24531]" dev="sockfs" ino=24531 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  117.476938][ T8523] loop5: detected capacity change from 0 to 512
[  117.488031][   T29] audit: type=1326 audit(117.477:6436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8524 comm="syz.1.1742" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f93cd12ec29 code=0x0
[  117.491937][ T8523] EXT4-fs: Ignoring removed nobh option
[  117.530430][ T8529] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  117.548920][ T8523] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -117
[  117.565824][ T8523] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1741: invalid indirect mapped block 256 (level 1)
[  117.580922][ T8529] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  117.602446][ T8523] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1741: invalid indirect mapped block 2683928664 (level 1)
[  117.632617][ T8523] EXT4-fs (loop5): 1 truncate cleaned up
[  117.639743][ T8529] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  117.648953][ T8523] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.693040][ T8523] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.1741: Invalid block bitmap block 3 in block_group 0
[  117.710738][ T8523] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.1741: Invalid block bitmap block 3 in block_group 0
[  117.724697][ T8523] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.1741: Invalid block bitmap block 3 in block_group 0
[  117.740354][ T8529] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  117.763911][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.835460][ T3590] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  117.846191][ T3590] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  117.864656][ T3590] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  117.876646][ T4007] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  118.388132][   T29] audit: type=1326 audit(118.377:6437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8569 comm="syz.2.1750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  118.411370][   T29] audit: type=1326 audit(118.377:6438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8569 comm="syz.2.1750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  118.434344][   T29] audit: type=1326 audit(118.377:6439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8569 comm="syz.2.1750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  118.475294][ T8573] loop5: detected capacity change from 0 to 512
[  118.482446][ T8573] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  118.493805][ T8573] EXT4-fs (loop5): 1 truncate cleaned up
[  118.500904][ T8573] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.552468][ T8576] loop0: detected capacity change from 0 to 4096
[  118.560016][ T8576] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.570476][ T8576] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.588521][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.800690][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.335260][ T8677] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.409984][ T8677] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.476395][ T8677] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.507146][   T29] kauditd_printk_skb: 483 callbacks suppressed
[  119.507162][   T29] audit: type=1326 audit(119.497:6923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8584 comm="syz.5.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e0fd25be7 code=0x7ffc0000
[  119.547276][ T8677] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.559287][   T29] audit: type=1326 audit(119.497:6924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8584 comm="syz.5.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8e0fccae09 code=0x7ffc0000
[  119.582092][   T29] audit: type=1326 audit(119.497:6925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8584 comm="syz.5.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f8e0fd2ec29 code=0x7ffc0000
[  119.604860][   T29] audit: type=1326 audit(119.497:6926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8584 comm="syz.5.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e0fd25be7 code=0x7ffc0000
[  119.627771][   T29] audit: type=1326 audit(119.497:6927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8584 comm="syz.5.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8e0fccae09 code=0x7ffc0000
[  119.650612][   T29] audit: type=1326 audit(119.497:6928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8584 comm="syz.5.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f8e0fd2ec29 code=0x7ffc0000
[  119.673289][   T29] audit: type=1326 audit(119.497:6929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8584 comm="syz.5.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e0fd25be7 code=0x7ffc0000
[  119.696042][   T29] audit: type=1326 audit(119.497:6930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8584 comm="syz.5.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8e0fccae09 code=0x7ffc0000
[  119.719025][   T29] audit: type=1326 audit(119.497:6931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8584 comm="syz.5.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f8e0fd2ec29 code=0x7ffc0000
[  119.741822][   T29] audit: type=1326 audit(119.527:6932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8584 comm="syz.5.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e0fd25be7 code=0x7ffc0000
[  119.869212][ T8702] loop5: detected capacity change from 0 to 4096
[  119.876174][ T8702] EXT4-fs: Ignoring removed nomblk_io_submit option
[  119.889426][ T8702] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.061048][ T3583] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.090572][ T3583] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.118476][ T3583] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.137132][ T3583] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.228417][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.275634][ T8738] netlink: 'syz.1.1774': attribute type 1 has an invalid length.
[  120.308773][ T8741] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1772'.
[  120.332121][ T8738] 8021q: adding VLAN 0 to HW filter on device bond2
[  120.519773][ T8758] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1772'.
[  121.077793][ T8787] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8787 comm=syz.5.1785
[  121.090367][ T8787] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8787 comm=syz.5.1785
[  121.258877][ T8811] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  121.284844][ T8813] loop3: detected capacity change from 0 to 512
[  121.293712][ T8813] EXT4-fs (loop3): orphan cleanup on readonly fs
[  121.301675][ T8813] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.1788: bad orphan inode 13
[  121.312371][ T8813] ext4_test_bit(bit=12, block=18) = 1
[  121.317944][ T8813] is_bad_inode(inode)=0
[  121.322192][ T8813] NEXT_ORPHAN(inode)=2130706432
[  121.327193][ T8813] max_ino=32
[  121.330404][ T8813] i_nlink=1
[  121.334129][ T8813] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  121.348817][ T8813] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  121.367746][ T8813] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1788: bg 0: block 248: padding at end of block bitmap is not set
[  121.382548][ T8813] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1788: Failed to acquire dquot type 1
[  121.394406][ T8813] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  121.435370][ T8813] syz.3.1788 (8813) used greatest stack depth: 9400 bytes left
[  121.443433][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.506379][ T8819] bridge: RTM_NEWNEIGH with invalid ether address
[  121.598688][ T8829] sctp: [Deprecated]: syz.3.1796 (pid 8829) Use of struct sctp_assoc_value in delayed_ack socket option.
[  121.598688][ T8829] Use struct sctp_sack_info instead
[  121.636626][ T8831] pim6reg1: entered promiscuous mode
[  121.642242][ T8831] pim6reg1: entered allmulticast mode
[  121.845159][ T8847] loop3: detected capacity change from 0 to 1024
[  121.852326][ T8847] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  121.862405][ T8847] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  121.872419][ T8847] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  121.883025][ T8847] EXT4-fs error (device loop3): ext4_get_journal_inode:5800: inode #32: comm syz.3.1805: iget: special inode unallocated
[  121.896166][ T8847] EXT4-fs (loop3): no journal found
[  121.901477][ T8847] EXT4-fs (loop3): can't get journal size
[  121.909939][ T8847] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  121.935561][ T8847] EXT4-fs error (device loop3): ext4_inlinedir_to_tree:1314: inode #12: block 16: comm syz.3.1805: path /328/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=20, inode=13, rec_len=16, size=60 fake=0
[  122.001110][ T8857] loop5: detected capacity change from 0 to 512
[  122.013536][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.022686][ T8857] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  122.050367][ T8857] EXT4-fs (loop5): 1 truncate cleaned up
[  122.056539][ T8857] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.086540][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.170377][ T8881] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8881 comm=syz.5.1819
[  122.298490][ T8906] net_ratelimit: 2 callbacks suppressed
[  122.298567][ T8906] openvswitch: netlink: Message has 6 unknown bytes.
[  122.473495][ T8916] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1832'.
[  123.523354][ T8951] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1845'.
[  123.537967][ T3406] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  123.559513][ T3406] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  123.769050][ T8965] loop5: detected capacity change from 0 to 4096
[  123.787836][ T8965] EXT4-fs: Ignoring removed nomblk_io_submit option
[  123.805992][ T8965] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.833592][ T8943] syz.2.1840 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  123.847578][ T8943] CPU: 1 UID: 0 PID: 8943 Comm: syz.2.1840 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  123.847646][ T8943] Tainted: [W]=WARN
[  123.847655][ T8943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  123.847676][ T8943] Call Trace:
[  123.847684][ T8943]  <TASK>
[  123.847719][ T8943]  __dump_stack+0x1d/0x30
[  123.847740][ T8943]  dump_stack_lvl+0xe8/0x140
[  123.847763][ T8943]  dump_stack+0x15/0x1b
[  123.847781][ T8943]  dump_header+0x81/0x220
[  123.847876][ T8943]  oom_kill_process+0x342/0x400
[  123.847918][ T8943]  out_of_memory+0x979/0xb80
[  123.847960][ T8943]  try_charge_memcg+0x5e6/0x9e0
[  123.848051][ T8943]  obj_cgroup_charge_pages+0xa6/0x150
[  123.848092][ T8943]  __memcg_kmem_charge_page+0x9f/0x170
[  123.848132][ T8943]  __alloc_frozen_pages_noprof+0x188/0x360
[  123.848232][ T8943]  alloc_pages_mpol+0x1e0/0x250
[  123.848290][ T8943]  alloc_pages_noprof+0x90/0x130
[  123.848330][ T8943]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  123.848464][ T8943]  __kvmalloc_node_noprof+0x30f/0x4e0
[  123.848515][ T8943]  ? ip_set_alloc+0x1f/0x30
[  123.848584][ T8943]  ? ip_set_alloc+0x1f/0x30
[  123.848610][ T8943]  ? __kmalloc_cache_noprof+0x189/0x320
[  123.848650][ T8943]  ip_set_alloc+0x1f/0x30
[  123.848676][ T8943]  hash_netiface_create+0x282/0x740
[  123.848734][ T8943]  ? __pfx_hash_netiface_create+0x10/0x10
[  123.848764][ T8943]  ip_set_create+0x3c9/0x960
[  123.848807][ T8943]  ? __nla_parse+0x40/0x60
[  123.848881][ T8943]  nfnetlink_rcv_msg+0x4c3/0x590
[  123.848925][ T8943]  netlink_rcv_skb+0x123/0x220
[  123.848951][ T8943]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  123.848980][ T8943]  nfnetlink_rcv+0x16b/0x1690
[  123.849070][ T8943]  ? insn_get_prefixes+0x99d/0xbe0
[  123.849104][ T8943]  ? insn_get_prefixes+0x99d/0xbe0
[  123.849144][ T8943]  ? inat_get_opcode_attribute+0xc/0x20
[  123.849179][ T8943]  ? insn_get_opcode+0x750/0x790
[  123.849216][ T8943]  ? insn_get_modrm+0x32a/0x360
[  123.849247][ T8943]  ? insn_get_modrm+0x32a/0x360
[  123.849330][ T8943]  ? __rcu_read_lock+0x37/0x50
[  123.849356][ T8943]  ? free_unref_folios+0xaf/0x750
[  123.849393][ T8943]  ? __pte_offset_map_lock+0x1d4/0x230
[  123.849480][ T8943]  ? css_rstat_updated+0xb7/0x240
[  123.849576][ T8943]  ? __rcu_read_unlock+0x4f/0x70
[  123.849604][ T8943]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  123.849699][ T8943]  ? xfd_validate_state+0x45/0xf0
[  123.849744][ T8943]  ? should_fail_ex+0x30/0x280
[  123.849774][ T8943]  ? selinux_nlmsg_lookup+0x99/0x890
[  123.849817][ T8943]  ? __rcu_read_unlock+0x34/0x70
[  123.849855][ T8943]  ? __netlink_lookup+0x266/0x2a0
[  123.849890][ T8943]  netlink_unicast+0x5bd/0x690
[  123.849917][ T8943]  netlink_sendmsg+0x58b/0x6b0
[  123.849949][ T8943]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.850162][ T8943]  __sock_sendmsg+0x142/0x180
[  123.850246][ T8943]  ____sys_sendmsg+0x31e/0x4e0
[  123.850278][ T8943]  ___sys_sendmsg+0x17b/0x1d0
[  123.850323][ T8943]  __x64_sys_sendmsg+0xd4/0x160
[  123.850370][ T8943]  x64_sys_call+0x191e/0x2ff0
[  123.850395][ T8943]  do_syscall_64+0xd2/0x200
[  123.850457][ T8943]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  123.850485][ T8943]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  123.850520][ T8943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.850545][ T8943] RIP: 0033:0x7fb25c69ec29
[  123.850563][ T8943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.850592][ T8943] RSP: 002b:00007fb25b0ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.850671][ T8943] RAX: ffffffffffffffda RBX: 00007fb25c8e5fa0 RCX: 00007fb25c69ec29
[  123.850688][ T8943] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[  123.850704][ T8943] RBP: 00007fb25c721e41 R08: 0000000000000000 R09: 0000000000000000
[  123.850720][ T8943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  123.850736][ T8943] R13: 00007fb25c8e6038 R14: 00007fb25c8e5fa0 R15: 00007fffd9301f18
[  123.850760][ T8943]  </TASK>
[  123.850776][ T8943] memory: usage 307200kB, limit 307200kB, failcnt 462
[  124.242129][ T8943] memory+swap: usage 307524kB, limit 9007199254740988kB, failcnt 0
[  124.250073][ T8943] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  124.257407][ T8943] Memory cgroup stats for /syz2:
[  124.257795][ T8943] cache 4096
[  124.265949][ T8943] rss 0
[  124.268783][ T8943] shmem 0
[  124.271794][ T8943] mapped_file 0
[  124.275259][ T8943] dirty 0
[  124.278236][ T8943] writeback 0
[  124.281554][ T8943] workingset_refault_anon 33
[  124.286167][ T8943] workingset_refault_file 356
[  124.290909][ T8943] swap 331776
[  124.294245][ T8943] swapcached 4096
[  124.297915][ T8943] pgpgin 131260
[  124.301398][ T8943] pgpgout 131258
[  124.304963][ T8943] pgfault 166775
[  124.308527][ T8943] pgmajfault 35
[  124.312015][ T8943] inactive_anon 0
[  124.315650][ T8943] active_anon 4096
[  124.319547][ T8943] inactive_file 0
[  124.323221][ T8943] active_file 4096
[  124.327032][ T8943] unevictable 0
[  124.330499][ T8943] hierarchical_memory_limit 314572800
[  124.335861][ T8943] hierarchical_memsw_limit 9223372036854771712
[  124.342052][ T8943] total_cache 4096
[  124.345850][ T8943] total_rss 0
[  124.349257][ T8943] total_shmem 0
[  124.352729][ T8943] total_mapped_file 0
[  124.356725][ T8943] total_dirty 0
[  124.360220][ T8943] total_writeback 0
[  124.364034][ T8943] total_workingset_refault_anon 33
[  124.369283][ T8943] total_workingset_refault_file 356
[  124.374526][ T8943] total_swap 331776
[  124.378368][ T8943] total_swapcached 4096
[  124.382627][ T8943] total_pgpgin 131260
[  124.386720][ T8943] total_pgpgout 131258
[  124.390853][ T8943] total_pgfault 166775
[  124.394942][ T8943] total_pgmajfault 35
[  124.398970][ T8943] total_inactive_anon 0
[  124.403133][ T8943] total_active_anon 4096
[  124.407432][ T8943] total_inactive_file 0
[  124.411591][ T8943] total_active_file 4096
[  124.415844][ T8943] total_unevictable 0
[  124.419911][ T8943] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.1840,pid=8942,uid=0
[  124.434725][ T8943] Memory cgroup out of memory: Killed process 8942 (syz.2.1840) total-vm:95808kB, anon-rss:1072kB, file-rss:22328kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  124.488308][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.511736][ T8977] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1853'.
[  125.152664][    T9] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=9 comm=kworker/0:0
[  125.165449][ T9016] loop5: detected capacity change from 0 to 128
[  125.174902][ T9018] 9pnet: p9_errstr2errno: server reported unknown error 18446744073
[  125.223529][ T9016] bio_check_eod: 32 callbacks suppressed
[  125.223555][ T9016] syz.5.1869: attempt to access beyond end of device
[  125.223555][ T9016] loop5: rw=0, sector=2072, nr_sectors = 1 limit=128
[  125.310318][   T29] kauditd_printk_skb: 620 callbacks suppressed
[  125.310336][   T29] audit: type=1400 audit(125.297:7551): avc:  denied  { listen } for  pid=9022 comm="syz.5.1872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  125.937279][ T9043] 9pnet: p9_errstr2errno: server reported unknown error 
[  126.121763][ T9054] atomic_op ffff88812eb25928 conn xmit_atomic 0000000000000000
[  126.529976][ T8943] syz.2.1840 (8943) used greatest stack depth: 7512 bytes left
[  126.572070][ T9068] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1892'.
[  126.629826][   T29] audit: type=1326 audit(126.617:7552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9069 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93cd12ec29 code=0x7ffc0000
[  126.676679][   T29] audit: type=1326 audit(126.637:7553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9069 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f93cd12ec29 code=0x7ffc0000
[  126.704959][    T9] IPVS: starting estimator thread 0...
[  126.724135][   T29] audit: type=1326 audit(126.707:7554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9069 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93cd12ec29 code=0x7ffc0000
[  126.747246][   T29] audit: type=1326 audit(126.707:7555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9069 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93cd12ec29 code=0x7ffc0000
[  126.827395][ T9073] IPVS: using max 1776 ests per chain, 88800 per kthread
[  126.840070][ T9082] loop5: detected capacity change from 0 to 1024
[  126.848578][ T9082] EXT4-fs: Ignoring removed nomblk_io_submit option
[  126.855961][ T9082] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  126.918941][   T29] audit: type=1400 audit(126.887:7556): avc:  denied  { create } for  pid=9077 comm="syz.1.1896" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=iucv_socket permissive=1
[  126.973025][ T9082] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.335891][ T9109] loop3: detected capacity change from 0 to 512
[  127.396947][   T29] audit: type=1326 audit(127.327:7557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9106 comm="syz.1.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93cd12ec29 code=0x7ffc0000
[  127.419793][   T29] audit: type=1326 audit(127.327:7558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9106 comm="syz.1.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93cd12ec29 code=0x7ffc0000
[  127.442725][   T29] audit: type=1326 audit(127.327:7559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9106 comm="syz.1.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f93cd12ec29 code=0x7ffc0000
[  127.465683][   T29] audit: type=1326 audit(127.337:7560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9106 comm="syz.1.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93cd12ec29 code=0x7ffc0000
[  127.489970][ T9109] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.529883][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.849458][ T9121] loop0: detected capacity change from 0 to 128
[  127.858737][ T9121] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  127.905494][ T9124] tipc: Started in network mode
[  127.910622][ T9124] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  127.919987][ T9124] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  127.928301][ T9124] tipc: Enabled bearer <udp:sy>, priority 10
[  128.029853][ T3305] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  128.088146][ T9130] loop0: detected capacity change from 0 to 2048
[  128.131563][ T9130] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  128.240781][ T9130] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  128.295319][ T9130] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  128.307765][ T9130] EXT4-fs (loop0): This should not happen!! Data will be lost
[  128.307765][ T9130] 
[  128.317493][ T9130] EXT4-fs (loop0): Total free blocks count 0
[  128.323536][ T9130] EXT4-fs (loop0): Free/Dirty block details
[  128.329508][ T9130] EXT4-fs (loop0): free_blocks=2415919104
[  128.335287][ T9130] EXT4-fs (loop0): dirty_blocks=32
[  128.340670][ T9130] EXT4-fs (loop0): Block reservation details
[  128.346694][ T9130] EXT4-fs (loop0): i_reserved_data_blocks=2
[  128.410350][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  128.533430][ T9170] loop0: detected capacity change from 0 to 128
[  128.561647][ T9170] FAT-fs (loop0): Directory bread(block 32) failed
[  128.568602][ T9170] FAT-fs (loop0): Directory bread(block 33) failed
[  128.575165][ T9170] FAT-fs (loop0): Directory bread(block 34) failed
[  128.582752][ T9170] FAT-fs (loop0): Directory bread(block 35) failed
[  128.589420][ T9170] FAT-fs (loop0): Directory bread(block 36) failed
[  128.608769][ T9170] FAT-fs (loop0): Directory bread(block 37) failed
[  128.615403][ T9170] FAT-fs (loop0): Directory bread(block 38) failed
[  128.624575][ T9170] FAT-fs (loop0): Directory bread(block 39) failed
[  128.649996][ T9109] syz.3.1908 (9109) used greatest stack depth: 7096 bytes left
[  128.657869][ T9170] FAT-fs (loop0): Directory bread(block 40) failed
[  128.664660][ T9170] FAT-fs (loop0): Directory bread(block 41) failed
[  128.672981][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.738280][ T9179] syzkaller0: entered promiscuous mode
[  128.743852][ T9179] syzkaller0: entered allmulticast mode
[  128.755829][ T9182] loop0: detected capacity change from 0 to 512
[  128.764179][ T9182] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  128.776032][ T9182] EXT4-fs (loop0): orphan cleanup on readonly fs
[  128.783893][ T9182] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.1935: Block bitmap for bg 0 marked uninitialized
[  128.798232][ T9182] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  128.807276][ T9182] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.1935: Block bitmap for bg 0 marked uninitialized
[  128.821667][ T9182] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  128.834046][ T9182] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.1935: Block bitmap for bg 0 marked uninitialized
[  128.851587][ T9186] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1936'.
[  128.864472][ T9186] batadv0: entered promiscuous mode
[  128.869738][ T9186] batadv0: entered allmulticast mode
[  128.875662][ T9182] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  128.888184][ T9182] EXT4-fs (loop0): 1 orphan inode deleted
[  128.894401][ T9182] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  128.923502][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.943342][ T9188] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1937'.
[  128.986072][ T9190] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1938'.
[  129.046911][ T3385] tipc: Node number set to 1
[  129.081735][ T9196] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1941'.
[  129.194955][ T9203] batadv1: left allmulticast mode
[  129.200061][ T9203] batadv1: left promiscuous mode
[  129.205169][ T9203] bridge0: port 1(batadv1) entered disabled state
[  129.213172][ T9207] loop3: detected capacity change from 0 to 128
[  129.235619][ T9207] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  129.275211][ T3315] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  129.314390][ T9213] loop3: detected capacity change from 0 to 512
[  129.351756][ T9213] EXT4-fs: Ignoring removed oldalloc option
[  129.450338][ T9213] EXT4-fs (loop3): 1 truncate cleaned up
[  129.457912][ T9213] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.496777][ T9221] loop0: detected capacity change from 0 to 1024
[  129.561320][ T9221] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1951: Failed to acquire dquot type 0
[  129.590761][ T9221] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  129.606017][ T9221] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.1951: corrupted inode contents
[  129.667427][ T9221] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #13: comm syz.0.1951: mark_inode_dirty error
[  129.690489][ T9221] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.1951: corrupted inode contents
[  129.749598][ T9221] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #13: comm syz.0.1951: mark_inode_dirty error
[  129.762735][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.783225][ T9221] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.1951: corrupted inode contents
[  129.805738][ T9221] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  129.815733][ T9221] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.1951: corrupted inode contents
[  129.832457][ T9221] EXT4-fs error (device loop0): ext4_truncate:4666: inode #13: comm syz.0.1951: mark_inode_dirty error
[  129.876587][ T9221] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  129.890757][ T9221] EXT4-fs (loop0): 1 truncate cleaned up
[  129.896933][ T9221] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.937976][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.984660][ T9230] vlan0: entered allmulticast mode
[  129.991076][ T9230] dummy0: entered allmulticast mode
[  130.270829][ T9233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  130.292196][ T9233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  130.315022][ T9241] tipc: New replicast peer: 255.255.255.255
[  130.321181][ T9241] tipc: Enabled bearer <udp:s>, priority 10
[  130.333984][ T9242] netlink: 240 bytes leftover after parsing attributes in process `syz.3.1958'.
[  131.025430][ T9269] loop0: detected capacity change from 0 to 512
[  131.051157][ T9269] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #12: comm syz.0.1972: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  131.075079][ T9269] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1972: couldn't read orphan inode 12 (err -117)
[  131.088563][ T9269] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.103716][ T9269] EXT4-fs error (device loop0): ext4_add_entry:2417: inode #2: comm syz.0.1972: Directory hole found for htree leaf block 0
[  131.129460][ T3305] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  131.156653][ T9277] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1974'.
[  131.688577][   T29] kauditd_printk_skb: 71 callbacks suppressed
[  131.688596][   T29] audit: type=1326 audit(131.677:7630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9317 comm="syz.2.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  131.726643][   T29] audit: type=1326 audit(131.677:7631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9317 comm="syz.2.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  131.749711][   T29] audit: type=1326 audit(131.707:7632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9317 comm="syz.2.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  131.772582][   T29] audit: type=1326 audit(131.707:7633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9317 comm="syz.2.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  131.795680][   T29] audit: type=1326 audit(131.707:7634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9317 comm="syz.2.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  131.818514][   T29] audit: type=1326 audit(131.707:7635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9317 comm="syz.2.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  131.841386][   T29] audit: type=1326 audit(131.707:7636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9317 comm="syz.2.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  131.864188][   T29] audit: type=1326 audit(131.707:7637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9317 comm="syz.2.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  131.887057][   T29] audit: type=1326 audit(131.707:7638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9317 comm="syz.2.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  131.909885][   T29] audit: type=1326 audit(131.707:7639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9317 comm="syz.2.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  132.094743][ T9336] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1997'.
[  132.112720][ T9336] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1997'.
[  132.155920][ T9329] loop0: detected capacity change from 0 to 128
[  132.299941][ T9356] netlink: 'syz.3.2006': attribute type 10 has an invalid length.
[  132.300886][ T9354] syzkaller0: entered promiscuous mode
[  132.313455][ T9354] syzkaller0: entered allmulticast mode
[  132.322895][ T9356] team0: Port device dummy0 added
[  132.332650][ T9356] netlink: 'syz.3.2006': attribute type 10 has an invalid length.
[  132.362345][ T9356] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  132.377068][ T9356] team0: Failed to send options change via netlink (err -105)
[  132.384890][ T9356] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  132.395907][ T9356] team0: Port device dummy0 removed
[  132.404777][ T9356] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  132.580585][ T9379] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2015'.
[  132.593941][ T9380] netlink: 240 bytes leftover after parsing attributes in process `syz.0.2008'.
[  132.757721][ T9386] netlink: 'syz.5.2017': attribute type 30 has an invalid length.
[  133.095103][ T9392] vlan2: entered allmulticast mode
[  133.106114][ T9392] dummy0: entered allmulticast mode
[  133.216928][ T9399] netlink: 'syz.2.2023': attribute type 10 has an invalid length.
[  133.244251][ T9399] team0: Port device dummy0 added
[  133.263353][ T9399] netlink: 'syz.2.2023': attribute type 10 has an invalid length.
[  133.279139][ T9399] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  133.300945][ T9399] team0: Failed to send options change via netlink (err -105)
[  133.324097][ T9399] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  133.338342][ T9399] team0: Port device dummy0 removed
[  133.345462][ T9399] dummy0: entered promiscuous mode
[  133.354653][ T9399] $Hÿ: (slave dummy0): Enslaving as an active interface with an up link
[  133.425163][ T9410] loop3: detected capacity change from 0 to 512
[  133.436650][ T9410] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  133.448694][ T9410] EXT4-fs (loop3): orphan cleanup on readonly fs
[  133.455449][ T9410] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.2027: Block bitmap for bg 0 marked uninitialized
[  133.470758][ T9410] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  133.480041][ T9410] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.2027: Block bitmap for bg 0 marked uninitialized
[  133.494686][ T9410] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  133.503926][ T9410] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.2027: Block bitmap for bg 0 marked uninitialized
[  133.518914][ T9410] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  133.528052][ T9410] EXT4-fs (loop3): 1 orphan inode deleted
[  133.534369][ T9410] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  133.580201][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.663444][ T9426] loop0: detected capacity change from 0 to 512
[  133.673294][ T9426] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  133.690781][ T9426] EXT4-fs (loop0): 1 truncate cleaned up
[  133.705935][ T9426] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.914277][ T9444] vlan2: entered allmulticast mode
[  133.917339][ T9445] netlink: 'syz.1.2038': attribute type 10 has an invalid length.
[  133.931308][ T9444] dummy0: entered allmulticast mode
[  133.938775][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.979141][ T9446] netlink: 'syz.1.2038': attribute type 10 has an invalid length.
[  133.980653][ T9445] team0: Port device dummy0 added
[  134.022570][ T9446] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  134.072061][ T9446] team0: Failed to send options change via netlink (err -105)
[  134.080061][ T9446] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  134.091011][ T9446] team0: Port device dummy0 removed
[  134.099532][ T9446] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  134.148536][ T9458] bond_slave_1: mtu less than device minimum
[  134.169178][ T9459] bond1: (slave bridge1): Releasing active interface
[  134.181236][ T9459] bond2: (slave ip6gretap1): Releasing backup interface
[  134.327342][ T9455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.335941][ T9455] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  134.889122][ T9480] loop3: detected capacity change from 0 to 1024
[  134.899847][ T9480] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.2054: Failed to acquire dquot type 0
[  134.911904][ T9480] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  134.926973][ T9480] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.2054: corrupted inode contents
[  134.939367][ T9480] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #13: comm syz.3.2054: mark_inode_dirty error
[  134.951459][ T9480] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.2054: corrupted inode contents
[  134.964161][ T9480] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.2054: mark_inode_dirty error
[  134.976384][ T9480] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.2054: corrupted inode contents
[  135.000399][ T9480] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  135.010126][ T9480] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.2054: corrupted inode contents
[  135.022394][ T9480] EXT4-fs error (device loop3): ext4_truncate:4666: inode #13: comm syz.3.2054: mark_inode_dirty error
[  135.034738][ T9480] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  135.044450][ T9480] EXT4-fs (loop3): 1 truncate cleaned up
[  135.051864][ T9480] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.098679][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.121103][ T9489] netlink: 'syz.0.2056': attribute type 10 has an invalid length.
[  135.132189][ T9489] team0: Port device dummy0 added
[  135.142159][ T9489] netlink: 'syz.0.2056': attribute type 10 has an invalid length.
[  135.151656][ T9489] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  135.162866][ T9489] team0: Failed to send options change via netlink (err -105)
[  135.198435][ T9489] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  135.209162][ T9489] team0: Port device dummy0 removed
[  135.217212][ T9489] .`: (slave dummy0): Enslaving as an active interface with an up link
[  135.349312][ T9502] __nla_validate_parse: 4 callbacks suppressed
[  135.349331][ T9502] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.2058'.
[  135.364811][ T9502] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2058'.
[  135.491659][ T9516] syzkaller0: entered promiscuous mode
[  135.497208][ T9516] syzkaller0: entered allmulticast mode
[  135.773210][ T9535] netlink: 240 bytes leftover after parsing attributes in process `syz.5.2076'.
[  135.925135][ T9544] loop5: detected capacity change from 0 to 2048
[  135.957865][ T9544]  loop5: p1 < > p4
[  135.962354][ T9544] loop5: p4 size 8388608 extends beyond EOD, truncated
[  136.369260][ T9572] usb usb1: usbfs: interface 0 claimed by hub while 'syz.5.2089' sets config #0
[  136.380570][ T9577] netlink: 'syz.3.2093': attribute type 21 has an invalid length.
[  136.396995][ T9577] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2093'.
[  136.406070][ T9577] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2093'.
[  136.775914][ T9587] loop0: detected capacity change from 0 to 512
[  136.797864][ T9587] EXT4-fs: Ignoring removed nobh option
[  136.825172][ T9587] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117
[  136.846084][ T9587] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.2100: invalid indirect mapped block 256 (level 1)
[  136.868115][ T9587] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.2100: invalid indirect mapped block 2683928664 (level 1)
[  136.974447][ T9587] EXT4-fs (loop0): 1 truncate cleaned up
[  136.995510][ T9587] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.067310][ T9587] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2100: Invalid block bitmap block 3 in block_group 0
[  137.199270][ T9587] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2100: Invalid block bitmap block 3 in block_group 0
[  137.244372][ T9587] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2100: Invalid block bitmap block 3 in block_group 0
[  137.330366][ T9599] loop3: detected capacity change from 0 to 1024
[  137.337827][ T9599] EXT4-fs: Ignoring removed bh option
[  137.343550][ T9599] EXT4-fs: inline encryption not supported
[  137.351942][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.375196][ T9599] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  137.396073][ T9599] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  137.406707][ T9599] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.2106: lblock 2 mapped to illegal pblock 2 (length 1)
[  137.437823][ T9599] __quota_error: 118 callbacks suppressed
[  137.437844][ T9599] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  137.479687][ T9599] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.2106: lblock 0 mapped to illegal pblock 48 (length 1)
[  137.517421][ T9604] loop0: detected capacity change from 0 to 512
[  137.527318][ T9604] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  137.551104][ T9599] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  137.560016][ T9599] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.2106: Failed to acquire dquot type 0
[  137.584384][ T9599] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  137.598785][ T9604] EXT4-fs (loop0): 1 truncate cleaned up
[  137.604912][ T9604] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.628690][ T9599] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.2106: mark_inode_dirty error
[  137.649928][ T9599] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  137.671543][ T9599] EXT4-fs (loop3): 1 orphan inode deleted
[  137.677670][ T9599] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.697063][ T4004] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:47: lblock 1 mapped to illegal pblock 1 (length 1)
[  137.738348][ T4004] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  137.746827][ T4004] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:47: Failed to release dquot type 0
[  137.787745][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.798840][ T3315] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  137.842014][ T3315] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  137.885599][ T3315] EXT4-fs error (device loop3): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[  137.901905][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.966041][ T9632] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9632 comm=syz.0.2119
[  137.978640][ T9632] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=9632 comm=syz.0.2119
[  138.443971][   T29] audit: type=1400 audit(138.427:7756): avc:  denied  { map } for  pid=9654 comm="syz.5.2130" path="socket:[28944]" dev="sockfs" ino=28944 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  138.809804][ T9676] loop5: detected capacity change from 0 to 512
[  138.832115][ T9676] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.151458][ T9694] pim6reg1: entered promiscuous mode
[  139.156827][ T9694] pim6reg1: entered allmulticast mode
[  139.457475][ T9707] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2145'.
[  141.016410][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.061912][   T29] audit: type=1400 audit(141.047:7757): avc:  denied  { listen } for  pid=9723 comm="syz.3.2157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  141.105032][ T9728] openvswitch: netlink: Message has 6 unknown bytes.
[  141.131291][   T29] audit: type=1326 audit(141.117:7758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9736 comm="syz.3.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[  141.154275][   T29] audit: type=1326 audit(141.117:7759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9736 comm="syz.3.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[  141.195017][ T9737] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2160'.
[  141.221896][   T29] audit: type=1326 audit(141.117:7760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9736 comm="syz.3.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[  141.244959][   T29] audit: type=1326 audit(141.117:7761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9736 comm="syz.3.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[  141.267868][   T29] audit: type=1326 audit(141.117:7762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9736 comm="syz.3.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f031047ec29 code=0x7ffc0000
[  141.314718][ T9744] loop3: detected capacity change from 0 to 1024
[  141.321725][ T9744] EXT4-fs: Ignoring removed nobh option
[  141.327373][ T9744] EXT4-fs: inline encryption not supported
[  141.351630][ T9744] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.420813][ T9744] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2165: Allocating blocks 385-513 which overlap fs metadata
[  141.446544][ T9763] loop0: detected capacity change from 0 to 512
[  141.454606][ T9744] EXT4-fs (loop3): pa ffff8881071ed850: logic 16, phys. 129, len 24
[  141.462823][ T9744] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  141.473807][ T9744] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  141.486035][ T9744] EXT4-fs (loop3): This should not happen!! Data will be lost
[  141.486035][ T9744] 
[  141.495953][ T9744] EXT4-fs (loop3): Total free blocks count 0
[  141.502132][ T9744] EXT4-fs (loop3): Free/Dirty block details
[  141.508313][ T9744] EXT4-fs (loop3): free_blocks=128
[  141.509330][ T9763] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.513443][ T9744] EXT4-fs (loop3): dirty_blocks=0
[  141.513460][ T9744] EXT4-fs (loop3): Block reservation details
[  141.537214][ T9744] EXT4-fs (loop3): i_reserved_data_blocks=0
[  141.579327][ T9771] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2176'.
[  141.590541][ T9773] syz_tun: entered allmulticast mode
[  141.600503][ T9773] dvmrp1: entered allmulticast mode
[  141.609344][ T9772] syz_tun: left allmulticast mode
[  141.635236][ T9771] 8021q: adding VLAN 0 to HW filter on device bond0
[  141.654351][ T9771] macvlan2: entered promiscuous mode
[  141.659738][ T9771] macvlan2: entered allmulticast mode
[  141.666193][ T9771] bond0: (slave macvlan2): Opening slave failed
[  141.753465][ T9783] loop5: detected capacity change from 0 to 512
[  141.793698][ T9783] EXT4-fs (loop5): orphan cleanup on readonly fs
[  141.809708][ T9783] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.2180: bad orphan inode 13
[  141.823142][ T9783] ext4_test_bit(bit=12, block=18) = 1
[  141.828590][ T9783] is_bad_inode(inode)=0
[  141.832817][ T9783] NEXT_ORPHAN(inode)=2130706432
[  141.837699][ T9783] max_ino=32
[  141.840924][ T9783] i_nlink=1
[  141.859383][ T9783] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  141.891626][ T9783] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  141.940517][ T9783] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2180: bg 0: block 248: padding at end of block bitmap is not set
[  141.973857][ T9783] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.2180: Failed to acquire dquot type 1
[  142.006904][ T9783] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  142.067542][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.164341][ T9810] loop3: detected capacity change from 0 to 1024
[  142.172529][ T9810] EXT4-fs: Ignoring removed orlov option
[  142.203757][ T9810] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.503215][    T9] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=9 comm=kworker/0:0
[  142.527557][ T9832] 9pnet: p9_errstr2errno: server reported unknown error 18446744073
[  142.540661][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.552634][ T9836] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2200'.
[  142.694905][   T29] kauditd_printk_skb: 19 callbacks suppressed
[  142.694923][   T29] audit: type=1326 audit(142.677:7780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9851 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  142.724043][   T29] audit: type=1326 audit(142.677:7781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9851 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  142.746970][   T29] audit: type=1326 audit(142.677:7782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9851 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  142.769929][   T29] audit: type=1326 audit(142.677:7783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9851 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  142.778311][ T9763] syz.0.2172 (9763) used greatest stack depth: 6200 bytes left
[  142.792800][   T29] audit: type=1326 audit(142.677:7784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9851 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb25c69ec29 code=0x7ffc0000
[  142.823608][   T29] audit: type=1326 audit(142.677:7785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9851 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb25c69ec63 code=0x7ffc0000
[  142.846497][   T29] audit: type=1326 audit(142.677:7786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9851 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb25c69d6df code=0x7ffc0000
[  142.869185][   T29] audit: type=1326 audit(142.677:7787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9851 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb25c69ecb7 code=0x7ffc0000
[  142.892138][   T29] audit: type=1326 audit(142.677:7788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9851 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb25c69d590 code=0x7ffc0000
[  142.915389][   T29] audit: type=1326 audit(142.677:7789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9851 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb25c69d88a code=0x7ffc0000
[  142.942065][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.156765][ T9884] syz_tun: entered allmulticast mode
[  143.164976][ T9886] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2225'.
[  143.177700][ T9884] dvmrp1: entered allmulticast mode
[  143.185639][ T9883] syz_tun: left allmulticast mode
[  143.202110][ T9886] 8021q: adding VLAN 0 to HW filter on device bond0
[  143.213236][ T9891] atomic_op ffff888104aff528 conn xmit_atomic 0000000000000000
[  143.220382][ T9886] macvlan2: entered promiscuous mode
[  143.226229][ T9886] macvlan2: entered allmulticast mode
[  143.233367][ T9886] bond0: (slave macvlan2): Opening slave failed
[  143.483486][ T9917] lo: entered allmulticast mode
[  143.501703][ T9917] dvmrp1: entered allmulticast mode
[  143.512661][ T9916] lo: left allmulticast mode
[  143.534389][ T9923] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2242'.
[  143.550555][ T9923] 8021q: adding VLAN 0 to HW filter on device bond3
[  143.566275][ T9923] macvlan2: entered promiscuous mode
[  143.571812][ T9923] macvlan2: entered allmulticast mode
[  143.578561][ T9923] bond3: (slave macvlan2): Opening slave failed
[  143.731268][ T9927] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2243'.
[  143.944704][ T9938] loop0: detected capacity change from 0 to 512
[  143.969122][ T9938] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  143.977634][ T9938] EXT4-fs (loop0): orphan cleanup on readonly fs
[  143.986558][ T9938] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2248: corrupted inode contents
[  144.000282][ T9938] EXT4-fs (loop0): Remounting filesystem read-only
[  144.007284][ T9938] EXT4-fs (loop0): 1 truncate cleaned up
[  144.013118][ T3995] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  144.023741][ T3995] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  144.034626][ T3995] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  144.045502][ T9938] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  144.091220][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.130529][ T9944] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2249'.
[  144.358332][ T9953] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2254'.
[  144.392596][ T9953] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.426552][ T9953] macvlan0: entered promiscuous mode
[  144.431909][ T9953] macvlan0: entered allmulticast mode
[  144.441593][ T9953] bond0: (slave macvlan0): Opening slave failed
[  144.462533][ T9954] dvmrp1: entered allmulticast mode
[  144.558906][ T9965] loop3: detected capacity change from 0 to 512
[  144.629967][ T9965] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.2268: bad orphan inode 11862016
[  144.651837][ T9965] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  144.756573][ T9929] syz.1.2244 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  144.770676][ T9929] CPU: 0 UID: 0 PID: 9929 Comm: syz.1.2244 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  144.770714][ T9929] Tainted: [W]=WARN
[  144.770722][ T9929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  144.770746][ T9929] Call Trace:
[  144.770752][ T9929]  <TASK>
[  144.770760][ T9929]  __dump_stack+0x1d/0x30
[  144.770784][ T9929]  dump_stack_lvl+0xe8/0x140
[  144.770806][ T9929]  dump_stack+0x15/0x1b
[  144.770897][ T9929]  dump_header+0x81/0x220
[  144.771004][ T9929]  oom_kill_process+0x342/0x400
[  144.771112][ T9929]  out_of_memory+0x979/0xb80
[  144.771186][ T9929]  try_charge_memcg+0x5e6/0x9e0
[  144.771237][ T9929]  obj_cgroup_charge_pages+0xa6/0x150
[  144.771283][ T9929]  __memcg_kmem_charge_page+0x9f/0x170
[  144.771334][ T9929]  __alloc_frozen_pages_noprof+0x188/0x360
[  144.771377][ T9929]  alloc_pages_mpol+0x1e0/0x250
[  144.771414][ T9929]  alloc_pages_noprof+0x90/0x130
[  144.771497][ T9929]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  144.771555][ T9929]  __kvmalloc_node_noprof+0x30f/0x4e0
[  144.771669][ T9929]  ? ip_set_alloc+0x1f/0x30
[  144.771691][ T9929]  ? ip_set_alloc+0x1f/0x30
[  144.771724][ T9929]  ? __kmalloc_cache_noprof+0x189/0x320
[  144.771764][ T9929]  ip_set_alloc+0x1f/0x30
[  144.771791][ T9929]  hash_netiface_create+0x282/0x740
[  144.771858][ T9929]  ? __pfx_hash_netiface_create+0x10/0x10
[  144.771883][ T9929]  ip_set_create+0x3c9/0x960
[  144.771917][ T9929]  ? __nla_parse+0x40/0x60
[  144.772022][ T9929]  nfnetlink_rcv_msg+0x4c3/0x590
[  144.772048][ T9929]  ? __rcu_read_unlock+0x34/0x70
[  144.772091][ T9929]  netlink_rcv_skb+0x123/0x220
[  144.772115][ T9929]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  144.772146][ T9929]  nfnetlink_rcv+0x16b/0x1690
[  144.772171][ T9929]  ? nlmon_xmit+0x4f/0x60
[  144.772224][ T9929]  ? consume_skb+0x49/0x150
[  144.772296][ T9929]  ? nlmon_xmit+0x4f/0x60
[  144.772327][ T9929]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  144.772435][ T9929]  ? __dev_queue_xmit+0x1200/0x2000
[  144.772523][ T9929]  ? __dev_queue_xmit+0x182/0x2000
[  144.772567][ T9929]  ? ref_tracker_free+0x37d/0x3e0
[  144.772607][ T9929]  ? __netlink_deliver_tap+0x4dc/0x500
[  144.772645][ T9929]  netlink_unicast+0x5bd/0x690
[  144.772730][ T9929]  netlink_sendmsg+0x58b/0x6b0
[  144.772759][ T9929]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.772806][ T9929]  __sock_sendmsg+0x142/0x180
[  144.772894][ T9929]  ____sys_sendmsg+0x31e/0x4e0
[  144.772929][ T9929]  ___sys_sendmsg+0x17b/0x1d0
[  144.773102][ T9929]  __x64_sys_sendmsg+0xd4/0x160
[  144.773138][ T9929]  x64_sys_call+0x191e/0x2ff0
[  144.773161][ T9929]  do_syscall_64+0xd2/0x200
[  144.773195][ T9929]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  144.773247][ T9929]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  144.773325][ T9929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.773418][ T9929] RIP: 0033:0x7f93cd12ec29
[  144.773435][ T9929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.773508][ T9929] RSP: 002b:00007f93cbb8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  144.773529][ T9929] RAX: ffffffffffffffda RBX: 00007f93cd375fa0 RCX: 00007f93cd12ec29
[  144.773543][ T9929] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[  144.773556][ T9929] RBP: 00007f93cd1b1e41 R08: 0000000000000000 R09: 0000000000000000
[  144.773568][ T9929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  144.773632][ T9929] R13: 00007f93cd376038 R14: 00007f93cd375fa0 R15: 00007ffeb7e97098
[  144.773655][ T9929]  </TASK>
[  144.773726][ T9929] memory: usage 307200kB, limit 307200kB, failcnt 322
[  145.124773][ T9929] memory+swap: usage 307648kB, limit 9007199254740988kB, failcnt 0
[  145.132796][ T9929] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[  145.140231][ T9929] Memory cgroup stats for /syz1:
[  145.142792][ T9929] cache 16384
[  145.151080][ T9929] rss 0
[  145.153859][ T9929] shmem 0
[  145.156805][ T9929] mapped_file 16384
[  145.160734][ T9929] dirty 0
[  145.163775][ T9929] writeback 0
[  145.167093][ T9929] workingset_refault_anon 53
[  145.171695][ T9929] workingset_refault_file 411
[  145.176383][ T9929] swap 466944
[  145.179754][ T9929] swapcached 4096
[  145.183403][ T9929] pgpgin 108456
[  145.186950][ T9929] pgpgout 108450
[  145.190499][ T9929] pgfault 128105
[  145.194062][ T9929] pgmajfault 36
[  145.197555][ T9929] inactive_anon 4096
[  145.201466][ T9929] active_anon 0
[  145.204934][ T9929] inactive_file 12288
[  145.208954][ T9929] active_file 8192
[  145.212686][ T9929] unevictable 0
[  145.216156][ T9929] hierarchical_memory_limit 314572800
[  145.221585][ T9929] hierarchical_memsw_limit 9223372036854771712
[  145.227777][ T9929] total_cache 16384
[  145.231602][ T9929] total_rss 0
[  145.234901][ T9929] total_shmem 0
[  145.238483][ T9929] total_mapped_file 16384
[  145.242883][ T9929] total_dirty 0
[  145.246347][ T9929] total_writeback 0
[  145.250201][ T9929] total_workingset_refault_anon 53
[  145.255330][ T9929] total_workingset_refault_file 411
[  145.260557][ T9929] total_swap 466944
[  145.264376][ T9929] total_swapcached 4096
[  145.268589][ T9929] total_pgpgin 108456
[  145.272591][ T9929] total_pgpgout 108450
[  145.276682][ T9929] total_pgfault 128105
[  145.280803][ T9929] total_pgmajfault 36
[  145.284795][ T9929] total_inactive_anon 4096
[  145.289248][ T9929] total_active_anon 0
[  145.293249][ T9929] total_inactive_file 12288
[  145.297872][ T9929] total_active_file 8192
[  145.302138][ T9929] total_unevictable 0
[  145.306137][ T9929] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2244,pid=9928,uid=0
[  145.320903][ T9929] Memory cgroup out of memory: Killed process 9928 (syz.1.2244) total-vm:95808kB, anon-rss:1200kB, file-rss:22328kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  145.339256][ T9977] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #19: comm syz.3.2268: corrupted inode contents
[  145.352895][ T9977] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #19: comm syz.3.2268: mark_inode_dirty error
[  145.366237][ T9977] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #19: comm syz.3.2268: corrupted inode contents
[  145.379738][ T9977] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #19: comm syz.3.2268: mark_inode_dirty error
[  145.392277][ T9977] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #19: comm syz.3.2268: mark inode dirty (error -117)
[  145.406506][ T9977] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  145.459932][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  146.440318][T10010] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2272'.
[  146.448617][T10009] syz_tun: entered allmulticast mode
[  146.476394][T10010] 8021q: adding VLAN 0 to HW filter on device bond3
[  146.487989][T10009] dvmrp1: entered allmulticast mode
[  146.512779][T10010] macvlan0: entered promiscuous mode
[  146.518253][T10010] macvlan0: entered allmulticast mode
[  146.525199][T10010] bond3: (slave macvlan0): Opening slave failed
[  146.549633][T10006] syz_tun: left allmulticast mode
[  146.570818][T10018] 9pnet: p9_errstr2errno: server reported unknown error 
[  146.591535][T10021] loop0: detected capacity change from 0 to 512
[  146.623825][T10024] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2279'.
[  146.653960][T10021] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.2278: bad orphan inode 11862016
[  146.673729][T10021] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  146.775945][T10035] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #19: comm syz.0.2278: corrupted inode contents
[  146.796942][T10035] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #19: comm syz.0.2278: mark_inode_dirty error
[  146.827915][T10035] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #19: comm syz.0.2278: corrupted inode contents
[  146.851291][T10035] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #19: comm syz.0.2278: mark_inode_dirty error
[  146.977503][T10035] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #19: comm syz.0.2278: mark inode dirty (error -117)
[  147.002088][T10035] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117)
[  147.051893][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  147.084067][T10048] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10048 comm=syz.0.2287
[  147.116763][T10052] syz_tun: entered allmulticast mode
[  147.123726][T10051] syz_tun: left allmulticast mode
[  147.148120][T10054] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2291'.
[  147.188380][T10060] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  147.197180][T10060] ref_ctr increment failed for inode: 0xad9 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888119ef5640
[  147.212744][T10062] 9pnet: p9_errstr2errno: server reported unknown error 
[  147.305694][T10066] loop0: detected capacity change from 0 to 2048
[  147.358770][T10070] macvlan1: entered promiscuous mode
[  147.364828][T10070] ipvlan0: entered promiscuous mode
[  147.365305][T10066] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.372041][T10070] ipvlan0: left promiscuous mode
[  147.388800][T10070] macvlan1: left promiscuous mode
[  147.611126][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.624047][T10086] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  147.634715][T10086] SELinux: failed to load policy
[  147.729898][T10096] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2309'.
[  147.739015][T10096] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2309'.
[  147.757207][T10090] loop5: detected capacity change from 0 to 512
[  147.775341][T10090] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.810434][   T29] kauditd_printk_skb: 55 callbacks suppressed
[  147.810493][   T29] audit: type=1326 audit(147.797:7839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10103 comm="syz.0.2311" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb8ccfbec29 code=0x0
[  147.952322][T10116] loop3: detected capacity change from 0 to 2048
[  147.981241][T10116] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.384092][T10116] ==================================================================
[  148.392247][T10116] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked
[  148.399673][T10116] 
[  148.402018][T10116] read-write to 0xffff8881198c4b50 of 8 bytes by task 3994 on cpu 0:
[  148.410100][T10116]  __xa_clear_mark+0xf5/0x1e0
[  148.414804][T10116]  __folio_end_writeback+0x177/0x470
[  148.420130][T10116]  folio_end_writeback+0x71/0x3d0
[  148.425194][T10116]  ext4_finish_bio+0x459/0x8c0
[  148.429984][T10116]  ext4_release_io_end+0x9f/0x1f0
[  148.435047][T10116]  ext4_end_io_end+0x18d/0x240
[  148.440013][T10116]  ext4_end_io_rsv_work+0x151/0x1e0
[  148.445261][T10116]  process_scheduled_works+0x4cb/0x9d0
[  148.450788][T10116]  worker_thread+0x582/0x770
[  148.455434][T10116]  kthread+0x489/0x510
[  148.459534][T10116]  ret_from_fork+0x11f/0x1b0
[  148.464237][T10116]  ret_from_fork_asm+0x1a/0x30
[  148.469023][T10116] 
[  148.471464][T10116] read to 0xffff8881198c4b50 of 8 bytes by task 10116 on cpu 1:
[  148.479113][T10116]  xas_find_marked+0x218/0x620
[  148.483927][T10116]  find_get_entry+0x5d/0x380
[  148.488545][T10116]  filemap_get_folios_tag+0x13b/0x210
[  148.493940][T10116]  file_write_and_wait_range+0x1ea/0x2c0
[  148.499607][T10116]  generic_buffers_fsync_noflush+0x45/0x120
[  148.505532][T10116]  ext4_sync_file+0x1ab/0x690
[  148.510237][T10116]  vfs_fsync_range+0x10a/0x130
[  148.515043][T10116]  ext4_buffered_write_iter+0x34f/0x3c0
[  148.520808][T10116]  ext4_file_write_iter+0xdbf/0xf00
[  148.526049][T10116]  do_iter_readv_writev+0x499/0x540
[  148.531365][T10116]  vfs_writev+0x2df/0x8b0
[  148.535736][T10116]  __se_sys_pwritev2+0xfc/0x1c0
[  148.540622][T10116]  __x64_sys_pwritev2+0x67/0x80
[  148.545508][T10116]  x64_sys_call+0x2c55/0x2ff0
[  148.550219][T10116]  do_syscall_64+0xd2/0x200
[  148.554769][T10116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.560686][T10116] 
[  148.563019][T10116] value changed: 0x000000000000fe00 -> 0x000000000000f800
[  148.570142][T10116] 
[  148.572475][T10116] Reported by Kernel Concurrency Sanitizer on:
[  148.578657][T10116] CPU: 1 UID: 0 PID: 10116 Comm: syz.3.2315 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  148.590075][T10116] Tainted: [W]=WARN
[  148.593898][T10116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  148.603980][T10116] ==================================================================
[  148.709817][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.790050][ T6319] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.