last executing test programs:

2m51.536075784s ago: executing program 0 (id=1597):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x6104, 0x1920}, [@IFLA_NET_NS_PID={0x8, 0x13, r1}]}, 0x28}, 0x1, 0x0, 0x0, 0xc0000c1}, 0x20048000)
syz_open_dev$tty1(0xc, 0x4, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="24040000", @ANYRES16=r3, @ANYBLOB="8b33200000190002000015"], 0x424}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000000100), r2)
sendmsg$GTP_CMD_ECHOREQ(r2, 0x0, 0x0)

2m51.154182102s ago: executing program 0 (id=1610):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180), 0x0)
recvfrom$inet_nvme(0xffffffffffffffff, 0x0, 0x0, 0x140, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYBLOB="ffff00007e24047d69f5a5134acabff910bca294"], 0x8)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000140)={0x0, 0x0, 0x1}, 0x8)

2m50.221387985s ago: executing program 0 (id=1636):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc094, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x10000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
socket$can_j1939(0x1d, 0x2, 0x7)
recvmsg$unix(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x200440c4)

2m50.06928079s ago: executing program 0 (id=1645):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x4e1e, @multicast1}}}, 0x88)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x67, 0x52e, &(0x7f0000000480)="$eJzs3U9vI2cZAPBnHHvZ7GabFDhAJUqhRdkVrJ00tI04lCIhOFUCyr2ExImiOHEUO+0mqtis+ABICAESJ7hwQeIDIKFKXDgipEpwBgECIdjCgQN00NjjNJv4X7tOnE1+P2ky78y8M8/zOprxvJ7RTACX1lMR8VJEvJOm6a2ImM7nF/IhDtpDVu/t+28sZ0MSafrKP5JI8nmdbSX5+Hq+2tWI+NqXI76ZnIzb2NvfWKrVqjv5dKW5uV1p7O3fXt9cWquuVbcWFuafX3xh8bnFuZG080ZEvPjFv3z/Oz/90ou//Mzrf3z1bze/laU1lS8/2o73qNhvYbvppdZncXSFnfcZ7DwqtlqYm+xWY+LEnHunnBMAAN1l5/gfjIhPRsStmI6J/qezAAAAwCMo/fxU/DeJSLu70mM+AAAA8AgptO6BTQrl/F6AqSgUyuX2PbwfjmuFWr3R/PRqfXdrpX2v7EyUCqvrtepcfq/wTJSSbHq+VX53+tlj0wsR8XhEfG96sjVdXq7XVsb94wcAAABcEteP9f//Pd3u/3fcHWdyAAAAwOjMjDsBAAAA4NQN2/+/dsp5AAAAAKfH9X8AAAC40L7y8svZkHbef73y2t7uRv212yvVxkZ5c3e5vFzf2S6v1etrrWf2bQ7aXq1e3/5sbO3eqTSrjWalsXc1Nuu7W81X1x94BTYAAABwhh7/+Ju/TyLi4HOTrSFzZbhVh6wGnFfFw1KSj7vs1n94rD3+8xklBZyJiXEnAIxNcdwJAGNTGncCwNglA5b3vHnnN/n4E6PNBwAAGL3Zj/a+/l/ou+ZB/8XAuWcnhsvL9X+4vFrX/4e9k7fgbeBwkZQGnQH07SA4HsBF8NDX/wdK0/eUEAAAMHJTrSEplIud6UKhXI640XotQClZXa9V5yLisYj43XTpA9n0fKtmMrDPAAAAAAAAAAAAAAAAAAAAAAAAAAC0pWkSKQAAAHChRRT+mvyq/Sz/2elnpo7/PnAl+c905K8Iff1Hr/zgzlKzuTOfzf/n4fzmD/P5z47jFwwAAAC4FAa8wP9BnX56px8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP09v03ljvDWcb9+xciYqZb/GJcbY2vRikirv0rieKR9ZKImBhB/Mnsz0e6xU+ytA5Ddos/OYL4B/f6xo+D/FPoFv/6COLDZfZmdvx5qdv+V4inWuPu+18x4oHp96v38S8Oj38TPfb/G0PGeOKtn1d6xr8X8UTxRPy7WYRO/KRH/KeHjP+Nr+/v91qW/jhituv3T9Kpkh0ho9Lc3K409vZvr28urVXXqlsLC/PPL76w+NziXGV1vVbN/3aN8d2P/eKdfu2/1iP+zID2P3Nia1e6xvjfW3fuf6hdLHWLf/PpLvF//ZO8xsn4hfy771N5OVs+2ykftMtHPfmz3z7Zr/0rPdo/6P9/s9dGj7n11W//aciqAMAZaOztbyzVatWdC1vIeulDVs7Ozs5FzgpDFCYefjt3R5pYmqZptk89xHaSGPenelgY95EJAAAYtXdP+sedCQAAAAAAAAAAAAAAAAAAAFxeZ/E4seMxDw5LySgeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBL/DwAA//9t9tlI")
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$binfmt_register(r2, &(0x7f0000000440)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
chmod(&(0x7f0000000000)='./file0\x00', 0x60)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

2m49.67224737s ago: executing program 0 (id=1656):
r0 = socket(0x8000000010, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r2}, 0x10)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b86803000aab087a0400000001481193210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

2m49.564360161s ago: executing program 0 (id=1662):
r0 = socket$netlink(0x10, 0x3, 0xf)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000001000000080000000c"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20300}}}}}}]}, 0x48}}, 0x4040004)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)={0x14, 0x1, 0x8, 0x101}, 0x14}}, 0x40)

2m49.564138801s ago: executing program 32 (id=1662):
r0 = socket$netlink(0x10, 0x3, 0xf)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000001000000080000000c"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20300}}}}}}]}, 0x48}}, 0x4040004)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)={0x14, 0x1, 0x8, 0x101}, 0x14}}, 0x40)

2.50793394s ago: executing program 3 (id=4182):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1b1c, 0x1c0b, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x0, 0x0, 0xff}}}}}]}}]}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
write$binfmt_misc(r3, &(0x7f0000000740), 0xff67)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=@ipv6_getroute={0x12, 0x1a, 0x101, 0x0, 0x0, {}, [@RTA_OIF={0x8}]}, 0x24}}, 0x0)
sendfile(r2, r3, &(0x7f0000000000), 0xfffb)
fcntl$addseals(r3, 0x409, 0x8)
recvmmsg(r1, &(0x7f0000000880)=[{{&(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000140)=""/68, 0x44}, {&(0x7f00000005c0)=""/90, 0x5a}, {&(0x7f0000000640)=""/233, 0xe9}], 0x3}, 0x9}, {{&(0x7f0000000740)=@in6={0xa, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000200)=""/18, 0x12}, {&(0x7f00000007c0)=""/15, 0xf}], 0x2, &(0x7f0000000840)=""/37, 0x25}, 0x3}], 0x2, 0x2060, &(0x7f0000000900))
lseek(r3, 0x100000, 0x3)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000380)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0xa, "6537ce03"}]}}, 0x0}, 0x0)

1.929074038s ago: executing program 4 (id=4188):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xffeff024}, {0x6, 0x0, 0x4}]}, 0x10)
sendmmsg(r3, &(0x7f0000001c00), 0x400000000000159, 0x40840)

1.830322198s ago: executing program 5 (id=4190):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe2(&(0x7f0000000000)={<r2=>0x0, <r3=>0x0}, 0x0)
ioctl$USBDEVFS_GETDRIVER(r2, 0x41045508, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r3, 0x2275, &(0x7f0000000040))
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x6, 0xb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x18)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r4, 0xffffffffffffffff, 0x0)

1.780155942s ago: executing program 5 (id=4191):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net\x00')
getdents(r1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_read_part_table(0x1059, &(0x7f0000000000)="$eJzsz8FNw0AUBNDxYmRbogNa4Ewn7scHCuFMT0hUwDmX6EdeR0oHSQ7v3Uazs9IPD/WRlpxqfG+ZkyXJuWpK8nb0VdVakr+ehtuwP+q2ek3ycoRx2f/JsF3LVv+fa9/VsC++l6/5aH4zZf25150AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MwuAQAA//9ZkRMF")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0xff38}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xac, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.763079544s ago: executing program 1 (id=4192):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0x121d, &(0x7f0000000500)={0x0, 0x7d10, 0x80, 0x3, 0x2b5}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket(0x2a, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0x2}, 0x18)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x23457})
io_uring_enter(r0, 0x46bc, 0x3, 0x20, 0x0, 0x20)

1.757773105s ago: executing program 3 (id=4193):
io_setup(0x9, &(0x7f0000000000))
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x3)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x2)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f00000001c0)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000240)=@assoc_value={r5, 0x7}, 0x8)

1.514954119s ago: executing program 3 (id=4194):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9ee6, 0x200000005}, 0x104022, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r5=>0x0, &(0x7f0000000580)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x4})
io_uring_enter(r4, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
write$binfmt_misc(r3, &(0x7f0000000000), 0xfffffecc)

1.297585751s ago: executing program 2 (id=4195):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x1006, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SG_BLKTRACETEARDOWN(r0, 0x1276, 0x0)
unshare(0x2c020400)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000018c0), r2)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000004c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000ffdbdf25090000006400038008000100010000000800030004000000140002007665744e315f6d616376746170000000060004000200000008000500e0000000140002006970766c616e31"], 0x78}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000000130001"], 0x2c}}, 0x0)
recvmmsg(r1, &(0x7f00000012c0)=[{{0x0, 0x0, 0x0}, 0xffff}], 0x1, 0x12000, &(0x7f00000013c0))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
epoll_create1(0x80000)
finit_module(0xffffffffffffffff, 0x0, 0x3)

1.253320366s ago: executing program 1 (id=4196):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
prlimit64(0x0, 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r3}, 0x10)
io_setup(0x3, &(0x7f0000000340))

1.194282621s ago: executing program 2 (id=4197):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c02000100000000000040000280ffffff05000500000000000a"], 0x80}}, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b"], 0xfc}, 0x1, 0x0, 0x0, 0x2000c010}, 0x0)
bind$inet(r3, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10)

1.193737771s ago: executing program 2 (id=4198):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000f140164c4bd7000fcdbdf25090045"], 0x1c}, 0x1, 0x0, 0x0, 0x4000840}, 0x4004804)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

1.169899384s ago: executing program 5 (id=4199):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000200)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRESDEC=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_FLUSH(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r3, @ANYBLOB="01000000000000000000011500002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c0007002000000002000000080008000100000008000b00736970000600010002000000080005"], 0xc4}}, 0x4008800)

1.169116534s ago: executing program 2 (id=4200):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x39}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195}, 0x70)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000800)=@newtaction={0x8c, 0x30, 0xffff, 0x70bd27, 0x0, {}, [{0x78, 0x1, [@m_police={0x74, 0x1, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x10000, 0x0, 0x0, 0x0, 0x0, {0x0, 0x2, 0x0, 0x0, 0xfffe}, {0x0, 0x0, 0x200, 0x0, 0xfffd}}}, @TCA_POLICE_RESULT={0x8, 0x5, 0x81}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x8c}}, 0x4000000)

1.026895388s ago: executing program 1 (id=4201):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xfc, 0x7fff0026}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0f000000040000000800000001"], 0x50)
unshare(0x28000600)
r2 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x1, 0x0)
fchdir(r3)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000000)='./file0\x00', r1}, 0x18)
r4 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x1, 0xa)
fchdir(r5)
close_range(r0, 0xffffffffffffffff, 0x0)

1.010596599s ago: executing program 4 (id=4202):
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x1, 0x9}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x3, 0x7, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018100000", @ANYRES32=r0, @ANYBLOB="000000000000000018100000", @ANYRES32=r1, @ANYBLOB="000000000000000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, &(0x7f0000000180), &(0x7f0000000200), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r2, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000240)={'veth0_to_team\x00', 0x1000})
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

860.283104ms ago: executing program 1 (id=4203):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0x91bbb721c87ecdfb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
socket$inet6(0xa, 0x3, 0xff)
write$tun(0xffffffffffffffff, 0x0, 0x46)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000008000000020000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000002}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r2}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0), 0x0, 0x5}, 0x38)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x108100, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f1, &(0x7f0000000080))

859.775124ms ago: executing program 4 (id=4204):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_io_uring_setup(0xbde, &(0x7f0000000080)={0x0, 0x79a4, 0x2, 0x5, 0x229d}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x2007, @fd=r1, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r5 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r5, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r5, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000000040)=[{r1, 0x245}], 0x1, 0x0, 0x0, 0x0)
close(0x3)

733.008347ms ago: executing program 1 (id=4205):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xd, 0x10020, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
syz_clone(0x40000500, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x22840, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000000), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

554.994175ms ago: executing program 4 (id=4206):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300001e880000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000640)=0xcde, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x2, 0x0, 0x4, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1c, r5, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x1c}}, 0x40)

526.943748ms ago: executing program 3 (id=4207):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0xa}}]}, 0x38}}, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r6, 0x2f}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)

494.704561ms ago: executing program 4 (id=4208):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000380)={0x43, 0x4, 0x3, 0x3}, 0x10)

491.154081ms ago: executing program 5 (id=4209):
mkdir(&(0x7f0000000140)='./file0/file0/file0\x00', 0x0)
creat(0x0, 0xbc9dc8fbd81cb4a1)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b000000000000000000000000000400"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="1c0000001a005f0214f9f4070009040081ff0000ff02000200000000", 0x1c)

473.993493ms ago: executing program 1 (id=4210):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x18)
r5 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r6=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r5, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r6}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)

461.609244ms ago: executing program 5 (id=4211):
open_tree(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x1801)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1, 0x400}, 0x28)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000004000000000000008100d00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0xe, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = mq_open(&(0x7f0000000000)='!selinu\xff\x7f\x00\x00inux\x00T\x8b\xb5\xf3\xcb\xdd\xe3\xbf2\x86\x01\x84\xdd\x8a\x8f_l\xa1L\xb1\xef\xb2\xc9\xf7+C\xb2\x8e9\xb8\xec\x1a\xe5\xaeq\x8fZ\xff\xbcY+\xaf0<\xa3\xb8\"Zm\x1c\x18\x11\x93\xb5z \xc2\x8b\xa9\xc5\x9es\t\xfe\x002\xa0-\xaf\xcdP\x9f\xe5Iv\xce*\xa8\xa3\x14i\x05\x8f\x9b\x1eB\x9f\x9d#E\x19\xdc\xfe\xc7\xeb\xb5\xcd\xc8\xe2U\xce\x00\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3})
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40810)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
mq_notify(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x1b, 0x2})
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mq_timedreceive(r2, &(0x7f0000000340)=""/200, 0xc8, 0x0, 0x0)

439.650327ms ago: executing program 4 (id=4212):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000700), 0xff, 0x49b, &(0x7f0000001040)="$eJzs3MtvVNUfAPDvnbY8fjzaHyIKglbQSHy0tKCycKFGExeamOgCl7UtiAzU0JoIabQYg0tD4t64NPEvcOfGqAtj4lYTl4aEaGNCcTXmvugwnSltaTvS+XyS6ZxzH3PO9957Zs69p/cG0LH60z9JxPaI+DUievPsrQv0529zs9OjN2anR5Oo1d74M8mWuz47PVouWq63rcgcrkRUPkni+WRhuZMXLp4ZqVbHzxf5wamz7w1OXrj41OmzI6fGT42fGz5+/NjRoWefGX56VeJM47q+78OJ/XtfeevKa6Mnrrz9w9dptfYcyOfXx3FbN5oE1ER/utX+qmUa5z26jLrfDXbUpZPuNlaEZemKiHR39WTtvze6Yn7n9cbLH7dec/P6VBBYM+lv0yIteaYGbGBJtLsGQHuUP/Tp+W/5Wqeux3/CtRciNhXpudnp0bmb8XdHpZjes4bl90fEiZl/vkhfsdzrEAAAK5D1bZ5s1v+rxJ7sPR/r2FmMofRFxP8jYldE3BMRuyPi3ohs2fsi4v585VrvEsvvb8gv7P9Urjat8ypJ+3/P1fX95uriL976uorcjiz+nuTk6er4kWKbHI6ezWl+aJEyvn3pl89azavv/6WvtPyyL1hU4Gp3wwW6sZGpkdXaCNcuRezrbhZ/cnMkID0C9kbEvuV99M4ycfrxr/a3Wuj28S9iFcaZal9GPJbv/5loiL+ULD4+ObglquNHBsujYqEff778eqvy7yj+VXDt4AN5Yn7/NyzR+3eSj9f2RLU6fn5y+WVc/u3Tluc0Kz3+NyVvZmPWP72TT/tgZGrq/FDEpuTVLF+e02XTh+fXLfPl8unxf/hQ8/a/q1gnjT/dSulBfCAiHoyIh4q6PxwRByPi0CLxf//iI+8uEn8SSbRv/1+KGGv6/Xfz+O9L6sfrV5DoOvPdN61GzOv3fy1ptf+PxUz2XZvLvv9uY6kVvMPNBwAAAHeFSkRsj6QykKf7t0elMjCQ/w//7vhfpToxOfXEyYn3z43l9wj0RU+lvNLVW3c9dCiZKT4xzw8X14rL+UeL68afd23N8gOjE9WxNscOnW7bre0/yvaf+qOr3bUD1pz7taBzNbb/SpvqAay/pfz+OxeAjenW9r8l/bO1XXUB1pfzf+hczdr/Rw15/X/YmBY+AOj3Jo+sAzYi/X/oXNo/dC7tHzpSfif8lVjJff0rT5Q3C6z8c7Ys+Q7/TkmUT7xYy7K2xvyUqLQ95A5KpC1mfQudf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3ezfAAAA//+5XeWQ")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x216, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffcc4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

363.102244ms ago: executing program 5 (id=4213):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0xffffffffffffffcf, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa1b96aadc3618c72}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

347.002176ms ago: executing program 3 (id=4214):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000600)='mctp_key_release\x00', r0, 0x0, 0x5}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000340)={r1})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='netfs_rreq_ref\x00', r2, 0x0, 0x9}, 0x18)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000600)='mctp_key_release\x00', r2, 0x0, 0x5}, 0x18)
close(r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000580)="d8001c00180081064e81f782db44fd56170d12a0b9b545c7", 0x18}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e3, &(0x7f0000000180)={r1, r5})

268.124324ms ago: executing program 3 (id=4215):
r0 = gettid()
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket(0x10, 0x3, 0x9)
ioctl$TIOCMIWAIT(r1, 0x545c, 0x200000000000000)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r2=>0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x9d}, 0x18)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/kexec_crash_size', 0x0, 0x166)
setreuid(0x0, 0xee00)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x58, 0x10, 0x403, 0x300, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0xe, 0xf}}, @IFLA_VLAN_ID={0x6, 0x1, 0xffe}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0xc810)
timer_settime(r2, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

240.334546ms ago: executing program 2 (id=4216):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}, 0x1, 0x0, 0x0, 0x4c840}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc, 0x0, 0x4}, 0x4000810)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c40)=@delchain={0x6c, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff3}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x3c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x38, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xfc}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x9}]}]}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r4}, 0x18)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r5, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x5, 0x200, &(0x7f0000003c40)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

0s ago: executing program 2 (id=4217):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1fc0}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x8, 0x2, 0x3}, 0x0, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x4000080)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r0, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)

kernel console output (not intermixed with test programs):

71] vxcan0: left allmulticast mode
[  217.552503][T12371] vxcan1: left allmulticast mode
[  217.557521][T12371] veth0: left allmulticast mode
[  217.562429][T12371] veth1: left allmulticast mode
[  217.567442][T12371] wg0: left allmulticast mode
[  217.572179][T12371] wg1: left allmulticast mode
[  217.577018][T12371] wg2: left allmulticast mode
[  217.581753][T12371] veth1_to_bridge: left allmulticast mode
[  217.587589][T12371] bridge_slave_1: left allmulticast mode
[  217.593404][T12371] veth0_to_bond: left allmulticast mode
[  217.599283][T12371] bond_slave_0: left allmulticast mode
[  217.604854][T12371] veth1_to_bond: left allmulticast mode
[  217.610573][T12371] bond_slave_1: left allmulticast mode
[  217.616130][T12371] veth0_to_team: left allmulticast mode
[  217.621776][T12371] team_slave_0: left allmulticast mode
[  217.622345][T12386] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3136'.
[  217.627319][T12371] veth0_to_batadv: left allmulticast mode
[  217.642168][T12371] batadv_slave_0: left allmulticast mode
[  217.647904][T12371] veth1_to_batadv: left allmulticast mode
[  217.653754][T12371] batadv_slave_1: left allmulticast mode
[  217.659629][T12371] xfrm0: left allmulticast mode
[  217.664755][T12371] veth0_to_hsr: left allmulticast mode
[  217.670453][T12371] veth1_to_hsr: left allmulticast mode
[  217.676100][T12371] hsr0: left allmulticast mode
[  217.680911][T12371] hsr_slave_0: left allmulticast mode
[  217.686299][T12371] hsr_slave_1: left allmulticast mode
[  217.691725][T12371] veth1_virt_wifi: left allmulticast mode
[  217.697526][T12371] veth0_virt_wifi: left allmulticast mode
[  217.703306][T12371] veth1_macvtap: left allmulticast mode
[  217.708907][T12371] veth0_macvtap: left allmulticast mode
[  217.714531][T12371] macvtap0: left allmulticast mode
[  217.719695][T12371] macsec0: left allmulticast mode
[  217.724789][T12371] geneve0: left allmulticast mode
[  217.729930][T12371] geneve1: left allmulticast mode
[  217.735074][T12371] sit1: left allmulticast mode
[  217.740298][T12371] veth6: left allmulticast mode
[  217.745602][T12371] veth8: left allmulticast mode
[  217.750614][T12371] team1: left allmulticast mode
[  217.756148][T12371] vlan0: left allmulticast mode
[  217.761070][T12371] bond3: left allmulticast mode
[  217.766028][T12371] gretap1: left allmulticast mode
[  217.771174][T12371] veth10: left allmulticast mode
[  217.776386][T12371] ip6gre1: left allmulticast mode
[  217.781779][T12371] ip6gre2: left allmulticast mode
[  217.786996][T12371] bond5: left promiscuous mode
[  217.791862][T12371] bridge2: left promiscuous mode
[  217.797179][T12371] bond5: left allmulticast mode
[  217.802098][T12371] bridge2: left allmulticast mode
[  217.808926][T12371] veth14: left promiscuous mode
[  217.813854][T12371] veth14: left allmulticast mode
[  217.831827][T12380] 8021q: adding VLAN 0 to HW filter on device bond0
[  217.840504][T12380] 8021q: adding VLAN 0 to HW filter on device team0
[  217.850600][T12380] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  217.876903][T12384] bond8: (slave geneve4): Enslaving as an active interface with an up link
[  217.886087][   T37] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  217.900408][   T37] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  217.917286][T12386] bond8 (unregistering): (slave geneve4): Releasing backup interface
[  217.940299][T12386] bond8 (unregistering): Released all slaves
[  217.956210][T12401] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  217.980990][   T37] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 20000 - 0
[  218.000105][   T37] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 20000 - 0
[  218.063583][T12407] lo speed is unknown, defaulting to 1000
[  218.358307][T12421] loop5: detected capacity change from 0 to 4096
[  218.385722][T12421] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.420618][T12421] wg2: entered promiscuous mode
[  218.425522][T12421] wg2: entered allmulticast mode
[  218.470300][ T8385] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.491925][T12433] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3145'.
[  218.494758][T12435] netlink: 'syz.5.3143': attribute type 27 has an invalid length.
[  218.510688][T12435] ip6tnl0: left promiscuous mode
[  218.515681][T12435] ip6tnl0: left allmulticast mode
[  218.522333][T12435] dummy0: left promiscuous mode
[  218.530653][T12435] wg2: left promiscuous mode
[  218.535377][T12435] wg2: left allmulticast mode
[  218.541603][T12435] veth2: left promiscuous mode
[  218.546385][T12435] veth2: left allmulticast mode
[  218.565114][T12435] 8021q: adding VLAN 0 to HW filter on device .`
[  218.572766][T12435] 8021q: adding VLAN 0 to HW filter on device team0
[  218.582275][T12435] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  218.609048][T12442] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  218.716866][T12452] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3151'.
[  218.779613][T12458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.787487][T12458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  219.365656][T12477] netlink: 'syz.1.3163': attribute type 2 has an invalid length.
[  219.390660][T12481] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3165'.
[  219.420278][T12484] ip6gre3: entered allmulticast mode
[  219.486164][T12490] netlink: 'syz.1.3168': attribute type 12 has an invalid length.
[  220.203882][T12492] lo speed is unknown, defaulting to 1000
[  220.329456][T12507] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  220.380343][T12507] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  220.425673][T12510] xt_hashlimit: max too large, truncated to 1048576
[  220.433972][T12507] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  220.480326][T12507] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  220.578634][T10657] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  220.600477][T10657] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  220.616127][T10657] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  220.632538][T10657] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  220.671621][T12522] loop4: detected capacity change from 0 to 164
[  220.681998][T12522] syz.4.3180: attempt to access beyond end of device
[  220.681998][T12522] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  220.696846][T12522] syz.4.3180: attempt to access beyond end of device
[  220.696846][T12522] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  220.745739][T12530] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3184'.
[  220.759368][T12530] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3184'.
[  220.811945][T12533] loop5: detected capacity change from 0 to 512
[  220.819163][T12533] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  220.831526][T12533] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.844195][T12533] ext4 filesystem being mounted at /262/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.861432][T12533] EXT4-fs: Ignoring removed orlov option
[  220.867418][T12533] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  220.876049][T12533] EXT4-fs (loop5): can't enable nombcache during remount
[  220.886992][T12533] geneve2: entered promiscuous mode
[  220.892254][T12533] geneve2: entered allmulticast mode
[  220.898891][T10691] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  220.907356][T10691] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  220.915807][T10691] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  220.924216][T10691] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  220.942543][ T8385] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.322454][   T29] kauditd_printk_skb: 572 callbacks suppressed
[  221.322491][   T29] audit: type=1326 audit(1763360689.900:9585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12562 comm="syz.3.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f516dd36567 code=0x7ffc0000
[  221.394681][T12568] loop2: detected capacity change from 0 to 512
[  221.401997][T12568] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  221.411104][   T29] audit: type=1326 audit(1763360689.940:9586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12562 comm="syz.3.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f516dcdb789 code=0x7ffc0000
[  221.434738][   T29] audit: type=1326 audit(1763360689.940:9587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12562 comm="syz.3.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f516dd36567 code=0x7ffc0000
[  221.458220][   T29] audit: type=1326 audit(1763360689.940:9588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12562 comm="syz.3.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f516dcdb789 code=0x7ffc0000
[  221.481801][   T29] audit: type=1326 audit(1763360689.940:9589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12562 comm="syz.3.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  221.505699][   T29] audit: type=1326 audit(1763360689.940:9590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12562 comm="syz.3.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f516dd36567 code=0x7ffc0000
[  221.529182][   T29] audit: type=1326 audit(1763360689.940:9591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12562 comm="syz.3.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f516dcdb789 code=0x7ffc0000
[  221.552402][T12568] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  221.552586][   T29] audit: type=1326 audit(1763360689.940:9592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12562 comm="syz.3.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  221.574903][T12568] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.584858][   T29] audit: type=1326 audit(1763360689.950:9593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12562 comm="syz.3.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f516dd36567 code=0x7ffc0000
[  221.620658][   T29] audit: type=1326 audit(1763360689.950:9594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12562 comm="syz.3.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f516dcdb789 code=0x7ffc0000
[  221.644614][T12568] ext4 filesystem being mounted at /675/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.663903][T12568] serio: Serial port ptm0
[  221.689743][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.701739][T12574] lo speed is unknown, defaulting to 1000
[  221.791277][T12582] __nla_validate_parse: 4 callbacks suppressed
[  221.791295][T12582] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3204'.
[  221.837426][T12582] bond7: (slave geneve2): Enslaving as an active interface with an up link
[  221.846192][T10691] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  221.855655][T10691] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  221.862714][T12582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3204'.
[  221.864466][T10691] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  221.886261][T12582] bond7 (unregistering): (slave geneve2): Releasing backup interface
[  221.904015][T12582] bond7 (unregistering): Released all slaves
[  221.921461][T10691] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 20000 - 0
[  221.942043][T10691] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 20000 - 0
[  221.951244][T10691] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 20000 - 0
[  222.187475][T12602] lo speed is unknown, defaulting to 1000
[  222.305627][T12608] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  222.390687][T12608] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  222.502501][T12608] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  222.581973][T12616] netlink: 'syz.5.3214': attribute type 1 has an invalid length.
[  222.609508][T12608] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  222.650837][T12616] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.671004][T12621] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3216'.
[  222.688618][T10657] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  222.705256][T10657] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  222.706365][T12616] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3214'.
[  222.725500][T12616] bond0 (unregistering): Released all slaves
[  222.745879][T10691] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  222.756732][T10691] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  224.029376][T12690] loop3: detected capacity change from 0 to 164
[  224.152942][T12692] netlink: 'syz.5.3235': attribute type 2 has an invalid length.
[  224.176054][T12690] netlink: 19 bytes leftover after parsing attributes in process `syz.3.3237'.
[  224.408877][T12698] netlink: 'syz.3.3239': attribute type 41 has an invalid length.
[  224.426497][T12702] netlink: 'syz.1.3242': attribute type 1 has an invalid length.
[  224.449231][T12702] 8021q: adding VLAN 0 to HW filter on device bond7
[  224.545433][T12702] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3242'.
[  224.554577][T12702] bond7: entered promiscuous mode
[  224.559702][T12702] bond7: entered allmulticast mode
[  224.568063][T12702] bond4: (slave dummy0): Releasing active interface
[  224.578690][T12702] bond7: (slave dummy0): making interface the new active one
[  224.586410][T12702] dummy0: entered promiscuous mode
[  224.592635][T12702] bond7: (slave dummy0): Enslaving as an active interface with an up link
[  225.275079][T12746] tipc: Bearer <udp:s>: already 2 bearers with priority 10
[  225.282518][T12746] tipc: Bearer <udp:s>: trying with adjusted priority
[  225.289581][T12746] tipc: Enabling of bearer <udp:s> rejected, max 3 bearers permitted
[  225.398026][T12753] loop5: detected capacity change from 0 to 1024
[  225.406468][T12753] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  225.629236][T12763] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  225.691319][T12763] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  225.711963][T12770] syzkaller0: entered promiscuous mode
[  225.717582][T12770] syzkaller0: entered allmulticast mode
[  225.750149][T12763] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  225.804402][T12779] loop4: detected capacity change from 0 to 1024
[  225.811343][T12779] EXT4-fs: Ignoring removed nomblk_io_submit option
[  225.818826][T12763] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  225.830580][T12779] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.922826][   T37] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  225.942175][   T37] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  225.960765][T10692] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  225.973128][T10692] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  226.067811][T12788] veth6: entered promiscuous mode
[  226.073086][T12788] veth6: entered allmulticast mode
[  226.113819][T12794] xt_CT: You must specify a L4 protocol and not use inversions on it
[  226.332450][   T29] kauditd_printk_skb: 1479 callbacks suppressed
[  226.332500][   T29] audit: type=1326 audit(1763360694.910:11074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12789 comm="syz.3.3276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f516dd36567 code=0x7ffc0000
[  226.363642][   T29] audit: type=1326 audit(1763360694.940:11075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12797 comm="syz.2.3280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  226.387292][   T29] audit: type=1326 audit(1763360694.940:11076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12789 comm="syz.3.3276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f516dcdb789 code=0x7ffc0000
[  226.410881][   T29] audit: type=1326 audit(1763360694.940:11077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12789 comm="syz.3.3276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f516dd36567 code=0x7ffc0000
[  226.434423][   T29] audit: type=1326 audit(1763360694.940:11078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12789 comm="syz.3.3276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f516dcdb789 code=0x7ffc0000
[  226.457948][   T29] audit: type=1326 audit(1763360694.940:11079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12789 comm="syz.3.3276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  226.498731][   T29] audit: type=1326 audit(1763360694.990:11080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12789 comm="syz.3.3276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f516dd36567 code=0x7ffc0000
[  226.522295][   T29] audit: type=1326 audit(1763360694.990:11081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12789 comm="syz.3.3276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f516dcdb789 code=0x7ffc0000
[  226.545928][   T29] audit: type=1326 audit(1763360694.990:11082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12789 comm="syz.3.3276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  226.569539][   T29] audit: type=1326 audit(1763360694.990:11083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12797 comm="syz.2.3280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  226.706102][T12783] syz.4.3273 (12783) used greatest stack depth: 6360 bytes left
[  226.719157][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.730935][T12804] lo speed is unknown, defaulting to 1000
[  226.964448][T12820] loop3: detected capacity change from 0 to 128
[  227.062901][T12830] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3293'.
[  227.131431][T12841] bridge: RTM_NEWNEIGH with invalid ether address
[  227.182346][T12846] loop2: detected capacity change from 0 to 512
[  227.189570][T12846] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  227.208232][T12846] EXT4-fs (loop2): 1 truncate cleaned up
[  227.215141][T12846] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.358312][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.899569][T10657] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  227.907462][T10657] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  227.929671][ T3425] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  228.028693][ T3425] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  228.256578][T12890] netlink: 'syz.2.3312': attribute type 10 has an invalid length.
[  228.267097][T12890] team0: Port device dummy0 added
[  228.285121][T12890] netlink: 'syz.2.3312': attribute type 10 has an invalid length.
[  228.298250][T12890] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  228.327641][T12890] team0: Failed to send options change via netlink (err -105)
[  228.335461][T12890] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  228.346035][T12890] team0: Port device dummy0 removed
[  228.356017][T12890] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  228.737977][T12911] netlink: 'syz.5.3330': attribute type 7 has an invalid length.
[  228.745879][T12911] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3330'.
[  228.779012][ T3425] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  229.191317][T12941] syzkaller0: entered promiscuous mode
[  229.196847][T12941] syzkaller0: entered allmulticast mode
[  229.220024][T12943] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  229.273033][T12946] tipc: Bearer <udp:q>: already 2 bearers with priority 10
[  229.280343][T12946] tipc: Bearer <udp:q>: trying with adjusted priority
[  229.287114][T12946] tipc: Enabling of bearer <udp:q> rejected, max 3 bearers permitted
[  229.404028][T12947] loop4: detected capacity change from 0 to 8192
[  229.582943][T12958] netlink: 83992 bytes leftover after parsing attributes in process `syz.5.3338'.
[  229.622802][T12958] netlink: zone id is out of range
[  229.628025][T12958] netlink: zone id is out of range
[  229.664368][T12958] netlink: zone id is out of range
[  229.669569][T12958] netlink: zone id is out of range
[  229.700660][T12958] netlink: zone id is out of range
[  229.716173][T12958] netlink: zone id is out of range
[  229.750875][T12958] netlink: set zone limit has 8 unknown bytes
[  229.852564][T12964] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  230.130294][T12964] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  230.190037][T12964] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  230.260729][T12964] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  230.331440][T10657] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  230.344642][T10657] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  230.361706][T10657] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  230.375621][T10657] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  230.477568][T12967] Set syz0 is full, maxelem 0 reached
[  230.572969][T12980] lo speed is unknown, defaulting to 1000
[  230.697482][T12996] loop5: detected capacity change from 0 to 512
[  230.735005][T13000] Set syz0 is full, maxelem 0 reached
[  230.742562][T13000] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3364'.
[  230.818179][T13006] loop2: detected capacity change from 0 to 164
[  230.853717][T13010] loop3: detected capacity change from 0 to 512
[  230.868932][T13010] EXT4-fs: Ignoring removed orlov option
[  230.959946][T13010] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  231.049190][T13010] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.3358: corrupted in-inode xattr: e_value size too large
[  231.243473][T13010] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3358: couldn't read orphan inode 15 (err -117)
[  231.293744][T13010] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.320864][T13017] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  231.359644][T13019] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3360'.
[  231.369544][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.369611][T13019] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3360'.
[  231.403869][T13023] netlink: 'syz.3.3362': attribute type 39 has an invalid length.
[  231.440600][T13017] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  231.527002][T13017] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  231.604056][T13017] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  231.631589][T13037] loop3: detected capacity change from 0 to 512
[  231.652184][T13037] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.710462][T13037] ext4 filesystem being mounted at /714/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.758704][   T37] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  231.767224][   T37] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  231.786846][   T29] kauditd_printk_skb: 1147 callbacks suppressed
[  231.786873][   T29] audit: type=1400 audit(1763360700.360:12231): avc:  denied  { append } for  pid=13036 comm="syz.3.3367" name="file2" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  231.817599][   T37] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  231.845801][   T37] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  231.915530][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  231.990558][T13043] loop4: detected capacity change from 0 to 512
[  232.153517][   T29] audit: type=1326 audit(1763360700.730:12232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13047 comm="syz.2.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  232.177437][   T29] audit: type=1326 audit(1763360700.730:12233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13047 comm="syz.2.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  232.201319][   T29] audit: type=1326 audit(1763360700.730:12234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13047 comm="syz.2.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  232.224942][   T29] audit: type=1326 audit(1763360700.730:12235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13047 comm="syz.2.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  232.248482][   T29] audit: type=1326 audit(1763360700.730:12236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13047 comm="syz.2.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  232.272302][   T29] audit: type=1326 audit(1763360700.730:12237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13047 comm="syz.2.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  232.296088][   T29] audit: type=1326 audit(1763360700.730:12238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13047 comm="syz.2.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  232.319727][   T29] audit: type=1326 audit(1763360700.730:12239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13047 comm="syz.2.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  232.343238][   T29] audit: type=1326 audit(1763360700.730:12240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13047 comm="syz.2.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  232.388771][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.487712][T13073] netlink: 'syz.4.3381': attribute type 12 has an invalid length.
[  232.832426][T13093] loop3: detected capacity change from 0 to 164
[  232.869434][T13098] siw: device registration error -23
[  232.913608][T13102] ref_ctr increment failed for inode: 0x64d offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88810bb91140
[  233.129249][T13119] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3399'.
[  233.164834][T13121] netlink: 'syz.5.3400': attribute type 10 has an invalid length.
[  233.184205][T13121] team0: Port device dummy0 added
[  233.202872][T13121] netlink: 'syz.5.3400': attribute type 10 has an invalid length.
[  233.212074][T13121] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  233.239348][T13121] team0: Failed to send options change via netlink (err -105)
[  233.247635][T13121] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  233.257491][T13121] team0: Port device dummy0 removed
[  233.266717][T13121] .`: (slave dummy0): Enslaving as an active interface with an up link
[  234.309906][T13162] bridge0: port 1(gretap0) entered blocking state
[  234.316540][T13162] bridge0: port 1(gretap0) entered disabled state
[  234.334919][T13162] gretap0: entered allmulticast mode
[  234.341072][T13162] gretap0: entered promiscuous mode
[  234.349648][T13162] gretap0: left allmulticast mode
[  234.354719][T13162] gretap0: left promiscuous mode
[  234.359928][T13162] bridge0: port 1(gretap0) entered disabled state
[  234.435467][T13167] lo speed is unknown, defaulting to 1000
[  234.746422][T13186] loop3: detected capacity change from 0 to 2048
[  234.840877][T13186] Alternate GPT is invalid, using primary GPT.
[  234.847270][T13186]  loop3: p2 p3 p7
[  235.371230][T13217] loop5: detected capacity change from 0 to 512
[  235.391011][T13217] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.404081][T13217] ext4 filesystem being mounted at /313/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.536356][T13222] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3440'.
[  235.536999][ T8385] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.560933][T13222] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13222 comm=syz.1.3440
[  235.562614][T13224] loop2: detected capacity change from 0 to 512
[  235.580826][T13224] EXT4-fs: Ignoring removed orlov option
[  235.587017][T13224] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  235.597314][T13224] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.3441: corrupted in-inode xattr: e_value size too large
[  235.611598][T13224] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3441: couldn't read orphan inode 15 (err -117)
[  235.624673][T13224] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.684885][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.715316][T13239] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3445'.
[  235.753687][T13243] netlink: 'syz.5.3447': attribute type 27 has an invalid length.
[  235.847224][T13243] geneve2: left promiscuous mode
[  235.852289][T13243] geneve2: left allmulticast mode
[  235.865878][T13243] veth6: left promiscuous mode
[  235.870754][T13243] veth6: left allmulticast mode
[  236.527471][T13249] netlink: 'syz.4.3449': attribute type 39 has an invalid length.
[  236.754415][T13247] 8021q: adding VLAN 0 to HW filter on device .`
[  236.764199][T13247] 8021q: adding VLAN 0 to HW filter on device team0
[  236.772819][T13254] loop3: detected capacity change from 0 to 128
[  236.784146][T13247] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  236.801278][T10657] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 20000 - 0
[  236.831713][T10657] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 20000 - 0
[  236.846975][T10657] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 20000 - 0
[  236.876266][T10657] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 20000 - 0
[  236.915241][T13258] loop5: detected capacity change from 0 to 1024
[  236.934825][T13258] EXT4-fs: Ignoring removed nomblk_io_submit option
[  236.960753][T13258] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.244737][T13272] lo speed is unknown, defaulting to 1000
[  237.435515][   T29] kauditd_printk_skb: 723 callbacks suppressed
[  237.435532][   T29] audit: type=1326 audit(1763360706.010:12964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13274 comm="syz.2.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  237.443927][T13277] loop4: detected capacity change from 0 to 512
[  237.465388][   T29] audit: type=1326 audit(1763360706.010:12965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13274 comm="syz.2.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  237.472286][T13277] EXT4-fs: Ignoring removed orlov option
[  237.502806][T13277] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  237.511410][   T29] audit: type=1326 audit(1763360706.080:12966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13274 comm="syz.2.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  237.535060][   T29] audit: type=1326 audit(1763360706.080:12967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13274 comm="syz.2.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbc1a1af703 code=0x7ffc0000
[  237.559052][   T29] audit: type=1326 audit(1763360706.080:12968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13274 comm="syz.2.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbc1a1af703 code=0x7ffc0000
[  237.582622][   T29] audit: type=1326 audit(1763360706.080:12969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13274 comm="syz.2.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  237.606325][   T29] audit: type=1326 audit(1763360706.080:12970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13274 comm="syz.2.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  237.630046][   T29] audit: type=1326 audit(1763360706.080:12971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13274 comm="syz.2.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  237.653658][   T29] audit: type=1326 audit(1763360706.080:12972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13274 comm="syz.2.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  237.677469][   T29] audit: type=1326 audit(1763360706.080:12973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13274 comm="syz.2.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  237.749711][T13277] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.3455: corrupted in-inode xattr: e_value size too large
[  237.764603][T13277] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3455: couldn't read orphan inode 15 (err -117)
[  237.777415][T13277] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.839581][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.986598][ T8385] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.101165][T13299] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  238.116952][T13303] netlink: 'syz.5.3463': attribute type 12 has an invalid length.
[  238.229139][T13309] lo speed is unknown, defaulting to 1000
[  238.311816][T13311] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  238.359432][T13315] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3471'.
[  238.375573][T13315] hsr_slave_0: left promiscuous mode
[  238.384216][T13315] hsr_slave_1: left promiscuous mode
[  238.457336][T13320] lo speed is unknown, defaulting to 1000
[  238.472818][T13322] loop2: detected capacity change from 0 to 2048
[  238.480058][T13322] EXT4-fs (loop2): cluster size (2048) smaller than block size (4096)
[  238.749698][T13335] lo speed is unknown, defaulting to 1000
[  238.895592][T13340] loop3: detected capacity change from 0 to 512
[  238.941784][T13340] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.968957][T13340] ext4 filesystem being mounted at /735/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.157356][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.176596][T13358] loop4: detected capacity change from 0 to 512
[  239.201661][T13358] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.218741][T13360] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3488'.
[  239.253274][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.325199][T13373] netlink: 'syz.4.3491': attribute type 10 has an invalid length.
[  239.333711][T13373] netlink: 'syz.4.3491': attribute type 10 has an invalid length.
[  239.344202][T13373] .`: (slave dummy0): Enslaving as an active interface with an up link
[  239.450043][T13382] loop2: detected capacity change from 0 to 164
[  239.466666][T13382] ISOFS: unable to read i-node block
[  239.478946][T13382] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  239.686193][T13393] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  240.156055][T13401] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.3505'.
[  240.168574][T13401] netlink: zone id is out of range
[  240.173748][T13401] netlink: zone id is out of range
[  240.179263][T13401] netlink: zone id is out of range
[  240.184395][T13401] netlink: zone id is out of range
[  240.189554][T13401] netlink: zone id is out of range
[  240.194679][T13401] netlink: zone id is out of range
[  240.199814][T13401] netlink: zone id is out of range
[  240.204926][T13401] netlink: zone id is out of range
[  240.298602][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  240.329914][T13410] loop4: detected capacity change from 0 to 512
[  240.342911][T13406] netlink: 'syz.3.3506': attribute type 10 has an invalid length.
[  240.343168][T13410] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.353833][T13406] team0: Port device dummy0 added
[  240.450248][T13406] netlink: 'syz.3.3506': attribute type 10 has an invalid length.
[  240.468787][T13406] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  240.485602][T13410] ext4 filesystem being mounted at /703/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.898627][T13406] team0: Failed to send options change via netlink (err -105)
[  240.906433][T13406] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  240.923727][T13406] team0: Port device dummy0 removed
[  240.949347][T13406] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  241.022144][T13410] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  241.090036][T13410] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  241.108432][T13420] loop3: detected capacity change from 0 to 2048
[  241.169048][T13420]  loop3: p1 < > p4
[  241.174297][T13410] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  241.188772][T13420] loop3: p4 size 8388608 extends beyond EOD, truncated
[  241.409482][T13410] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  241.465480][T10683] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  241.548617][T10683] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  241.557021][T10683] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  241.568238][T10683] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  241.605079][T13424] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3510'.
[  241.720423][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.824877][T13438] loop4: detected capacity change from 0 to 512
[  241.880439][T13438] EXT4-fs: Ignoring removed i_version option
[  241.886503][T13438] EXT4-fs: Ignoring removed bh option
[  242.025014][T13438] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.050533][T13438] ext4 filesystem being mounted at /704/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  242.076395][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.238263][T13450] loop3: detected capacity change from 0 to 2048
[  242.289343][T13450] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.304574][T13450] ext4 filesystem being mounted at /742/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.508035][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.731779][   T29] kauditd_printk_skb: 297 callbacks suppressed
[  242.731791][   T29] audit: type=1326 audit(1763360711.310:13271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13472 comm="syz.3.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  242.761798][   T29] audit: type=1326 audit(1763360711.310:13272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13472 comm="syz.3.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  242.786311][   T29] audit: type=1326 audit(1763360711.360:13273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13472 comm="syz.3.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  242.809960][   T29] audit: type=1326 audit(1763360711.360:13274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13472 comm="syz.3.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  242.833936][   T29] audit: type=1326 audit(1763360711.360:13275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13472 comm="syz.3.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  242.858279][   T29] audit: type=1326 audit(1763360711.430:13276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13472 comm="syz.3.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  242.882075][   T29] audit: type=1326 audit(1763360711.430:13277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13472 comm="syz.3.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  242.905745][   T29] audit: type=1326 audit(1763360711.430:13278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13472 comm="syz.3.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  242.929577][   T29] audit: type=1326 audit(1763360711.430:13279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13472 comm="syz.3.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  242.953320][   T29] audit: type=1326 audit(1763360711.440:13280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13472 comm="syz.3.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  243.080344][T13482] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3532'.
[  243.415551][T13502] loop3: detected capacity change from 0 to 512
[  243.482916][T13508] pim6reg1: entered promiscuous mode
[  243.488317][T13508] pim6reg1: entered allmulticast mode
[  244.071951][T13519] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3546'.
[  244.132124][T13519] lo speed is unknown, defaulting to 1000
[  244.357769][T13526] netlink: 460 bytes leftover after parsing attributes in process `syz.5.3549'.
[  244.387723][T13526] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3549'.
[  244.401187][T13526] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3549'.
[  244.461283][T13536] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3553'.
[  244.470956][T13536] hsr_slave_0: left promiscuous mode
[  244.476828][T13536] hsr_slave_1: left promiscuous mode
[  244.488193][T13537] tipc: Enabling of bearer <eth:syzkaller0> rejected, max 3 bearers permitted
[  245.281375][T13560] loop4: detected capacity change from 0 to 128
[  245.342584][T13564] syz.4.3561: attempt to access beyond end of device
[  245.342584][T13564] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128
[  245.374898][T13564] syz.4.3561: attempt to access beyond end of device
[  245.374898][T13564] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128
[  245.388627][T13564] syz.4.3561: attempt to access beyond end of device
[  245.388627][T13564] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128
[  245.402255][T13564] syz.4.3561: attempt to access beyond end of device
[  245.402255][T13564] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128
[  245.417161][T13564] syz.4.3561: attempt to access beyond end of device
[  245.417161][T13564] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128
[  245.433181][T13564] syz.4.3561: attempt to access beyond end of device
[  245.433181][T13564] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128
[  245.447715][T13564] syz.4.3561: attempt to access beyond end of device
[  245.447715][T13564] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128
[  245.461562][T13564] syz.4.3561: attempt to access beyond end of device
[  245.461562][T13564] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128
[  245.475155][T13564] syz.4.3561: attempt to access beyond end of device
[  245.475155][T13564] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[  245.488878][T13564] syz.4.3561: attempt to access beyond end of device
[  245.488878][T13564] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128
[  245.666541][T13584] loop3: detected capacity change from 0 to 128
[  245.797066][T13602] netlink: 'syz.1.3577': attribute type 30 has an invalid length.
[  246.183115][T13622] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3585'.
[  246.265528][T13628] loop3: detected capacity change from 0 to 512
[  246.349167][T13628] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.430479][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.524119][T13638] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[  246.532965][T13638] ref_ctr increment failed for inode: 0xfc5 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810bb94ac0
[  246.553342][T13638] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[  246.562111][T13638] ref_ctr decrement failed for inode: 0xfc5 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810bb94ac0
[  246.573378][T13638] uprobe: syz.3.3588:13638 failed to unregister, leaking uprobe
[  246.808597][T13652] loop3: detected capacity change from 0 to 4096
[  246.818271][T13652] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.210093][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.297701][T13681] netlink: 'syz.2.3607': attribute type 12 has an invalid length.
[  247.340873][T13683] netlink: 'syz.2.3608': attribute type 83 has an invalid length.
[  247.786573][T13702] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  247.918700][T13725] loop3: detected capacity change from 0 to 2048
[  247.939210][T13725]  loop3: p1 < > p4
[  247.943744][T13725] loop3: p4 size 8388608 extends beyond EOD, truncated
[  247.954169][   T29] kauditd_printk_skb: 243 callbacks suppressed
[  247.954184][   T29] audit: type=1400 audit(1763360716.530:13524): avc:  denied  { read append } for  pid=13724 comm="syz.3.3623" name="loop3p4" dev="devtmpfs" ino=951 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  247.984097][   T29] audit: type=1400 audit(1763360716.530:13525): avc:  denied  { open } for  pid=13724 comm="syz.3.3623" path="/dev/loop3p4" dev="devtmpfs" ino=951 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  248.031812][T13727] lo speed is unknown, defaulting to 1000
[  248.057611][   T29] audit: type=1326 audit(1763360716.630:13526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.1.3625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  248.086453][T13730] program syz.3.3624 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  248.098609][   T29] audit: type=1326 audit(1763360716.630:13527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.1.3625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  248.291476][   T29] audit: type=1326 audit(1763360716.870:13528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.1.3625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  248.315859][   T29] audit: type=1326 audit(1763360716.900:13529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.1.3625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  248.384903][T13737] netlink: 'syz.2.3628': attribute type 4 has an invalid length.
[  248.429337][T13737] netlink: 'syz.2.3628': attribute type 4 has an invalid length.
[  248.465682][T13742] tipc: Enabling of bearer <eth:syzkaller0> rejected, max 3 bearers permitted
[  248.605521][T13760] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13760 comm=syz.3.3632
[  248.676816][   T29] audit: type=1326 audit(1763360717.250:13530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13758 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d0baf6c9 code=0x7ffc0000
[  248.678010][T13764] loop3: detected capacity change from 0 to 128
[  248.700495][   T29] audit: type=1326 audit(1763360717.250:13531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13758 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe7d0baf6c9 code=0x7ffc0000
[  248.700563][   T29] audit: type=1326 audit(1763360717.250:13532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13758 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d0baf6c9 code=0x7ffc0000
[  248.700592][   T29] audit: type=1326 audit(1763360717.250:13533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13758 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe7d0baf6c9 code=0x7ffc0000
[  248.814537][T13768] netlink: 'syz.1.3638': attribute type 4 has an invalid length.
[  248.825696][T13767] netlink: 'syz.1.3638': attribute type 4 has an invalid length.
[  248.946014][T13764] smc: net device bond0 applied user defined pnetid SYZ0
[  248.953669][T13764] smc: net device bond0 erased user defined pnetid SYZ0
[  249.579118][T13785] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3644'.
[  249.740056][T13797] netlink: 'syz.3.3650': attribute type 3 has an invalid length.
[  249.740568][T13792] SELinux: failed to load policy
[  249.747870][T13797] netlink: 'syz.3.3650': attribute type 3 has an invalid length.
[  249.886155][T13808] netlink: 'syz.4.3654': attribute type 10 has an invalid length.
[  249.980857][T13818] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  249.987430][T13818] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  249.995075][T13818] vhci_hcd vhci_hcd.0: Device attached
[  250.003649][T13819] vhci_hcd: connection closed
[  250.003971][T10683] vhci_hcd: stop threads
[  250.012983][T10683] vhci_hcd: release socket
[  250.017402][T10683] vhci_hcd: disconnect device
[  250.555101][T13830] syzkaller0: entered promiscuous mode
[  250.560694][T13830] syzkaller0: entered allmulticast mode
[  250.640802][T13834] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3666'.
[  250.699933][T13840] loop2: detected capacity change from 0 to 1024
[  250.707382][T13840] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  250.718499][T13840] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  250.725344][T13844] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3671'.
[  250.737565][T13840] JBD2: no valid journal superblock found
[  250.743511][T13840] EXT4-fs (loop2): Could not load journal inode
[  250.756493][T13840] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  251.017677][T13861] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3678'.
[  251.366089][T13882] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3686'.
[  251.734129][T13910] validate_nla: 1 callbacks suppressed
[  251.734197][T13910] netlink: 'syz.1.3698': attribute type 1 has an invalid length.
[  251.755576][T13910] 8021q: adding VLAN 0 to HW filter on device bond8
[  251.780115][T13910] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3698'.
[  251.837541][T13910] bond8 (unregistering): Released all slaves
[  251.981855][T13927] lo speed is unknown, defaulting to 1000
[  251.988903][T13929] netlink: 324 bytes leftover after parsing attributes in process `syz.3.3705'.
[  252.063697][T13935] macsec0: entered promiscuous mode
[  252.655199][T13966] lo speed is unknown, defaulting to 1000
[  252.776039][T13976] loop2: detected capacity change from 0 to 1024
[  252.807153][T13976] EXT4-fs: inline encryption not supported
[  252.813059][T13976] EXT4-fs: Ignoring removed orlov option
[  252.829918][T13976] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  252.869895][T13976] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[  252.889271][T13976] System zones: 0-1, 3-12
[  252.906154][T13976] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.961202][   T29] kauditd_printk_skb: 757 callbacks suppressed
[  252.961260][   T29] audit: type=1326 audit(1763360721.540:14291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13975 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  252.993410][   T29] audit: type=1326 audit(1763360721.570:14292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13975 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  253.016674][   T29] audit: type=1326 audit(1763360721.570:14293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13975 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  253.039798][   T29] audit: type=1326 audit(1763360721.570:14294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13975 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  253.063072][   T29] audit: type=1326 audit(1763360721.570:14295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13975 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  253.104950][T13990] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3729'.
[  253.115843][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.223660][T14000] loop3: detected capacity change from 0 to 128
[  253.253329][T14000] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  253.266388][T13990] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13990 comm=syz.5.3729
[  253.279834][T13990] netlink: 'syz.5.3729': attribute type 1 has an invalid length.
[  253.313210][   T29] audit: type=1400 audit(1763360721.890:14296): avc:  denied  { name_bind } for  pid=14007 comm="syz.4.3735" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  253.564424][T14000] bio_check_eod: 71 callbacks suppressed
[  253.564442][T14000] syz.3.3731: attempt to access beyond end of device
[  253.564442][T14000] loop3: rw=2049, sector=161, nr_sectors = 32 limit=128
[  253.612801][T13998] loop2: detected capacity change from 0 to 32768
[  253.619677][T14000] syz.3.3731: attempt to access beyond end of device
[  253.619677][T14000] loop3: rw=2049, sector=201, nr_sectors = 8 limit=128
[  253.650494][   T29] audit: type=1326 audit(1763360722.230:14297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14021 comm="syz.5.3742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d0baf6c9 code=0x7ffc0000
[  253.651756][T14000] syz.3.3731: attempt to access beyond end of device
[  253.651756][T14000] loop3: rw=2049, sector=217, nr_sectors = 8 limit=128
[  253.742058][T14000] syz.3.3731: attempt to access beyond end of device
[  253.742058][T14000] loop3: rw=2049, sector=233, nr_sectors = 8 limit=128
[  253.791620][   T29] audit: type=1326 audit(1763360722.230:14298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14021 comm="syz.5.3742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d0baf6c9 code=0x7ffc0000
[  253.815399][   T29] audit: type=1326 audit(1763360722.270:14299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14021 comm="syz.5.3742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7fe7d0baf6c9 code=0x7ffc0000
[  253.839121][   T29] audit: type=1326 audit(1763360722.270:14300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14021 comm="syz.5.3742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d0baf6c9 code=0x7ffc0000
[  253.864964][T14000] syz.3.3731: attempt to access beyond end of device
[  253.864964][T14000] loop3: rw=2049, sector=249, nr_sectors = 8 limit=128
[  253.908650][T14000] syz.3.3731: attempt to access beyond end of device
[  253.908650][T14000] loop3: rw=2049, sector=265, nr_sectors = 8 limit=128
[  253.965560][T14034] sch_tbf: burst 274 is lower than device lo mtu (11337746) !
[  254.019414][T14000] syz.3.3731: attempt to access beyond end of device
[  254.019414][T14000] loop3: rw=2049, sector=281, nr_sectors = 8 limit=128
[  254.087562][T14000] syz.3.3731: attempt to access beyond end of device
[  254.087562][T14000] loop3: rw=2049, sector=297, nr_sectors = 8 limit=128
[  254.158933][T14000] syz.3.3731: attempt to access beyond end of device
[  254.158933][T14000] loop3: rw=2049, sector=313, nr_sectors = 8 limit=128
[  254.245371][T14000] syz.3.3731: attempt to access beyond end of device
[  254.245371][T14000] loop3: rw=2049, sector=329, nr_sectors = 8 limit=128
[  254.333374][T10657] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  254.524112][T14046] loop3: detected capacity change from 0 to 1024
[  254.535518][T14048] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3752'.
[  254.545856][T14046] EXT4-fs: inline encryption not supported
[  254.551740][T14046] EXT4-fs: Ignoring removed orlov option
[  254.567625][T14046] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  254.597353][T14050] geneve3: entered promiscuous mode
[  254.604470][ T4380] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.614877][T14046] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[  254.625433][T14046] System zones: 0-1, 3-12
[  254.633493][ T4380] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.648647][T14046] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.666325][ T4380] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  254.803757][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.832520][T14060] loop5: detected capacity change from 0 to 512
[  254.840531][T14060] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2803: inode #11: comm syz.5.3756: corrupted xattr block 95: invalid header
[  254.854893][T14060] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.3756: bg 0: block 7: invalid block bitmap
[  254.867716][T14060] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  254.876727][T14060] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2967: inode #11: comm syz.5.3756: corrupted xattr block 95: invalid header
[  254.890566][T14060] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117)
[  254.899748][T14060] EXT4-fs (loop5): 1 orphan inode deleted
[  254.906026][T14060] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.919176][T14060] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.176339][T14083] lo speed is unknown, defaulting to 1000
[  255.415647][T14091] syzkaller0: entered promiscuous mode
[  255.421321][T14091] syzkaller0: entered allmulticast mode
[  255.546835][T14101] loop5: detected capacity change from 0 to 1024
[  255.570817][T14101] EXT4-fs: inline encryption not supported
[  255.576702][T14101] EXT4-fs: Ignoring removed orlov option
[  255.691568][T14105] netlink: 'syz.3.3773': attribute type 10 has an invalid length.
[  255.708758][T14101] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  255.769445][T14101] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[  255.777592][T14101] System zones: 0-1, 3-12
[  255.783060][T14101] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.092118][ T8385] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.149754][T14055] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.248405][T14112] loop4: detected capacity change from 0 to 512
[  256.270172][T14055] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.298611][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  256.298889][T14114] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3776'.
[  256.380165][T14055] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.399811][T14112] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.433005][T14112] ext4 filesystem being mounted at /746/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.478769][T10654] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  256.521209][T10654] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  256.558714][T10654] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  256.598695][T10654] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  256.891917][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.227699][T14147] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3789'.
[  257.405719][T14165] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3796'.
[  257.484244][T14167] loop5: detected capacity change from 0 to 4096
[  257.493051][T14167] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.541047][ T8385] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.585015][T14172] lo speed is unknown, defaulting to 1000
[  258.246538][T14220] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  258.451785][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  258.451801][   T29] audit: type=1326 audit(1763360727.030:14358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14231 comm="syz.2.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  258.483933][T14233] loop2: detected capacity change from 0 to 2048
[  258.495735][   T29] audit: type=1326 audit(1763360727.030:14359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14231 comm="syz.2.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  258.519350][   T29] audit: type=1326 audit(1763360727.030:14360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14231 comm="syz.2.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  258.543097][   T29] audit: type=1326 audit(1763360727.030:14361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14231 comm="syz.2.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  258.566815][   T29] audit: type=1326 audit(1763360727.030:14362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14231 comm="syz.2.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  258.590466][   T29] audit: type=1326 audit(1763360727.030:14363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14231 comm="syz.2.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  258.614117][   T29] audit: type=1326 audit(1763360727.030:14364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14231 comm="syz.2.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  258.637788][   T29] audit: type=1326 audit(1763360727.030:14365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14231 comm="syz.2.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  258.661452][   T29] audit: type=1326 audit(1763360727.030:14366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14231 comm="syz.2.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbc1a1af703 code=0x7ffc0000
[  258.684874][   T29] audit: type=1326 audit(1763360727.030:14367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14231 comm="syz.2.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbc1a1ae17f code=0x7ffc0000
[  258.900678][T14248] loop4: detected capacity change from 0 to 128
[  258.988614][T14248] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  259.029120][T14233]  loop2: p1 < > p4
[  259.128818][T14233] loop2: p4 size 8388608 extends beyond EOD, truncated
[  259.411037][T14265] loop3: detected capacity change from 0 to 512
[  259.452690][T14246] bio_check_eod: 97 callbacks suppressed
[  259.452708][T14246] syz.4.3825: attempt to access beyond end of device
[  259.452708][T14246] loop4: rw=2049, sector=161, nr_sectors = 24 limit=128
[  259.472520][T14246] syz.4.3825: attempt to access beyond end of device
[  259.472520][T14246] loop4: rw=2049, sector=193, nr_sectors = 8 limit=128
[  259.487114][T14246] syz.4.3825: attempt to access beyond end of device
[  259.487114][T14246] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[  259.501965][T14265] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  259.511064][T14246] syz.4.3825: attempt to access beyond end of device
[  259.511064][T14246] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[  259.568950][T14265] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.3829: invalid block
[  259.583293][T14265] EXT4-fs (loop3): Remounting filesystem read-only
[  259.592076][T14246] syz.4.3825: attempt to access beyond end of device
[  259.592076][T14246] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[  259.638704][T14265] EXT4-fs (loop3): 2 truncates cleaned up
[  259.647164][T14265] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.692066][T14246] syz.4.3825: attempt to access beyond end of device
[  259.692066][T14246] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[  259.707770][T14265] EXT4-fs (loop3): shut down requested (2)
[  259.709341][T14246] syz.4.3825: attempt to access beyond end of device
[  259.709341][T14246] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128
[  259.758032][T14271] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  259.767223][T14271] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  259.796677][T14246] syz.4.3825: attempt to access beyond end of device
[  259.796677][T14246] loop4: rw=2049, sector=289, nr_sectors = 8 limit=128
[  259.831970][T14246] syz.4.3825: attempt to access beyond end of device
[  259.831970][T14246] loop4: rw=2049, sector=305, nr_sectors = 8 limit=128
[  259.848412][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.877940][T14246] syz.4.3825: attempt to access beyond end of device
[  259.877940][T14246] loop4: rw=2049, sector=321, nr_sectors = 8 limit=128
[  259.899140][T14273] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3831'.
[  259.908960][T14273] hsr_slave_0: left promiscuous mode
[  259.914815][T14273] hsr_slave_1: left promiscuous mode
[  259.987502][T10657] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  260.016812][T14275] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3832'.
[  260.082656][T14281] netlink: 83992 bytes leftover after parsing attributes in process `syz.2.3834'.
[  260.092126][T14281] net_ratelimit: 81 callbacks suppressed
[  260.092142][T14281] netlink: zone id is out of range
[  260.103046][T14281] netlink: zone id is out of range
[  260.109006][T14281] netlink: zone id is out of range
[  260.114267][T14281] netlink: zone id is out of range
[  260.119518][T14281] netlink: zone id is out of range
[  260.124635][T14281] netlink: zone id is out of range
[  260.129787][T14281] netlink: zone id is out of range
[  260.129967][T14282] delete_channel: no stack
[  260.134947][T14281] netlink: zone id is out of range
[  260.134956][T14281] netlink: zone id is out of range
[  260.134964][T14281] netlink: zone id is out of range
[  260.547068][T14313] lo speed is unknown, defaulting to 1000
[  261.193007][T14323] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3847'.
[  261.263988][T14322] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14322 comm=syz.2.3847
[  261.411759][T14337] loop4: detected capacity change from 0 to 1024
[  261.418892][T14337] EXT4-fs: inline encryption not supported
[  261.424934][T14337] EXT4-fs: Ignoring removed orlov option
[  261.432090][T14337] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  261.449674][T14337] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[  261.455357][T14341] lo speed is unknown, defaulting to 1000
[  261.457971][T14337] System zones: 0-1, 3-12
[  261.472209][T14337] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.544805][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.623584][T14355] lo speed is unknown, defaulting to 1000
[  261.830446][T14372] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3866'.
[  261.871846][T14366] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14366 comm=syz.5.3866
[  261.904730][T14378] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3870'.
[  261.934648][T14378] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3870'.
[  262.050781][T14387] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3873'.
[  262.063956][T14388] loop3: detected capacity change from 0 to 1024
[  262.093659][T14388] EXT4-fs: inline encryption not supported
[  262.099699][T14388] EXT4-fs: Ignoring removed orlov option
[  262.110113][T14393] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  262.121452][T14388] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  262.166027][T14395] loop5: detected capacity change from 0 to 512
[  262.173683][T14395] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  262.219384][T14395] EXT4-fs (loop5): orphan cleanup on readonly fs
[  262.227059][T14395] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3883: bg 0: block 248: padding at end of block bitmap is not set
[  262.242151][T14395] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.3883: Failed to acquire dquot type 1
[  262.254412][T14395] EXT4-fs (loop5): 1 truncate cleaned up
[  262.261497][T14395] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  262.314294][T14388] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[  262.323185][T14393] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  262.334672][T14388] System zones: 0-1, 3-12
[  262.353618][T14388] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.410949][T14393] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  262.461138][T14393] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  262.530238][T10698] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  262.594075][T10698] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  262.659817][T10698] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  262.743336][T10698] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  262.781783][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.141995][T14413] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3880'.
[  263.161768][T14413] team0 (uninitialized): Failed to send options change via netlink (err -105)
[  263.191225][T14413] team0: entered promiscuous mode
[  263.196331][T14413] team0: entered allmulticast mode
[  263.313683][T14418] vlan0: entered allmulticast mode
[  263.318881][T14418] bridge_slave_0: entered allmulticast mode
[  263.471515][T14426] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3887'.
[  263.793319][ T8385] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.831546][T14442] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3889'.
[  263.849429][T14442] hsr_slave_0: left promiscuous mode
[  263.864908][T14442] hsr_slave_1: left promiscuous mode
[  263.880156][   T29] kauditd_printk_skb: 109 callbacks suppressed
[  263.880198][   T29] audit: type=1400 audit(1763360732.460:14475): avc:  denied  { write } for  pid=14443 comm="syz.4.3890" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  264.101456][T14446] loop4: detected capacity change from 0 to 1024
[  264.108500][T14448] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.118962][T14446] EXT4-fs: Ignoring removed orlov option
[  264.124968][T14451] netlink: 'syz.3.3892': attribute type 4 has an invalid length.
[  264.134868][T14446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.148273][ T3396] lo speed is unknown, defaulting to 1000
[  264.154074][ T3396] syz2: Port: 1 Link DOWN
[  264.159163][T14451] netlink: 'syz.3.3892': attribute type 4 has an invalid length.
[  264.178930][ T3425] lo speed is unknown, defaulting to 1000
[  264.184733][ T3425] syz2: Port: 1 Link ACTIVE
[  264.190826][T14448] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.250339][T14448] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.310087][T14448] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.387333][T10657] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  264.399820][T10657] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  264.411937][T10683] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  264.424488][T10683] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  264.483522][T14464] loop3: detected capacity change from 0 to 1024
[  264.494716][T14464] EXT4-fs: Ignoring removed bh option
[  264.500499][   T29] audit: type=1326 audit(1763360733.080:14476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14467 comm="syz.1.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  264.524159][   T29] audit: type=1326 audit(1763360733.080:14477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14467 comm="syz.1.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  264.547724][   T29] audit: type=1326 audit(1763360733.080:14478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14467 comm="syz.1.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  264.571559][   T29] audit: type=1326 audit(1763360733.080:14479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14467 comm="syz.1.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  264.595300][   T29] audit: type=1326 audit(1763360733.080:14480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14467 comm="syz.1.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  264.618959][   T29] audit: type=1326 audit(1763360733.080:14481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14467 comm="syz.1.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  264.642611][   T29] audit: type=1326 audit(1763360733.080:14482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14467 comm="syz.1.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  264.643247][T14464] EXT4-fs: inline encryption not supported
[  264.666246][   T29] audit: type=1326 audit(1763360733.080:14483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14467 comm="syz.1.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  264.695698][   T29] audit: type=1326 audit(1763360733.080:14484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14467 comm="syz.1.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  264.751183][T14464] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  264.762937][T14464] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  264.772462][T14464] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.3896: lblock 2 mapped to illegal pblock 2 (length 1)
[  264.787045][T14464] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.3896: lblock 0 mapped to illegal pblock 48 (length 1)
[  264.801987][T14464] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3896: Failed to acquire dquot type 0
[  264.978621][T14464] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  265.058777][T14464] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.3896: mark_inode_dirty error
[  265.119609][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.140279][T14479] vlan0: entered allmulticast mode
[  265.145460][T14479] bridge_slave_0: entered allmulticast mode
[  265.160005][T14464] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  265.174596][T14464] EXT4-fs (loop3): 1 orphan inode deleted
[  265.181493][T14464] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.194856][T10657] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:22: lblock 1 mapped to illegal pblock 1 (length 1)
[  265.209586][T14481] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3900'.
[  265.218852][T10657] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:22: Failed to release dquot type 0
[  265.279473][T14464] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.3896: lblock 0 mapped to illegal pblock 48 (length 1)
[  265.306542][T14483] syzkaller0: entered promiscuous mode
[  265.312094][T14483] syzkaller0: entered allmulticast mode
[  265.320036][T14481] lo speed is unknown, defaulting to 1000
[  265.430403][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.523023][T14493] ip6gretap0: entered promiscuous mode
[  265.529163][T14493] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3905'.
[  265.538902][T14493] ip6gretap0 (unregistering): left promiscuous mode
[  265.631021][T14494] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  265.754180][T14497] loop5: detected capacity change from 0 to 512
[  265.856859][T14497] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.869721][T14497] ext4 filesystem being mounted at /404/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.979653][ T8385] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.512363][T14521] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3912'.
[  266.540178][T14517] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14517 comm=syz.3.3911
[  266.637151][T14534] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[  266.645868][T14534] ref_ctr increment failed for inode: 0x86a offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810a471700
[  266.658062][T14534] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[  266.666829][T14534] ref_ctr decrement failed for inode: 0x86a offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810a471700
[  266.680066][T14534] uprobe: syz.5.3918:14534 failed to unregister, leaking uprobe
[  266.706221][T14536] lo speed is unknown, defaulting to 1000
[  266.832811][T14542] tipc: Enabling of bearer <eth:syzkaller0> rejected, max 3 bearers permitted
[  266.854647][T14542] syzkaller0: entered promiscuous mode
[  266.860434][T14542] syzkaller0: entered allmulticast mode
[  266.891886][T14544] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  266.940300][T14549] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  267.019761][T14549] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  267.110782][T14549] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  267.213473][T14549] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  267.300561][T10698] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  267.339379][T10698] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  267.383858][T10698] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  267.428359][T10698] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  267.592338][T14559] syzkaller0: entered promiscuous mode
[  267.597904][T14559] syzkaller0: entered allmulticast mode
[  267.633932][T14559] netlink: 'syz.4.3928': attribute type 4 has an invalid length.
[  267.659249][T14559] netlink: 'syz.4.3928': attribute type 4 has an invalid length.
[  268.404502][T14567] __nla_validate_parse: 2 callbacks suppressed
[  268.404560][T14567] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3932'.
[  268.424443][T14567] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3932'.
[  268.770144][T14575] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.899963][T14575] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.979995][T14575] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.130034][T14575] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.186112][T10657] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  269.205546][T10657] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  269.218196][T10657] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  269.238430][T10657] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  269.501391][   T29] kauditd_printk_skb: 47 callbacks suppressed
[  269.501404][   T29] audit: type=1326 audit(1763360738.080:14528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  269.537260][   T29] audit: type=1326 audit(1763360738.080:14529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  269.560271][   T29] audit: type=1326 audit(1763360738.080:14530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  269.583377][   T29] audit: type=1326 audit(1763360738.080:14531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  269.606374][   T29] audit: type=1326 audit(1763360738.080:14532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  269.629418][   T29] audit: type=1326 audit(1763360738.080:14533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  269.652411][   T29] audit: type=1326 audit(1763360738.080:14534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  269.675459][   T29] audit: type=1326 audit(1763360738.080:14535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  269.698442][   T29] audit: type=1326 audit(1763360738.080:14536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  269.721333][   T29] audit: type=1326 audit(1763360738.080:14537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  269.843004][T14589] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  269.883063][T14598] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[  269.885201][T14600] loop3: detected capacity change from 0 to 128
[  269.891775][T14598] ref_ctr increment failed for inode: 0x10de offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810bb95c00
[  269.892520][T14598] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[  269.902210][T14600] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  269.909716][T14598] ref_ctr decrement failed for inode: 0x10de offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810bb95c00
[  269.910322][T14589] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  269.921165][T14600] ext4 filesystem being mounted at /830/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  269.932126][T14598] uprobe: syz.2.3943:14598 failed to unregister, leaking uprobe
[  269.983959][T14607] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14607 comm=syz.1.3940
[  270.017237][T14606] syzkaller0: entered promiscuous mode
[  270.022994][T14606] syzkaller0: entered allmulticast mode
[  270.030450][T14606] netlink: 'syz.5.3954': attribute type 4 has an invalid length.
[  270.040327][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  270.050919][T14606] netlink: 'syz.5.3954': attribute type 4 has an invalid length.
[  270.070378][T14589] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  270.084802][T14612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3946'.
[  270.140507][T14589] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  270.167761][T14616] lo speed is unknown, defaulting to 1000
[  270.220904][ T4380] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  270.229564][T14618] netlink: 'syz.1.3949': attribute type 9 has an invalid length.
[  270.237315][T14618] netlink: 'syz.1.3949': attribute type 7 has an invalid length.
[  270.245165][T14618] netlink: 'syz.1.3949': attribute type 8 has an invalid length.
[  270.258771][ T4380] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  270.277385][ T4380] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  270.289081][ T4380] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  270.815636][T14640] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=14640 comm=syz.1.3959
[  270.835350][T14640] netlink: 232 bytes leftover after parsing attributes in process `syz.1.3959'.
[  270.870887][T14642] xt_CT: You must specify a L4 protocol and not use inversions on it
[  270.996302][T14650] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3974'.
[  271.031392][T14652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3964'.
[  271.033819][T14650] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.058099][T14652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3964'.
[  271.604997][T14673] syz_tun: entered allmulticast mode
[  271.615524][T14673] dvmrp8: entered allmulticast mode
[  271.623200][T14672] syz_tun: left allmulticast mode
[  271.684009][T14671] lo speed is unknown, defaulting to 1000
[  272.015523][T14690] lo speed is unknown, defaulting to 1000
[  272.026064][T14694] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3982'.
[  272.083640][T14700] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3982'.
[  272.222886][T14706] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3986'.
[  272.336711][T14690] netlink: 'syz.5.3980': attribute type 2 has an invalid length.
[  272.377479][T14690] loop5: detected capacity change from 0 to 8192
[  272.562176][T14719] xt_time: unknown flags 0xf4
[  272.594894][T14723] loop3: detected capacity change from 0 to 512
[  272.612958][T14723] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.3992: bad orphan inode 15
[  272.627217][T14723] ext4_test_bit(bit=14, block=5) = 0
[  272.639517][T14723] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  272.719100][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.777121][T14740] loop3: detected capacity change from 0 to 2048
[  272.791645][T14740] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  272.804344][T14740] ext4 filesystem being mounted at /842/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  272.834281][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.876703][T14743] lo speed is unknown, defaulting to 1000
[  272.907003][T14747] syzkaller0: entered promiscuous mode
[  272.909897][T14750] netlink: 'syz.1.4008': attribute type 1 has an invalid length.
[  272.912658][T14747] syzkaller0: entered allmulticast mode
[  272.970435][T14750] 8021q: adding VLAN 0 to HW filter on device bond8
[  272.981524][T14755] loop2: detected capacity change from 0 to 1024
[  272.992010][T14755] EXT4-fs: Ignoring removed nomblk_io_submit option
[  273.010147][T14755] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.010319][T14750] 8021q: adding VLAN 0 to HW filter on device bond8
[  273.029801][T14750] bond8: (slave vxcan3): The slave device specified does not support setting the MAC address
[  273.041275][T14750] bond8: (slave vxcan3): Error -95 calling set_mac_address
[  273.067190][T14758] vlan2: entered allmulticast mode
[  273.072395][T14758] team0: entered allmulticast mode
[  273.077565][T14758] team_slave_0: entered allmulticast mode
[  273.086239][T14758] bond8: (slave vlan2): Enslaving as an active interface with a down link
[  273.510284][T14787] loop5: detected capacity change from 0 to 256
[  273.533788][T14791] lo speed is unknown, defaulting to 1000
[  273.560253][T14787] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000001)
[  273.568154][T14787] FAT-fs (loop5): Filesystem has been set read-only
[  273.657225][T14791] __nla_validate_parse: 6 callbacks suppressed
[  273.657239][T14791] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4014'.
[  273.890911][T14790] loop4: detected capacity change from 0 to 128
[  274.009738][T14807] random: crng reseeded on system resumption
[  274.017357][T14807] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14807 comm=syz.4.4018
[  274.039927][T14807] lo speed is unknown, defaulting to 1000
[  274.082210][T14808] infiniband syb2: RDMA CMA: cma_listen_on_dev, error -98
[  274.140103][T14810] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4019'.
[  274.149768][T14810] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4019'.
[  274.169424][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.510947][T14825] lo speed is unknown, defaulting to 1000
[  274.691997][T14840] loop3: detected capacity change from 0 to 1024
[  274.700902][T14840] EXT4-fs: Ignoring removed nomblk_io_submit option
[  274.704988][T14838] lo speed is unknown, defaulting to 1000
[  274.729842][T14840] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.743965][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  274.743983][   T29] audit: type=1400 audit(1763360743.320:14563): avc:  denied  { bind } for  pid=14837 comm="syz.5.4030" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  274.744383][T14834] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4027'.
[  275.082436][T14855] netlink: 'syz.2.4035': attribute type 1 has an invalid length.
[  275.104701][T14855] 8021q: adding VLAN 0 to HW filter on device bond9
[  275.117980][T14855] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4035'.
[  275.129327][T14855] bond9 (unregistering): Released all slaves
[  275.240250][T14858] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4036'.
[  275.252622][   T29] audit: type=1326 audit(1763360743.830:14564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.2.4037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  275.288592][   T29] audit: type=1326 audit(1763360743.830:14565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.2.4037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  275.335855][   T29] audit: type=1326 audit(1763360743.870:14566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.2.4037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  275.359728][   T29] audit: type=1326 audit(1763360743.870:14567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.2.4037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  275.383553][   T29] audit: type=1326 audit(1763360743.870:14568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.2.4037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  275.408392][   T29] audit: type=1326 audit(1763360743.890:14569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.2.4037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  275.431966][   T29] audit: type=1326 audit(1763360743.890:14570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.2.4037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  275.455742][   T29] audit: type=1326 audit(1763360743.890:14571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.2.4037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  275.479369][   T29] audit: type=1326 audit(1763360743.890:14572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.2.4037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fbc1a1af6c9 code=0x7ffc0000
[  275.590365][T14867] loop5: detected capacity change from 0 to 1024
[  275.597121][T14867] EXT4-fs: Ignoring removed bh option
[  275.655911][T14867] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.691777][ T8385] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.555415][T14897] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4050'.
[  276.564386][T14897] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4050'.
[  276.607148][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.726455][T14901] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4053'.
[  276.801052][T14901] syz_tun: entered promiscuous mode
[  276.806697][T14901] macvtap1: entered promiscuous mode
[  276.812271][T14901] macvtap1: entered allmulticast mode
[  276.817736][T14901] syz_tun: entered allmulticast mode
[  276.928650][T14902] syz_tun: left allmulticast mode
[  276.933864][T14902] syz_tun: left promiscuous mode
[  277.033593][T14914] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4056'.
[  278.156184][T14943] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  278.215335][T14950] loop4: detected capacity change from 0 to 512
[  278.259414][T14943] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  278.289802][T14950] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  278.308787][T14949] wg2: entered promiscuous mode
[  278.313695][T14949] wg2: entered allmulticast mode
[  278.332559][T14950] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.373905][T14955] syzkaller0: entered allmulticast mode
[  278.404747][T14943] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  278.480037][T14943] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  278.576566][T14965] loop3: detected capacity change from 0 to 512
[  278.693220][T10654] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  278.710574][T14965] EXT4-fs: Invalid want_extra_isize 93
[  278.726750][T10654] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  278.779196][T10654] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  278.996625][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.009681][T10654] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  279.456851][T14991] loop2: detected capacity change from 0 to 512
[  279.477679][T14991] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  279.916086][T15008] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  279.916086][T15008]    program syz.4.4088 not setting count and/or reply_len properly
[  279.961524][T15010] netlink: 1347 bytes leftover after parsing attributes in process `syz.1.4092'.
[  280.420193][T15017] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4103'.
[  280.665695][T15017] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4103'.
[  280.945295][T15027] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4096'.
[  280.962611][T15026] netlink: 'syz.1.4095': attribute type 1 has an invalid length.
[  281.015448][T15026] 8021q: adding VLAN 0 to HW filter on device bond9
[  281.249625][T15027] IPVS: Unknown mcast interface: ve
[  281.308135][T15026] veth23: entered promiscuous mode
[  281.385083][T15026] bond9: (slave veth23): Enslaving as an active interface with a down link
[  281.681046][T15032] loop2: detected capacity change from 0 to 1024
[  281.687731][T15032] EXT4-fs: Ignoring removed orlov option
[  281.694723][T15032] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  281.726575][T15032] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.747658][T15026] veth25: entered promiscuous mode
[  281.917810][T15026] bond9: (slave veth25): Enslaving as an active interface with a down link
[  282.735999][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.754696][T15040] loop4: detected capacity change from 0 to 128
[  282.795195][T15038] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  282.890394][   T29] kauditd_printk_skb: 339 callbacks suppressed
[  282.890408][   T29] audit: type=1326 audit(1763360751.470:14912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15051 comm="syz.3.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  282.925628][   T29] audit: type=1326 audit(1763360751.500:14913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15051 comm="syz.3.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  282.949293][   T29] audit: type=1326 audit(1763360751.500:14914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15051 comm="syz.3.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  282.973023][   T29] audit: type=1326 audit(1763360751.500:14915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15051 comm="syz.3.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  282.996637][   T29] audit: type=1326 audit(1763360751.500:14916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15051 comm="syz.3.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  283.020409][   T29] audit: type=1326 audit(1763360751.500:14917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15051 comm="syz.3.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  283.044023][   T29] audit: type=1326 audit(1763360751.500:14918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15051 comm="syz.3.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  283.067730][   T29] audit: type=1326 audit(1763360751.500:14919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15051 comm="syz.3.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  283.091360][   T29] audit: type=1326 audit(1763360751.500:14920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15051 comm="syz.3.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  283.114996][   T29] audit: type=1326 audit(1763360751.500:14921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15051 comm="syz.3.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f516dd3f6c9 code=0x7ffc0000
[  283.160622][T15063] netlink: 'syz.3.4110': attribute type 39 has an invalid length.
[  283.231223][T15065] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4111'.
[  283.255146][T15067] loop3: detected capacity change from 0 to 512
[  283.262719][T15067] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  283.274541][T15067] EXT4-fs (loop3): orphan cleanup on readonly fs
[  283.281873][T15067] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4112: bg 0: block 248: padding at end of block bitmap is not set
[  283.296653][T15067] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.4112: Failed to acquire dquot type 1
[  283.333795][T15067] EXT4-fs (loop3): 1 truncate cleaned up
[  283.349138][T15067] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  283.805836][ T4380] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 20004 - 0
[  283.818442][ T3375] syb2: Port: 1 Link DOWN
[  283.818472][ T4380] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 20004 - 0
[  283.818537][ T4380] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 20004 - 0
[  283.858611][ T4380] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 20004 - 0
[  283.896952][T15078] loop5: detected capacity change from 0 to 512
[  283.923789][T15078] EXT4-fs: Ignoring removed nomblk_io_submit option
[  283.943615][T15078] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  283.965622][T15078] EXT4-fs (loop5): 1 truncate cleaned up
[  283.971896][T15078] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.007469][T15078] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4115'.
[  284.053874][ T8385] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.102251][T15090] vlan0: entered allmulticast mode
[  284.128841][T15070] syz.2.4113 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  284.143067][T15070] CPU: 1 UID: 0 PID: 15070 Comm: syz.2.4113 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  284.143124][T15070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  284.143164][T15070] Call Trace:
[  284.143176][T15070]  <TASK>
[  284.143186][T15070]  __dump_stack+0x1d/0x30
[  284.143213][T15070]  dump_stack_lvl+0xe8/0x140
[  284.143262][T15070]  dump_stack+0x15/0x1b
[  284.143278][T15070]  dump_header+0x81/0x220
[  284.143294][T15070]  oom_kill_process+0x342/0x400
[  284.143328][T15070]  out_of_memory+0x979/0xb80
[  284.143357][T15070]  try_charge_memcg+0x610/0xa10
[  284.143392][T15070]  obj_cgroup_charge_pages+0xa6/0x150
[  284.143441][T15070]  __memcg_kmem_charge_page+0x9f/0x170
[  284.143529][T15070]  __alloc_frozen_pages_noprof+0x188/0x360
[  284.143577][T15070]  alloc_pages_mpol+0xb3/0x260
[  284.143601][T15070]  ? alloc_pages_noprof+0x61/0x130
[  284.143691][T15070]  alloc_pages_noprof+0x90/0x130
[  284.143716][T15070]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  284.143760][T15070]  __kvmalloc_node_noprof+0x483/0x670
[  284.143808][T15070]  ? ip_set_alloc+0x24/0x30
[  284.143840][T15070]  ? ip_set_alloc+0x24/0x30
[  284.143867][T15070]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  284.143987][T15070]  ip_set_alloc+0x24/0x30
[  284.144017][T15070]  hash_netiface_create+0x282/0x740
[  284.144054][T15070]  ? __pfx_hash_netiface_create+0x10/0x10
[  284.144134][T15070]  ip_set_create+0x3cc/0x970
[  284.144165][T15070]  ? __nla_parse+0x40/0x60
[  284.144186][T15070]  nfnetlink_rcv_msg+0x4c6/0x590
[  284.144253][T15070]  netlink_rcv_skb+0x123/0x220
[  284.144358][T15070]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  284.144440][T15070]  nfnetlink_rcv+0x167/0x16c0
[  284.144464][T15070]  ? kmem_cache_free+0xe4/0x3d0
[  284.144493][T15070]  ? __kfree_skb+0x109/0x150
[  284.144520][T15070]  ? nlmon_xmit+0x4f/0x60
[  284.144573][T15070]  ? consume_skb+0x49/0x150
[  284.144598][T15070]  ? nlmon_xmit+0x4f/0x60
[  284.144620][T15070]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  284.144740][T15070]  ? __dev_queue_xmit+0x1200/0x2000
[  284.144798][T15070]  ? __dev_queue_xmit+0x182/0x2000
[  284.144818][T15070]  ? ref_tracker_free+0x37d/0x3e0
[  284.144930][T15070]  ? __netlink_deliver_tap+0x4dc/0x500
[  284.144993][T15070]  netlink_unicast+0x5c0/0x690
[  284.145031][T15070]  netlink_sendmsg+0x58b/0x6b0
[  284.145107][T15070]  ? __pfx_netlink_sendmsg+0x10/0x10
[  284.145261][T15070]  __sock_sendmsg+0x145/0x180
[  284.145292][T15070]  ____sys_sendmsg+0x31e/0x4e0
[  284.145317][T15070]  ___sys_sendmsg+0x17b/0x1d0
[  284.145357][T15070]  __x64_sys_sendmsg+0xd4/0x160
[  284.145385][T15070]  x64_sys_call+0x191e/0x3000
[  284.145448][T15070]  do_syscall_64+0xd2/0x200
[  284.145469][T15070]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  284.145495][T15070]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  284.145575][T15070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.145596][T15070] RIP: 0033:0x7fbc1a1af6c9
[  284.145615][T15070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.145695][T15070] RSP: 002b:00007fbc18c0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  284.145755][T15070] RAX: ffffffffffffffda RBX: 00007fbc1a405fa0 RCX: 00007fbc1a1af6c9
[  284.145813][T15070] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  284.145895][T15070] RBP: 00007fbc1a231f91 R08: 0000000000000000 R09: 0000000000000000
[  284.145909][T15070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  284.145992][T15070] R13: 00007fbc1a406038 R14: 00007fbc1a405fa0 R15: 00007ffd1b19a888
[  284.146016][T15070]  </TASK>
[  284.146028][T15070] memory: usage 307200kB, limit 307200kB, failcnt 645
[  284.497033][T15070] memory+swap: usage 307948kB, limit 9007199254740988kB, failcnt 0
[  284.504946][T15070] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[  284.512237][T15070] Memory cgroup stats for /syz2:
[  284.514397][T15070] cache 0
[  284.522327][T15070] rss 0
[  284.525097][T15070] shmem 0
[  284.528052][T15070] mapped_file 0
[  284.531586][T15070] dirty 0
[  284.534539][T15070] writeback 0
[  284.537847][T15070] workingset_refault_anon 3118
[  284.542835][T15070] workingset_refault_file 730
[  284.547555][T15070] swap 765952
[  284.550925][T15070] swapcached 8192
[  284.554567][T15070] pgpgin 323995
[  284.558032][T15070] pgpgout 323992
[  284.561620][T15070] pgfault 369609
[  284.565173][T15070] pgmajfault 770
[  284.568763][T15070] inactive_anon 4096
[  284.568951][T15092] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4119'.
[  284.572702][T15070] active_anon 4096
[  284.572713][T15070] inactive_file 0
[  284.588221][T15092] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4119'.
[  284.588981][T15070] active_file 4096
[  284.588992][T15070] unevictable 0
[  284.589002][T15070] hierarchical_memory_limit 314572800
[  284.610521][T15070] hierarchical_memsw_limit 9223372036854771712
[  284.616677][T15070] total_cache 0
[  284.620210][T15070] total_rss 0
[  284.623508][T15070] total_shmem 0
[  284.626970][T15070] total_mapped_file 0
[  284.631000][T15070] total_dirty 0
[  284.634470][T15070] total_writeback 0
[  284.638295][T15070] total_workingset_refault_anon 3118
[  284.643644][T15070] total_workingset_refault_file 730
[  284.648896][T15070] total_swap 765952
[  284.652755][T15070] total_swapcached 8192
[  284.656918][T15070] total_pgpgin 323995
[  284.660959][T15070] total_pgpgout 323992
[  284.665091][T15070] total_pgfault 369609
[  284.669194][T15070] total_pgmajfault 770
[  284.673261][T15070] total_inactive_anon 4096
[  284.677726][T15070] total_active_anon 4096
[  284.682017][T15070] total_inactive_file 0
[  284.686195][T15070] total_active_file 4096
[  284.690497][T15070] total_unevictable 0
[  284.694491][T15070] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.4113,pid=15069,uid=0
[  284.709433][T15070] Memory cgroup out of memory: Killed process 15069 (syz.2.4113) total-vm:231172kB, anon-rss:1136kB, file-rss:22224kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  284.797786][T15104] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4124'.
[  284.847073][T15109] veth26: entered promiscuous mode
[  284.852379][T15109] veth26: entered allmulticast mode
[  284.896760][T15107] loop5: detected capacity change from 0 to 1024
[  284.905771][T15112] tipc: Enabling of bearer <eth:syzkaller0> rejected, max 3 bearers permitted
[  284.933178][T15107] EXT4-fs: Ignoring removed nomblk_io_submit option
[  284.946913][T15107] EXT4-fs: Mount option(s) incompatible with ext2
[  284.965169][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.038097][T15123] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  285.046963][T15123] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  285.092085][T15128] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4134'.
[  285.763208][T15149] loop4: detected capacity change from 0 to 1024
[  285.908842][T15154] loop3: detected capacity change from 0 to 8192
[  285.913198][T15156] geneve3: entered promiscuous mode
[  285.920484][T15156] geneve3: entered allmulticast mode
[  285.944899][T15160] loop5: detected capacity change from 0 to 512
[  285.954893][T15160] EXT4-fs: Mount option(s) incompatible with ext2
[  286.033167][T15164] loop2: detected capacity change from 0 to 512
[  286.064875][T15164] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.097296][T15164] ext4 filesystem being mounted at /854/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  286.118699][T15164] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #2: comm syz.2.4147: corrupted inode contents
[  286.130832][T15164] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #2: comm syz.2.4147: mark_inode_dirty error
[  286.142555][T15164] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #2: comm syz.2.4147: corrupted inode contents
[  286.154779][T15164] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.4147: mark_inode_dirty error
[  286.183749][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.245263][T15171] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4148'.
[  286.257419][T15171] bond0: (slave dummy0): Releasing backup interface
[  286.524167][T15185] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15185 comm=syz.3.4153
[  287.191601][T15204] netlink: 'syz.1.4160': attribute type 4 has an invalid length.
[  287.210453][T15206] loop2: detected capacity change from 0 to 1024
[  287.217348][T15206] EXT4-fs: Ignoring removed orlov option
[  287.224973][T15206] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.269142][T15209] lo speed is unknown, defaulting to 1000
[  287.476487][T15216] lo speed is unknown, defaulting to 1000
[  287.543243][T15220] lo speed is unknown, defaulting to 1000
[  287.582028][T15221] xt_connbytes: Forcing CT accounting to be enabled
[  287.593961][T15221] set match dimension is over the limit!
[  287.745906][T15224] ip6tnl0: left promiscuous mode
[  287.750944][T15224] ip6tnl0: left allmulticast mode
[  287.772301][T15224] wg2: left promiscuous mode
[  287.776968][T15224] wg2: left allmulticast mode
[  287.783503][T15224] bond1: left promiscuous mode
[  287.788297][T15224] wireguard0: left promiscuous mode
[  287.794106][T15224] geneve2: left promiscuous mode
[  287.799245][T15224] geneve2: left allmulticast mode
[  287.800174][T15227] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4167'.
[  287.804889][T15224] bond3: left allmulticast mode
[  287.819174][T15224] ip6gre1: left allmulticast mode
[  287.824305][T15224] bond4: left promiscuous mode
[  287.826165][T15227] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4167'.
[  287.829173][T15224] bridge6: left promiscuous mode
[  287.843191][T15224] bond4: left allmulticast mode
[  287.848116][T15224] bridge6: left allmulticast mode
[  287.853680][T15224] veth8: left promiscuous mode
[  287.858450][T15224] veth8: left allmulticast mode
[  287.863679][T15224] veth10: left promiscuous mode
[  287.868697][T15224] veth10: left allmulticast mode
[  287.874267][T15224] team0: left promiscuous mode
[  287.879198][T15224] team0: left allmulticast mode
[  287.915872][T15233] tipc: Enabling of bearer <eth:syzkaller0> rejected, max 3 bearers permitted
[  288.015745][T15238] lo speed is unknown, defaulting to 1000
[  288.166790][T15251] tipc: Bearer <udp:syz0>: already 2 bearers with priority 10
[  288.174384][T15251] tipc: Bearer <udp:syz0>: trying with adjusted priority
[  288.181461][T15251] tipc: Enabling of bearer <udp:syz0> rejected, max 3 bearers permitted
[  288.216915][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.586875][T15261] xt_CT: You must specify a L4 protocol and not use inversions on it
[  288.898546][   T29] kauditd_printk_skb: 75 callbacks suppressed
[  288.898647][   T29] audit: type=1400 audit(1763360757.470:14995): avc:  denied  { watch watch_reads } for  pid=15262 comm="syz.4.4180" path="/829/bus" dev="tmpfs" ino=4359 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  288.938587][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  288.997928][T15269] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.011907][T15269] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  289.225219][   T29] audit: type=1326 audit(1763360757.800:14996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15276 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  289.249261][   T29] audit: type=1326 audit(1763360757.800:14997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15276 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  289.273102][   T29] audit: type=1326 audit(1763360757.800:14998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15276 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  289.296622][   T29] audit: type=1326 audit(1763360757.800:14999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15276 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  289.320244][   T29] audit: type=1326 audit(1763360757.800:15000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15276 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  289.343828][   T29] audit: type=1326 audit(1763360757.800:15001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15276 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  289.367420][   T29] audit: type=1326 audit(1763360757.800:15002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15276 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  289.391007][   T29] audit: type=1326 audit(1763360757.800:15003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15276 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  289.414690][   T29] audit: type=1326 audit(1763360757.800:15004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15276 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd7a517f6c9 code=0x7ffc0000
[  289.516011][T15281] net_ratelimit: 80 callbacks suppressed
[  289.516023][T15281] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  289.653319][T15284] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4189'.
[  289.756299][T15293] sctp: [Deprecated]: syz.3.4193 (pid 15293) Use of struct sctp_assoc_value in delayed_ack socket option.
[  289.756299][T15293] Use struct sctp_sack_info instead
[  290.220313][T15301] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4195'.
[  290.246663][T15301] IPVS: Error connecting to the multicast addr
[  290.253951][T15301] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4195'.
[  290.694223][T15311] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4199'.
[  290.768804][ T3425] IPVS: starting estimator thread 0...
[  290.868672][T15329] IPVS: using max 2400 ests per chain, 120000 per kthread
[  290.891224][T15328] lo speed is unknown, defaulting to 1000
[  291.009873][T15335] syzkaller0: entered promiscuous mode
[  291.015548][T15335] syzkaller0: entered allmulticast mode
[  291.044434][T15341] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.065503][T15345] loop4: detected capacity change from 0 to 512
[  291.073841][T15345] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.4212: inode has both inline data and extents flags
[  291.087292][T15345] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4212: couldn't read orphan inode 15 (err -117)
[  291.100297][T15341] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.100404][T15345] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.244992][T15341] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.264375][T15359] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4216'.
[  291.407122][T15341] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.509842][T15364] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4217'.
[  291.525234][T15354] ==================================================================
[  291.533357][T15354] BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark
[  291.541365][T15354] 
[  291.543693][T15354] write to 0xffff88811a41828c of 4 bytes by task 15345 on cpu 1:
[  291.551434][T15354]  xas_set_mark+0x12b/0x140
[  291.555954][T15354]  tag_pages_for_writeback+0xc2/0x290
[  291.561346][T15354]  ext4_do_writepages+0x6b2/0x2750
[  291.566479][T15354]  ext4_writepages+0x176/0x300
[  291.571266][T15354]  do_writepages+0x1c6/0x310
[  291.575875][T15354]  file_write_and_wait_range+0x156/0x2c0
[  291.581536][T15354]  generic_buffers_fsync_noflush+0x45/0x120
[  291.587455][T15354]  ext4_sync_file+0x1ab/0x690
[  291.592174][T15354]  vfs_fsync_range+0x10d/0x130
[  291.596958][T15354]  ext4_buffered_write_iter+0x34f/0x3c0
[  291.602520][T15354]  ext4_file_write_iter+0x387/0xf60
[  291.607730][T15354]  iter_file_splice_write+0x666/0xa60
[  291.613131][T15354]  direct_splice_actor+0x156/0x2a0
[  291.618276][T15354]  splice_direct_to_actor+0x312/0x680
[  291.623667][T15354]  do_splice_direct+0xda/0x150
[  291.628454][T15354]  do_sendfile+0x380/0x650
[  291.632909][T15354]  __x64_sys_sendfile64+0x105/0x150
[  291.638138][T15354]  x64_sys_call+0x2bb4/0x3000
[  291.642841][T15354]  do_syscall_64+0xd2/0x200
[  291.647365][T15354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.653274][T15354] 
[  291.655608][T15354] read to 0xffff88811a41828c of 4 bytes by task 15354 on cpu 0:
[  291.663244][T15354]  file_write_and_wait_range+0x10e/0x2c0
[  291.668904][T15354]  generic_buffers_fsync_noflush+0x45/0x120
[  291.674828][T15354]  ext4_sync_file+0x1ab/0x690
[  291.679520][T15354]  vfs_fsync_range+0x10d/0x130
[  291.684313][T15354]  ext4_buffered_write_iter+0x34f/0x3c0
[  291.689870][T15354]  ext4_file_write_iter+0x387/0xf60
[  291.695086][T15354]  iter_file_splice_write+0x666/0xa60
[  291.700479][T15354]  direct_splice_actor+0x156/0x2a0
[  291.705611][T15354]  splice_direct_to_actor+0x312/0x680
[  291.710997][T15354]  do_splice_direct+0xda/0x150
[  291.715785][T15354]  do_sendfile+0x380/0x650
[  291.720237][T15354]  __x64_sys_sendfile64+0x105/0x150
[  291.725469][T15354]  x64_sys_call+0x2bb4/0x3000
[  291.730164][T15354]  do_syscall_64+0xd2/0x200
[  291.734674][T15354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.740580][T15354] 
[  291.742909][T15354] value changed: 0x02000021 -> 0x04000021
[  291.748639][T15354] 
[  291.750975][T15354] Reported by Kernel Concurrency Sanitizer on:
[  291.757134][T15354] CPU: 0 UID: 0 PID: 15354 Comm: syz.4.4212 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  291.766961][T15354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  291.777063][T15354] ==================================================================
[  291.788458][T10683] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  291.812581][T10657] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  291.830271][T10657] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  291.845194][T10657] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  291.928079][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.