last executing test programs:

9.175130389s ago: executing program 4 (id=2233):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x3c, r1, 0x1, 0x70bd26, 0xa1ff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0xfffffffffffffe54}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
r3 = socket$netlink(0x10, 0x3, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r3, 0x4018f50b, &(0x7f0000000140)={0x1, 0x2, 0x81})
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000001700)={'syztnl0\x00', &(0x7f0000001680)={'gretap0\x00', <r8=>0x0, 0x10, 0x7800, 0x0, 0x4, {{0x14, 0x4, 0x3, 0x2e, 0x50, 0x66, 0x0, 0x3, 0x4, 0x0, @local, @multicast2, {[@noop, @ssrr={0x89, 0xb, 0xbf, [@multicast1, @loopback]}, @ssrr={0x89, 0xf, 0xb0, [@private=0xa010100, @empty, @multicast1]}, @lsrr={0x83, 0x17, 0x5b, [@loopback, @remote, @rand_addr=0x64010102, @rand_addr=0x64010102, @local]}, @timestamp={0x44, 0x8, 0xb6, 0x0, 0x3, [0x4]}]}}}}})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24005805)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
mmap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x8000300000d, 0x50, r2, 0xffffd000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r10, 0x1, 0x1a, &(0x7f000002eff0)={0x135, &(0x7f0000000000)=[{}]}, 0x10)
faccessat2(r2, &(0x7f0000000040)='\x00', 0x1, 0x1300)

6.524774879s ago: executing program 4 (id=2264):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@delalloc}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000}]}})

6.384874701s ago: executing program 4 (id=2266):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r0}, 0x18)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x80, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0x5, 0x8}, 0x4e58, 0x5, 0x0, 0x4, 0x87, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r1, 0x0)

6.313024762s ago: executing program 4 (id=2269):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000fdffffffffffffff0000090000007b8af8ff00000000bfa200000000000007020000e8ffffffb703000008000000b7040000000f000085fe00000300000095000000000000008fb1075037bfe5e863e0d044c7036371ac65cedf8cbea0b2ed5249579c363c050e25fe0dbc5bb76c22bcc224efdf301d017c3087b18c05818457a31739e83605d1ed55bd0468b2bf01854a537f0bcba647aae63624a937b30fe1cba95e972c93de39d6c29739632ac930cf0aea2077850f9173e836525a1e5b943c58d2812c6017f96da5b1e7fee82064e1dee5dfa3592f01e162da18f57c8ec737eeaa2e53b712d6b31cabd73c963dbaa2bbfb5415d831ba652f30774725bf3c95d0fe59786e610ef8a56e8b5d7447d8cf76d0d0edf0019993749286a0894f68515ecf866f6b1ae0c66a55d6319164f7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x45, 0x0, 0x1, 0xfffffffc}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x3004000, &(0x7f00000001c0)={[{@errors_remount}, {@resuid}, {@block_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x7}}, {@nobarrier}, {@noblock_validity}, {@dioread_nolock}]}, 0x1, 0x790, &(0x7f0000001740)="$eJzs3c9rHFUcAPDvTHaT/k4qClZRAx5aEPPLgj9QaMGjiKCevDQkaSnd/qCJYEOEFrEnjwXBiwiCF2+KF0FKT4p46UX6H0ilSBBaxUNkprPJttlNds1upnU/H5jkvXm7+95k+c6bHy/zAuhbo9mPNOJARFxMIoaL9UlEVPNUJeLI3dfdWV6a+Wt5aSaJlZW3/0jy19xeXpqJhvdkdhdv2xER168l8cjA+nrnLyyemq7V5s4X+fGF0+fG5y8sPn/y9PSJuRNzZ6ampl6eOjz54sRU17b1o6d+/uafy29+/Om+G1d+v/7dviSOxJ6irHE7umU0Rlf/Jo0qEfF6tysryUCxPWnDuqRSYoPoSNrwHT4ewzEQa1/ecFz7ttTGAQA9sZItAECfSfT/ANBn6tcBbi8vzdSXcq9IANvl1tHIb9RncX+nWO6WVOJI/ntHPg5g159JNN7WTepjB7Yo+4yv36t+ni3Ro/vwQHMXL+U3/pv0/0ke/yP5KJ718T8QUewftub+fYj4h+2zlfh/qwv1i38AAAAAAADonqtHI+KlZvf/0tXxP9Hk/t9QREx0of7N7/+lN7tQDdDEraMRrxbP9rl3/N/qE11GBorc3oh4LKrJ8ZO1uSz290XEoagOZfnJ5h+f7zLevTz5Q6v6G8f/ZUtWf30sYNGOm5Whe98zO70wvdXtBiJuXYp4otIs/pPV/j9pMf73WJt1fL/01dOtyjaPf6BXVr6IONi0/197cl2y8fP5xvPjgfH6UcF6i8de+7BV/W3F/9q/KQFdlPX/uzaO/5Gk8Xmd853X8cntic9alf3X4//B5J38qaKDxboPphcWzk9GDCZvrF/fvUeIwkOtHg/1eMni/9Czzc//Nzr+r0bEuTbr/PLH6q+tykbzSHX8D2XI4n+2o/6/88TfvzzZclfRXv9/OO/TDxVrXP+DjbUboGW3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuimNiD2RpGOr6TQdG4vYHRGPxq60dnZ+4bnjZ98/M5uVRYxENT1+sjY3ERHDd/NJlp/M02v5qfvyL0TE/oi4MrQzz4/NnK3Nlr3xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDY3WL+/8xvQ2W3DgDomR1lNwAA2Hb6fwDoP/p/AOg/Hff/P+3tTUMAgG3j/B8A+o/+HwAAAAAAAAAAAAAAAAAAAAAAAAB6av8zV28kEXHxlZ35khksyqqltgzotbTsBgClGSi7AUBpKu28KElWzwmA/w/n+ECySXnrKUJcQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoH8cPNDu/P9tzRQKPETM3gf9y/z/0L8c1UP/Mv8/YP5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY3PyFxVPTtdrceYluJyoPRjMehMRQRDwAzZDoIFH2ngkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfBvwEAAP//snoPXw==")
chdir(&(0x7f0000000140)='./file0\x00')
chown(&(0x7f00000003c0)='./file0\x00', 0x0, 0xee01)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x20000023896)

5.802619411s ago: executing program 4 (id=2274):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x3c, r1, 0x1, 0x70bd26, 0xa1ff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0xfffffffffffffe54}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
r3 = socket$netlink(0x10, 0x3, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r3, 0x4018f50b, &(0x7f0000000140)={0x1, 0x2, 0x81})
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000001700)={'syztnl0\x00', &(0x7f0000001680)={'gretap0\x00', <r8=>0x0, 0x10, 0x7800, 0x0, 0x4, {{0x14, 0x4, 0x3, 0x2e, 0x50, 0x66, 0x0, 0x3, 0x4, 0x0, @local, @multicast2, {[@noop, @ssrr={0x89, 0xb, 0xbf, [@multicast1, @loopback]}, @ssrr={0x89, 0xf, 0xb0, [@private=0xa010100, @empty, @multicast1]}, @lsrr={0x83, 0x17, 0x5b, [@loopback, @remote, @rand_addr=0x64010102, @rand_addr=0x64010102, @local]}, @timestamp={0x44, 0x8, 0xb6, 0x0, 0x3, [0x4]}]}}}}})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24005805)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
mmap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x8000300000d, 0x50, r2, 0xffffd000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r10, 0x1, 0x1a, &(0x7f000002eff0)={0x135, &(0x7f0000000000)=[{}]}, 0x10)
faccessat2(r2, &(0x7f0000000040)='\x00', 0x1, 0x1300)

2.715349108s ago: executing program 4 (id=2305):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x3c, r1, 0x1, 0x70bd26, 0xa1ff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0xfffffffffffffe54}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
r2 = socket$netlink(0x10, 0x3, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00')
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
socket$kcm(0x10, 0x2, 0x0)

2.039331238s ago: executing program 3 (id=2316):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

1.92176882s ago: executing program 2 (id=2318):
r0 = syz_open_dev$evdev(0x0, 0x0, 0x80080)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")

1.92153175s ago: executing program 1 (id=2319):
r0 = socket(0x1e, 0x80004, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7, 0x0, 0x1000004}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{0x0}], 0x1}}], 0x1, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f00000003c0)=[{0x0}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r4, 0x0, 0x2000}, 0x18)

1.901347041s ago: executing program 1 (id=2320):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(0x0, &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0xffffffff, 0x2}, {0x8009, 0x56}], 0xee01}, 0x18, 0x1)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)

1.598520725s ago: executing program 1 (id=2321):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r0)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
add_key$keyring(&(0x7f0000000000), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, r1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000180)={0x80, 0x2a, 0x3})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
socket$pppoe(0x18, 0x1, 0x0)
sendfile(r5, r4, 0x0, 0x3ffff)

1.367040749s ago: executing program 1 (id=2322):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe", 0x108, r0)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, r1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x20000023896)
io_uring_register$IORING_REGISTER_BUFFERS2(r4, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x4058534c, &(0x7f0000000180)={0x80, 0x2a, 0x3})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r8, &(0x7f0000004200)='t', 0x1)
socket$pppoe(0x18, 0x1, 0x0)
sendfile(r8, r7, 0x0, 0x3ffff)
sendfile(r8, r7, 0x0, 0x7ffff000)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x4058534c, &(0x7f0000000040)={0x80, 0x18, 0x2, 0xfffffff7, 0x0, 0x9})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0x14}}, 0x0)
syz_usb_connect$cdc_ecm(0x1, 0x117, &(0x7f00000005c0)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x105, 0x1, 0x1, 0x10, 0x70, 0x1, [{{0x9, 0x4, 0x0, 0x6, 0x3, 0x2, 0x6, 0x0, 0x8, {{0xb, 0x24, 0x6, 0x0, 0x0, "02ce9782cb28"}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x4, 0x9, 0x4}, [@ncm={0x6, 0x24, 0x1a, 0x4, 0x2}, @obex={0x5, 0x24, 0x15, 0x7ff}, @mdlm_detail={0xa5, 0x24, 0x13, 0x3, "ea3d53b9daeebb81e70fbc69bcfb7bf4891fdf767b0a1c3eac717b2bb0ec86f736b1a03aee43ee5f3f02ecd3ddf62cd1b4cc3f160310ca4cfe6d556f3d4b7d5a61b6ab23500e4d1bdcd21bcbe652eae6c07d32de663df370afd14833dc43714702fa3f898f1ea2f50f8696b624b7f4547ab8133f0e096ea364c0056e084d4b4925614c89001dae333707d57280e27ecfbf98c3073ce5fe709b2298e1ec8e934cd5"}, @country_functional={0x8, 0x24, 0x7, 0xe, 0x6, [0x5]}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0xd}, @dmm={0x7, 0x24, 0x14, 0x8000, 0xfff8}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x20, 0x8, 0x7f}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x51, 0x5, 0x2}}}}}]}}]}}, &(0x7f00000007c0)={0xa, &(0x7f0000000700)={0xa, 0x6, 0x310, 0xa, 0xff, 0xb, 0xff, 0x6}, 0xf, &(0x7f0000000740)={0x5, 0xf, 0xf, 0x2, [@ext_cap={0x7, 0x10, 0x2, 0x8, 0x1, 0x6, 0x60}, @ptm_cap={0x3}]}, 0x1, [{0x3b, &(0x7f0000000780)=@string={0x3b, 0x3, "f63895c8381c1e5a5ca36ce34631fcda05642c8492f73616fc590a2e58b92b7d1ee88bdd5a18bbabaeb8a25510268f2fb7a3a15f1b4b1a37fc"}}]})
socket$inet6(0xa, 0x805, 0x0)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ")
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1}}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0xceb}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x40000c4)
r9 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, r2)
r10 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, r9)
keyctl$invalidate(0x15, r10)

1.105598233s ago: executing program 3 (id=2324):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

1.096913753s ago: executing program 2 (id=2325):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7, 0x0, 0x1000004}, 0x10)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r3 = dup3(r2, 0xffffffffffffffff, 0x0)
recvmmsg(r3, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000600)=""/179, 0x3514}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)

1.032229054s ago: executing program 2 (id=2327):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@delalloc}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}})

942.997405ms ago: executing program 0 (id=2329):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1e000000000000000100000007"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
pipe2$9p(&(0x7f00000001c0), 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x0, 0x1, 0x201, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x4}]}, 0x48}}, 0x0)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x2000, 0x0, 0x3)
r3 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x7, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_PEER_GET(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)=ANY=[@ANYRESOCT=r4, @ANYRES32=r3, @ANYRES64], 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x24000050)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
unshare(0x6a040000)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000580))
socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000600)={0x0, @in6={{0xa, 0x4e20, 0x8, @remote, 0x7fff}}, [0x5, 0x1, 0x6, 0x9, 0xa605, 0xfffffffffffffffc, 0x400, 0x41d2, 0x6, 0x41, 0x80000001, 0x2, 0x8, 0x2]}, &(0x7f0000000700)=0x100)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, 0x0, &(0x7f0000000840))
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)

887.139176ms ago: executing program 2 (id=2330):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x3c, r1, 0x1, 0x70bd26, 0xa1ff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0xfffffffffffffe54}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
r3 = socket$netlink(0x10, 0x3, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r3, 0x4018f50b, &(0x7f0000000140)={0x1, 0x2, 0x81})
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000001700)={'syztnl0\x00', &(0x7f0000001680)={'gretap0\x00', <r7=>0x0, 0x10, 0x7800, 0x0, 0x4, {{0x14, 0x4, 0x3, 0x2e, 0x50, 0x66, 0x0, 0x3, 0x4, 0x0, @local, @multicast2, {[@noop, @ssrr={0x89, 0xb, 0xbf, [@multicast1, @loopback]}, @ssrr={0x89, 0xf, 0xb0, [@private=0xa010100, @empty, @multicast1]}, @lsrr={0x83, 0x17, 0x5b, [@loopback, @remote, @rand_addr=0x64010102, @rand_addr=0x64010102, @local]}, @timestamp={0x44, 0x8, 0xb6, 0x0, 0x3, [0x4]}]}}}}})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r7, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24005805)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
mmap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x8000300000d, 0x50, r2, 0xffffd000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x1a, &(0x7f000002eff0)={0x135, &(0x7f0000000000)=[{}]}, 0x10)
faccessat2(r2, &(0x7f0000000040)='\x00', 0x1, 0x1300)

825.684077ms ago: executing program 0 (id=2331):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x1)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)

564.648671ms ago: executing program 1 (id=2332):
r0 = socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
r2 = socket$netlink(0x10, 0x3, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00')
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r3}, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r2, 0x4018f50b, &(0x7f0000000140)={0x1, 0x2, 0x81})
socket$kcm(0x10, 0x2, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000001700)={'syztnl0\x00', &(0x7f0000001680)={'gretap0\x00', <r6=>0x0, 0x10, 0x7800, 0x0, 0x4, {{0x14, 0x4, 0x3, 0x2e, 0x50, 0x66, 0x0, 0x3, 0x4, 0x0, @local, @multicast2, {[@noop, @ssrr={0x89, 0xb, 0xbf, [@multicast1, @loopback]}, @ssrr={0x89, 0xf, 0xb0, [@private=0xa010100, @empty, @multicast1]}, @lsrr={0x83, 0x17, 0x5b, [@loopback, @remote, @rand_addr=0x64010102, @rand_addr=0x64010102, @local]}, @timestamp={0x44, 0x8, 0xb6, 0x0, 0x3, [0x4]}]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)

533.247462ms ago: executing program 0 (id=2333):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0)

460.693573ms ago: executing program 1 (id=2334):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

457.392003ms ago: executing program 0 (id=2335):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_add_memb(r0, 0x107, 0x1, 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x28002)
process_vm_readv(0x0, &(0x7f0000000140), 0x100000000000028b, 0x0, 0x12, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80680, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x8020, {0x0, 0x0, 0x0, r4, {0x5, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x200c0e9}, 0x20000004)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b00000005000000000400000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000f300040000dac49bf59951a6fbb7010000000000000000a50bb9ff4c6545e8dc7b040c1b4ea9b0daca537bdb"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRES16=r1, @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00'}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r8, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)

413.374094ms ago: executing program 0 (id=2336):
r0 = socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
r2 = socket$netlink(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r5}, 0x18)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
faccessat2(r1, &(0x7f0000000040)='\x00', 0x1, 0x1300)

379.515694ms ago: executing program 0 (id=2337):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000380), 0xfe, 0x579, &(0x7f0000000680)="$eJzs3U1rXFUYAOD3TjLpR1qbQinqQgJdWKmdNIkfFVzUpWixoPs6JNNQMuktmUlpYsF2YTdupAgiFsQf4N5l8Q/4KwpaKFqCLtxE7uROM01m8jkxaed5YNJz7j3Tc8/c+568J3eGCaBnDWc/ChGvRMQ3ScSxln39ke8cXm63+OTWRPZIYmnp0z+TSPJtzfZJ/u9gXnk5In79KuJMYW2/tfmF6XK1WpnN6yP1mesjtfmFs1dnylOVqcq1sfHx82+Pj7337jtdG+sbl/75/pMHH57/+tTidz8/On4viQtxJN/XOo4duN1aGY7h/DUpxoVVDUe70Nl+kuz1AbAtfXmcFyObA45FXx71wIvvy4hYAnpUIv6hRzXzgObavkvr4OfG4w+WF0Brx9+//LeRONhYGx1eTJ5ZGWXr3aEu9J/18csf9+9lj+je3yEANnT7TkSc6+9fO/8l+fy3fec20WZ1H1uc/5a2eEhAiwdZ/vNmu/wnzVscbPxcnf8Mtond7dg4/guPutBNR1n+937b/PfpTauhvrx2tJHzFZMrV6uVbG57KSJOR/FAVl/vfs75xYcd56mV/G+gkQNm/Tdzwfw4HvUfePY5k+V6eSdjbvX4TsSrbfPf5Gn+m7Q5/9nrcWmTfZys3H+t077W/Lf9+HfX0k8Rr+fn//Yza6KVO1rJ+vcnRxrXw0jzqljr77snf+vUf+fxH92F0a6Vnf/Dba//p+MfSlrv19a23sePB/+tdNq38flvf/0PJJ81ygP5tpvlen12NGIg+Xjt9rGV5zbrzfbZ+E+fah//613/hyLi802O/+6Jux2b7vX1n41/ckvnf+uFhx998UOn/jd3/t9qlE7nWzYz/232AHfy2gEAAAAAAMB+U4iII5EUSlm5mJULhVJp+f0dJ+JwoZrW6meupHPXJqPxWdmhKBaad7oHW94PMZq/H7ZZH1tVH4+I4xHxbd+hRr00kVYn93rwAAAAAAAAAAAAAAAAAAAAsE8Mtn7+P1Y+/5/5vW+vjw7Ydb7yG3rXhvHfjW96AvYlv/+hd4l/6F3iH3qX+IfeJf6hd4l/6F3iH3qX+AcAAAAAAAAAAAAAAAAAAAAAAAAAAICuunTxYvZYWnxyayKrT96Yn5tOb5ydrNSmSzNzE6WJdPZ6aSpNp6qV0kQ6s+5/lvwV1TS9PjoWczdH6pVafaQ2v3B5Jp27Vr98daY8VblcKf5fAwMAAAAAAAAAAAAAAAAAAIDnSG1+YbpcrVZmFRS2VejfH4fxghaisMVnNQN7x73v7bwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK3+CwAA///Xxjfu")

290.986945ms ago: executing program 3 (id=2338):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'veth1_to_bond\x00', <r0=>0x0})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newlink={0x2c, 0x10, 0x801, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r0, 0x0, 0x42005}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x19}]}]}, 0x2c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=@ipv6_getnexthop={0x3c, 0x6a, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@NHA_GROUPS={0x4}, @NHA_OIF={0x8, 0x5, r0}, @NHA_FDB={0x4}, @NHA_GROUPS={0x4}, @NHA_FDB={0x4}, @NHA_ID={0x8, 0x1, 0x1}, @NHA_GROUPS={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4004804)

280.390506ms ago: executing program 2 (id=2339):
syz_emit_ethernet(0x6e, &(0x7f00000010c0)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x5, 0x0, 0x0, @multicast2, {0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x30}, @local, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@rand_addr, 0xce210000}]}, @timestamp_addr={0x44, 0x24, 0xe0, 0x1, 0x0, [{@multicast1}, {}, {@local}, {@private}]}]}}}}}}}, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'veth0_to_bond\x00'})
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x1d, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r5}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r6}, 0x10)
mincore(&(0x7f0000126000/0x1000)=nil, 0x1000, &(0x7f0000000680)=""/110)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xb, 0xfff3}, {0xfff3, 0xf}}}, 0x24}}, 0x20040000)
sendmsg$rds(r0, &(0x7f00000000c0)={&(0x7f0000000440)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x400c1}, 0x0)
socket$inet6(0xa, 0x802, 0x88)
r7 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x80, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0x5, 0x8}, 0x4e58, 0x5, 0x0, 0x4, 0x87, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r7, 0x0)

259.924146ms ago: executing program 3 (id=2340):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4100, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)

259.346436ms ago: executing program 3 (id=2341):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@delalloc}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}})

162.081088ms ago: executing program 2 (id=2342):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0xb)
r2 = socket$caif_stream(0x25, 0x1, 0x0)
sendmmsg$inet(r2, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000780)="92", 0x1}], 0x1}}], 0x2, 0x2600c054)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e57f000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x11, 0xc, &(0x7f0000000e80)=ANY=[@ANYRESOCT=r1, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400009500"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x4000000000000000}, 0x18)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000380)=0x9, 0xc, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000024c0)=@newtaction={0x6c, 0x30, 0x48b, 0x0, 0x0, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x40000, 0x4, 0x0, 0xe}, @multicast2, @remote}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x8040)
r6 = gettid()
r7 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x1, 0x4)
fchdir(r8)
mkdirat(r8, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r9 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r9, &(0x7f0000000480)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)='./file0\x00')
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

0s ago: executing program 3 (id=2343):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe", 0x108, r0)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, r1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x20000023896)
io_uring_register$IORING_REGISTER_BUFFERS2(r4, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x4058534c, &(0x7f0000000180)={0x80, 0x2a, 0x3})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r8, &(0x7f0000004200)='t', 0x1)
socket$pppoe(0x18, 0x1, 0x0)
sendfile(r8, r7, 0x0, 0x3ffff)
sendfile(r8, r7, 0x0, 0x7ffff000)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x4058534c, &(0x7f0000000040)={0x80, 0x18, 0x2, 0xfffffff7, 0x0, 0x9})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0x14}}, 0x0)
syz_usb_connect$cdc_ecm(0x1, 0x117, &(0x7f00000005c0)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x105, 0x1, 0x1, 0x10, 0x70, 0x1, [{{0x9, 0x4, 0x0, 0x6, 0x3, 0x2, 0x6, 0x0, 0x8, {{0xb, 0x24, 0x6, 0x0, 0x0, "02ce9782cb28"}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x4, 0x9, 0x4}, [@ncm={0x6, 0x24, 0x1a, 0x4, 0x2}, @obex={0x5, 0x24, 0x15, 0x7ff}, @mdlm_detail={0xa5, 0x24, 0x13, 0x3, "ea3d53b9daeebb81e70fbc69bcfb7bf4891fdf767b0a1c3eac717b2bb0ec86f736b1a03aee43ee5f3f02ecd3ddf62cd1b4cc3f160310ca4cfe6d556f3d4b7d5a61b6ab23500e4d1bdcd21bcbe652eae6c07d32de663df370afd14833dc43714702fa3f898f1ea2f50f8696b624b7f4547ab8133f0e096ea364c0056e084d4b4925614c89001dae333707d57280e27ecfbf98c3073ce5fe709b2298e1ec8e934cd5"}, @country_functional={0x8, 0x24, 0x7, 0xe, 0x6, [0x5]}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0xd}, @dmm={0x7, 0x24, 0x14, 0x8000, 0xfff8}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x20, 0x8, 0x7f}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x51, 0x5, 0x2}}}}}]}}]}}, &(0x7f00000007c0)={0xa, &(0x7f0000000700)={0xa, 0x6, 0x310, 0xa, 0xff, 0xb, 0xff, 0x6}, 0xf, &(0x7f0000000740)={0x5, 0xf, 0xf, 0x2, [@ext_cap={0x7, 0x10, 0x2, 0x8, 0x1, 0x6, 0x60}, @ptm_cap={0x3}]}, 0x1, [{0x3b, &(0x7f0000000780)=@string={0x3b, 0x3, "f63895c8381c1e5a5ca36ce34631fcda05642c8492f73616fc590a2e58b92b7d1ee88bdd5a18bbabaeb8a25510268f2fb7a3a15f1b4b1a37fc"}}]})
socket$inet6(0xa, 0x805, 0x0)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ")
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1}}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0xceb}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x40000c4)
r9 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, r2)
r10 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, r9)
keyctl$invalidate(0x15, r10)

kernel console output (not intermixed with test programs):

279][ T8947] EXT4-fs: Ignoring removed nobh option
[  189.020123][ T8947] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.1927: corrupted inode contents
[  189.032134][ T8947] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #3: comm syz.4.1927: mark_inode_dirty error
[  189.044122][ T8947] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.1927: corrupted inode contents
[  189.056167][ T8947] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.1927: mark_inode_dirty error
[  189.068522][ T8947] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1927: Failed to acquire dquot type 0
[  189.081113][ T8947] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.1927: corrupted inode contents
[  189.093704][ T8947] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #16: comm syz.4.1927: mark_inode_dirty error
[  189.094367][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.105473][ T8947] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.1927: corrupted inode contents
[  189.126102][ T8947] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.1927: mark_inode_dirty error
[  189.139804][ T8947] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.1927: corrupted inode contents
[  189.152253][ T8947] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  189.161459][ T8947] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.1927: corrupted inode contents
[  189.173847][ T8947] EXT4-fs error (device loop4): ext4_truncate:4597: inode #16: comm syz.4.1927: mark_inode_dirty error
[  189.185882][ T8947] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  189.214430][ T8947] EXT4-fs (loop4): 1 truncate cleaned up
[  189.226513][ T8947] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.239564][ T8947] ext4 filesystem being mounted at /404/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  189.265817][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.336931][ T8959] loop3: detected capacity change from 0 to 1024
[  189.516328][ T8958] loop1: detected capacity change from 0 to 1024
[  189.590590][ T8959] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.607362][ T8958] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.627509][ T8958] EXT4-fs error (device loop1): ext4_generic_delete_entry:2668: inode #2: block 16: comm syz.1.1932: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1
[  189.634670][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.649219][ T8958] EXT4-fs error (device loop1) in ext4_delete_entry:2739: Corrupt filesystem
[  189.664892][ T8958] EXT4-fs warning (device loop1): ext4_rename_delete:3726: inode #2: comm syz.1.1932: Deleting old file: nlink 4, error=-117
[  189.734083][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.752949][ T8972] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1935'.
[  189.793641][ T8974] loop2: detected capacity change from 0 to 512
[  189.801546][ T8974] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  189.843465][ T8976] loop4: detected capacity change from 0 to 2048
[  189.850808][ T8974] EXT4-fs (loop2): orphan cleanup on readonly fs
[  189.857626][ T8974] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1933: bg 0: block 248: padding at end of block bitmap is not set
[  189.872831][ T8974] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1933: Failed to acquire dquot type 1
[  189.884657][ T8974] EXT4-fs (loop2): 1 truncate cleaned up
[  189.891394][ T8974] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  189.908946][ T8976] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.924025][ T8976] EXT4-fs error (device loop4): ext4_search_dir:1474: inode #12: block 9: comm syz.4.1937: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  189.943299][ T8976] EXT4-fs (loop4): Remounting filesystem read-only
[  190.037782][ T8980] loop1: detected capacity change from 0 to 2048
[  190.046070][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.090155][ T8980] Alternate GPT is invalid, using primary GPT.
[  190.096678][ T8980]  loop1: p2 p3 p7
[  190.136273][ T8982] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1939'.
[  190.147109][ T8982] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.189757][ T8983] netlink: '’': attribute type 10 has an invalid length.
[  190.338004][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.354527][ T8880] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.366878][ T8880] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.379931][ T8880] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.392512][ T8880] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.871753][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.888679][ T8982] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.898717][ T8991] loop3: detected capacity change from 0 to 1024
[  190.906597][ T8991] EXT4-fs: Ignoring removed orlov option
[  190.914405][ T8991] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.927031][ T8996] loop4: detected capacity change from 0 to 2048
[  190.930357][ T8999] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1943'.
[  190.944942][ T8982] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.959122][ T8996] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.959437][ T8999] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.031750][ T9003] netlink: '’': attribute type 10 has an invalid length.
[  191.042716][ T8982] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.100681][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.127193][ T9005] loop4: detected capacity change from 0 to 2048
[  191.140024][ T8999] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.151995][ T9005] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.156934][ T8982] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.174966][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.193159][ T8982] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.202910][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.203542][ T8999] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.225800][ T8982] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.237506][ T8982] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.250489][ T8999] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.292324][ T9019] loop4: detected capacity change from 0 to 2048
[  191.300835][ T9019] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.314427][ T9019] EXT4-fs error (device loop4): ext4_search_dir:1474: inode #12: block 9: comm syz.4.1950: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  191.332843][ T9019] EXT4-fs (loop4): Remounting filesystem read-only
[  191.728196][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.764483][ T9025] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1952'.
[  191.774804][ T9025] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.826496][ T9033] netlink: '’': attribute type 10 has an invalid length.
[  191.834696][ T9033] netlink: '’': attribute type 10 has an invalid length.
[  191.835497][ T9025] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.853044][ T9033] team0: Failed to send options change via netlink (err -105)
[  191.860683][ T9033] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  191.869751][ T9033] team0: Port device dummy0 removed
[  191.877470][ T9033] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  191.906259][ T9025] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.923687][ T9037] loop0: detected capacity change from 0 to 512
[  191.931489][ T9037] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  191.941110][ T9037] EXT4-fs (loop0): orphan cleanup on readonly fs
[  191.948073][ T9037] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1954: bg 0: block 248: padding at end of block bitmap is not set
[  191.963604][ T9037] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1954: Failed to acquire dquot type 1
[  191.976299][ T9037] EXT4-fs (loop0): 1 truncate cleaned up
[  191.999863][ T9025] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.065953][ T9025] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.080871][ T9025] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.093822][ T9025] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.116476][ T9042] loop3: detected capacity change from 0 to 512
[  192.131026][ T9025] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.143874][ T9042] EXT4-fs: Ignoring removed nobh option
[  192.171505][ T9042] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #3: comm syz.3.1956: corrupted inode contents
[  192.202983][ T9042] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #3: comm syz.3.1956: mark_inode_dirty error
[  192.219547][ T9047] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1957'.
[  192.229002][ T9042] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #3: comm syz.3.1956: corrupted inode contents
[  192.276221][ T9049] loop4: detected capacity change from 0 to 2048
[  192.289436][ T9042] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.1956: mark_inode_dirty error
[  192.309029][ T9049] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.324429][ T9042] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1956: Failed to acquire dquot type 0
[  192.337830][ T9049] EXT4-fs error (device loop4): ext4_search_dir:1474: inode #12: block 9: comm syz.4.1958: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  192.357732][ T9042] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1956: corrupted inode contents
[  192.380192][ T9042] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #16: comm syz.3.1956: mark_inode_dirty error
[  192.397774][ T9049] EXT4-fs (loop4): Remounting filesystem read-only
[  192.410325][ T9042] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1956: corrupted inode contents
[  192.432162][ T9042] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.1956: mark_inode_dirty error
[  192.444530][ T9042] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1956: corrupted inode contents
[  192.456584][ T9042] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  192.466978][ T9042] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1956: corrupted inode contents
[  192.480536][ T9042] EXT4-fs error (device loop3): ext4_truncate:4597: inode #16: comm syz.3.1956: mark_inode_dirty error
[  192.491961][ T9042] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  192.502319][ T9042] EXT4-fs (loop3): 1 truncate cleaned up
[  192.508316][ T9042] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.580949][ T9058] loop1: detected capacity change from 0 to 512
[  192.919227][ T9042] ext4 filesystem being mounted at /385/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.943832][ T9037] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  192.964910][ T9058] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  192.982073][ T9058] EXT4-fs (loop1): orphan cleanup on readonly fs
[  192.996219][ T9058] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1960: bg 0: block 248: padding at end of block bitmap is not set
[  193.026225][ T9058] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1960: Failed to acquire dquot type 1
[  193.038779][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.086352][ T9058] EXT4-fs (loop1): 1 truncate cleaned up
[  193.179163][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.190035][ T9058] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  193.221281][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.430239][ T9069] loop4: detected capacity change from 0 to 1024
[  193.507005][ T9069] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.594207][ T9073] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1964'.
[  193.823292][ T9075] loop0: detected capacity change from 0 to 1024
[  193.850663][ T9075] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.864719][ T9075] EXT4-fs error (device loop0): ext4_generic_delete_entry:2668: inode #2: block 16: comm syz.0.1965: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1
[  193.885693][ T9075] EXT4-fs error (device loop0) in ext4_delete_entry:2739: Corrupt filesystem
[  193.894760][ T9075] EXT4-fs warning (device loop0): ext4_rename_delete:3726: inode #2: comm syz.0.1965: Deleting old file: nlink 4, error=-117
[  193.954461][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.113963][ T9089] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1970'.
[  194.123868][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.167297][ T9096] netlink: '’': attribute type 10 has an invalid length.
[  194.359939][ T9106] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1976'.
[  194.368956][ T9106] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1976'.
[  194.377953][ T9106] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1976'.
[  194.387404][ T9105] netlink: 136 bytes leftover after parsing attributes in process `syz.3.1975'.
[  194.442816][ T9109] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1978'.
[  194.447798][   T29] kauditd_printk_skb: 26 callbacks suppressed
[  194.447811][   T29] audit: type=1326 audit(1752498624.971:10722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9108 comm="syz.3.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  194.451798][ T9109] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1978'.
[  194.457873][   T29] audit: type=1326 audit(1752498624.971:10723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9108 comm="syz.3.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  194.513902][   T29] audit: type=1326 audit(1752498624.971:10724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9108 comm="syz.3.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  194.537466][   T29] audit: type=1326 audit(1752498624.971:10725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9108 comm="syz.3.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  194.561010][   T29] audit: type=1326 audit(1752498624.971:10726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9108 comm="syz.3.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  194.584600][   T29] audit: type=1326 audit(1752498624.971:10727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9108 comm="syz.3.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  194.608123][   T29] audit: type=1326 audit(1752498624.971:10728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9108 comm="syz.3.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  194.631617][   T29] audit: type=1326 audit(1752498624.971:10729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9108 comm="syz.3.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  194.655077][   T29] audit: type=1326 audit(1752498624.971:10730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9108 comm="syz.3.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  194.678697][   T29] audit: type=1326 audit(1752498624.971:10731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9108 comm="syz.3.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  194.703488][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.753135][ T8999] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.766771][ T8999] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.788990][ T8999] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.801801][ T8999] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  194.891277][ T9125] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1985'.
[  194.910457][ T9125] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.941046][ T9128] loop1: detected capacity change from 0 to 512
[  194.947496][ T9128] EXT4-fs: Ignoring removed nobh option
[  194.954950][ T9129] netlink: '’': attribute type 10 has an invalid length.
[  194.963880][ T9129] bond0: (slave dummy0): Releasing backup interface
[  194.972928][ T9129] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  194.982023][ T9129] team0: Failed to send options change via netlink (err -105)
[  194.989620][ T9129] team0: Port device dummy0 added
[  194.999501][ T9125] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.018415][ T9128] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.1986: corrupted inode contents
[  195.040896][ T9133] loop2: detected capacity change from 0 to 1024
[  195.052499][ T9128] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #3: comm syz.1.1986: mark_inode_dirty error
[  195.067023][ T9125] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.080723][ T9128] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.1986: corrupted inode contents
[  195.094591][ T9128] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.1986: mark_inode_dirty error
[  195.108990][ T9133] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.130142][ T9125] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.144262][ T9128] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1986: Failed to acquire dquot type 0
[  195.157240][ T9128] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1986: corrupted inode contents
[  195.171437][ T9128] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #16: comm syz.1.1986: mark_inode_dirty error
[  195.184616][ T9128] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1986: corrupted inode contents
[  195.198502][ T9128] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.1986: mark_inode_dirty error
[  195.213627][ T9128] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1986: corrupted inode contents
[  195.226581][ T9128] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  195.237149][ T9128] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1986: corrupted inode contents
[  195.251108][ T9128] EXT4-fs error (device loop1): ext4_truncate:4597: inode #16: comm syz.1.1986: mark_inode_dirty error
[  195.262871][ T9128] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  195.272213][ T9128] EXT4-fs (loop1): 1 truncate cleaned up
[  195.278481][ T9128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.291442][ T9128] ext4 filesystem being mounted at /378/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.333013][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.348234][ T9141] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1990'.
[  195.366386][ T9143] loop1: detected capacity change from 0 to 1024
[  195.373269][ T9143] EXT4-fs: Ignoring removed orlov option
[  195.380689][ T9143] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.498291][ T9148] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.506814][ T9148] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.699200][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.716687][ T9151] netlink: 'syz.2.1991': attribute type 10 has an invalid length.
[  195.805204][ T9164] loop2: detected capacity change from 0 to 512
[  195.812749][ T9164] EXT4-fs: Ignoring removed nobh option
[  195.829222][ T9164] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #3: comm syz.2.1995: corrupted inode contents
[  195.842119][ T9164] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #3: comm syz.2.1995: mark_inode_dirty error
[  195.843287][ T9170] netlink: '’': attribute type 10 has an invalid length.
[  195.853845][ T9164] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #3: comm syz.2.1995: corrupted inode contents
[  195.860924][ T9166] loop0: detected capacity change from 0 to 1024
[  195.873779][ T9164] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.1995: mark_inode_dirty error
[  195.880267][ T9166] EXT4-fs: Ignoring removed orlov option
[  195.891041][ T9164] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1995: Failed to acquire dquot type 0
[  195.899090][ T9166] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.907301][ T9164] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1995: corrupted inode contents
[  195.931460][ T9164] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #16: comm syz.2.1995: mark_inode_dirty error
[  195.946192][ T9164] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1995: corrupted inode contents
[  195.958359][ T9164] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.1995: mark_inode_dirty error
[  195.969870][ T9164] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1995: corrupted inode contents
[  195.982659][ T9164] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  195.991440][ T9164] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1995: corrupted inode contents
[  196.005062][ T9164] EXT4-fs error (device loop2): ext4_truncate:4597: inode #16: comm syz.2.1995: mark_inode_dirty error
[  196.016723][ T9164] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  196.026297][ T9164] EXT4-fs (loop2): 1 truncate cleaned up
[  196.033905][ T9164] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.046800][ T9164] ext4 filesystem being mounted at /438/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.060462][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.091692][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.102674][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.782880][ T9125] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.793779][ T9125] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.804550][ T9125] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.815075][ T9125] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.841789][ T9183] loop4: detected capacity change from 0 to 2048
[  196.900638][ T9183] Alternate GPT is invalid, using primary GPT.
[  196.906999][ T9183]  loop4: p2 p3 p7
[  197.015512][ T9199] loop4: detected capacity change from 0 to 2048
[  197.024017][ T9203] loop0: detected capacity change from 0 to 512
[  197.031721][ T9203] EXT4-fs: Ignoring removed nobh option
[  197.031881][ T9199] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.061115][ T9203] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2009: corrupted inode contents
[  197.073141][ T9199] EXT4-fs error (device loop4): ext4_search_dir:1474: inode #12: block 9: comm syz.4.2007: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  197.092110][ T9203] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.2009: mark_inode_dirty error
[  197.103532][ T9199] EXT4-fs (loop4): Remounting filesystem read-only
[  197.120706][ T9203] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2009: corrupted inode contents
[  197.150558][ T9203] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.2009: mark_inode_dirty error
[  197.174702][ T9203] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2009: Failed to acquire dquot type 0
[  197.189749][ T9203] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2009: corrupted inode contents
[  197.205571][ T9203] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.2009: mark_inode_dirty error
[  197.217739][ T9203] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2009: corrupted inode contents
[  197.231552][ T9203] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2009: mark_inode_dirty error
[  197.243449][ T9203] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2009: corrupted inode contents
[  197.257143][ T9203] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  197.266084][ T9203] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2009: corrupted inode contents
[  197.280067][ T9203] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.2009: mark_inode_dirty error
[  197.291750][ T9203] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  197.302748][ T9203] EXT4-fs (loop0): 1 truncate cleaned up
[  197.309146][ T9203] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.322902][ T9203] ext4 filesystem being mounted at /363/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.353893][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.538350][ T9219] loop0: detected capacity change from 0 to 512
[  197.548020][ T9219] EXT4-fs: Ignoring removed nobh option
[  197.566109][ T9219] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2014: corrupted inode contents
[  197.588860][ T9219] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.2014: mark_inode_dirty error
[  197.617044][ T9219] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2014: corrupted inode contents
[  197.648606][ T9219] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.2014: mark_inode_dirty error
[  197.666928][ T9219] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2014: Failed to acquire dquot type 0
[  197.680159][ T9219] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2014: corrupted inode contents
[  197.692906][ T9219] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.2014: mark_inode_dirty error
[  197.705850][ T9219] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2014: corrupted inode contents
[  197.719742][ T9219] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2014: mark_inode_dirty error
[  197.731453][ T9219] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2014: corrupted inode contents
[  197.744946][ T9219] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  197.754162][ T9219] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2014: corrupted inode contents
[  197.782172][ T9219] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.2014: mark_inode_dirty error
[  197.794335][ T9219] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  197.811170][ T9227] loop1: detected capacity change from 0 to 2048
[  197.826175][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.829940][ T9219] EXT4-fs (loop0): 1 truncate cleaned up
[  197.841432][ T9219] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.855661][ T9227] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.868985][ T9219] ext4 filesystem being mounted at /366/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.897302][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.919460][ T9237] loop4: detected capacity change from 0 to 512
[  197.926149][ T9237] EXT4-fs: Ignoring removed nobh option
[  197.933106][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.944746][ T9237] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.2022: corrupted inode contents
[  197.956767][ T9237] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #3: comm syz.4.2022: mark_inode_dirty error
[  197.969280][ T9237] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.2022: corrupted inode contents
[  197.982206][ T9237] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.2022: mark_inode_dirty error
[  197.990131][ T9243] loop0: detected capacity change from 0 to 2048
[  197.998193][ T9237] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2022: Failed to acquire dquot type 0
[  198.012720][ T9237] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2022: corrupted inode contents
[  198.025320][ T9237] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #16: comm syz.4.2022: mark_inode_dirty error
[  198.038136][ T9237] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2022: corrupted inode contents
[  198.052433][ T9243] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.056871][ T9237] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.2022: mark_inode_dirty error
[  198.079392][ T9237] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2022: corrupted inode contents
[  198.091679][ T9237] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  198.101202][ T9237] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2022: corrupted inode contents
[  198.101510][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.123296][ T9237] EXT4-fs error (device loop4): ext4_truncate:4597: inode #16: comm syz.4.2022: mark_inode_dirty error
[  198.134949][ T9237] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  198.144295][ T9237] EXT4-fs (loop4): 1 truncate cleaned up
[  198.157129][ T9237] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.170742][ T9237] ext4 filesystem being mounted at /430/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.201058][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.289163][ T9268] loop4: detected capacity change from 0 to 2048
[  198.386478][ T9280] loop0: detected capacity change from 0 to 512
[  198.393300][ T9280] EXT4-fs: Ignoring removed nobh option
[  198.409865][ T9280] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2039: corrupted inode contents
[  198.421876][ T9280] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.2039: mark_inode_dirty error
[  198.433509][ T9280] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2039: corrupted inode contents
[  198.445580][ T9280] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.2039: mark_inode_dirty error
[  198.457190][ T9280] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2039: Failed to acquire dquot type 0
[  198.468933][ T9280] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2039: corrupted inode contents
[  198.480929][ T9280] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.2039: mark_inode_dirty error
[  198.492480][ T9280] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2039: corrupted inode contents
[  198.505573][ T9280] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2039: mark_inode_dirty error
[  198.517253][ T9280] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2039: corrupted inode contents
[  198.529664][ T9280] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  198.539562][ T9280] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2039: corrupted inode contents
[  198.552339][ T9280] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.2039: mark_inode_dirty error
[  198.565230][ T9280] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  198.574875][ T9280] EXT4-fs (loop0): 1 truncate cleaned up
[  198.581449][ T9280] ext4 filesystem being mounted at /376/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.702628][ T9300] __nla_validate_parse: 8 callbacks suppressed
[  198.702642][ T9300] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2047'.
[  198.819611][ T9320] loop4: detected capacity change from 0 to 512
[  198.826298][ T9320] EXT4-fs: Ignoring removed nobh option
[  198.840214][ T9320] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.2055: corrupted inode contents
[  198.852618][ T9320] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #3: comm syz.4.2055: mark_inode_dirty error
[  198.866538][ T9320] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.2055: corrupted inode contents
[  198.878635][ T9320] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.2055: mark_inode_dirty error
[  198.890430][ T9320] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2055: Failed to acquire dquot type 0
[  198.902092][ T9320] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2055: corrupted inode contents
[  198.914141][ T9320] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #16: comm syz.4.2055: mark_inode_dirty error
[  198.925886][ T9320] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2055: corrupted inode contents
[  198.937939][ T9320] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.2055: mark_inode_dirty error
[  198.949409][ T9320] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2055: corrupted inode contents
[  198.961562][ T9320] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  198.970537][ T9320] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2055: corrupted inode contents
[  198.982796][ T9320] EXT4-fs error (device loop4): ext4_truncate:4597: inode #16: comm syz.4.2055: mark_inode_dirty error
[  198.994109][ T9320] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  199.003331][ T9320] EXT4-fs (loop4): 1 truncate cleaned up
[  199.009411][ T9320] ext4 filesystem being mounted at /436/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.093157][ T9327] loop3: detected capacity change from 0 to 1024
[  199.342373][ T9338] loop4: detected capacity change from 0 to 2048
[  199.379778][ T9338] EXT4-fs error (device loop4): ext4_search_dir:1474: inode #12: block 9: comm syz.4.2060: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  199.397827][ T9338] EXT4-fs (loop4): Remounting filesystem read-only
[  199.548321][ T9348] loop2: detected capacity change from 0 to 512
[  199.558978][ T9348] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  199.573909][ T9348] EXT4-fs (loop2): orphan cleanup on readonly fs
[  199.584534][ T9348] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2063: bg 0: block 248: padding at end of block bitmap is not set
[  199.605349][ T9348] __quota_error: 290 callbacks suppressed
[  199.605363][ T9348] Quota error (device loop2): write_blk: dquota write failed
[  199.618520][ T9348] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  199.628558][ T9348] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2063: Failed to acquire dquot type 1
[  199.641045][ T9348] EXT4-fs (loop2): 1 truncate cleaned up
[  200.940587][ T9355] loop0: detected capacity change from 0 to 512
[  200.967913][ T9361] loop1: detected capacity change from 0 to 512
[  200.975456][ T9361] EXT4-fs: Ignoring removed nobh option
[  201.010230][ T9361] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.2068: corrupted inode contents
[  201.578078][ T9355] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  201.616729][ T9361] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #3: comm syz.1.2068: mark_inode_dirty error
[  201.819415][ T9355] EXT4-fs (loop0): orphan cleanup on readonly fs
[  201.827071][ T9355] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2067: bg 0: block 248: padding at end of block bitmap is not set
[  201.842636][ T9355] Quota error (device loop0): write_blk: dquota write failed
[  201.850036][ T9355] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  201.859957][ T9355] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2067: Failed to acquire dquot type 1
[  201.873082][ T9355] EXT4-fs (loop0): 1 truncate cleaned up
[  201.902292][ T9361] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.2068: corrupted inode contents
[  201.946315][ T9373] netlink: 'syz.4.2071': attribute type 10 has an invalid length.
[  201.954475][ T9361] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.2068: mark_inode_dirty error
[  202.013336][ T9361] Quota error (device loop1): write_blk: dquota write failed
[  202.042541][ T9380] netlink: '’': attribute type 10 has an invalid length.
[  202.053030][ T9361] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  202.078524][ T9361] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2068: Failed to acquire dquot type 0
[  202.101859][ T9361] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2068: corrupted inode contents
[  202.117628][ T9361] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #16: comm syz.1.2068: mark_inode_dirty error
[  202.129291][ T9361] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2068: corrupted inode contents
[  202.156395][ T9361] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.2068: mark_inode_dirty error
[  202.177370][ T9361] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2068: corrupted inode contents
[  202.191484][ T9361] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  202.200461][ T9361] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2068: corrupted inode contents
[  202.214113][ T9361] EXT4-fs error (device loop1): ext4_truncate:4597: inode #16: comm syz.1.2068: mark_inode_dirty error
[  202.225927][ T9361] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  202.236139][ T9361] EXT4-fs (loop1): 1 truncate cleaned up
[  202.243434][ T9361] ext4 filesystem being mounted at /391/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.267220][ T9391] loop0: detected capacity change from 0 to 1024
[  202.274023][ T9391] EXT4-fs: Ignoring removed orlov option
[  202.389620][ T9399] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  202.398331][ T9399] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  202.446361][ T9402] loop3: detected capacity change from 0 to 2048
[  202.969724][ T9414] loop2: detected capacity change from 0 to 2048
[  202.970829][ T9416] netlink: 'syz.4.2084': attribute type 10 has an invalid length.
[  203.106862][ T9428] loop2: detected capacity change from 0 to 2048
[  203.123493][ T9430] loop4: detected capacity change from 0 to 512
[  203.134449][ T9430] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  203.156253][ T9430] EXT4-fs (loop4): orphan cleanup on readonly fs
[  203.194452][ T9430] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2085: bg 0: block 248: padding at end of block bitmap is not set
[  203.209090][ T9436] loop1: detected capacity change from 0 to 2048
[  203.209980][ T9430] Quota error (device loop4): write_blk: dquota write failed
[  203.222937][ T9430] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  203.232864][ T9430] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2085: Failed to acquire dquot type 1
[  203.253780][ T9430] EXT4-fs (loop4): 1 truncate cleaned up
[  203.261263][ T9436] EXT4-fs error (device loop1): ext4_search_dir:1474: inode #12: block 9: comm syz.1.2090: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  203.283102][ T9436] EXT4-fs (loop1): Remounting filesystem read-only
[  203.416378][ T9442] loop2: detected capacity change from 0 to 2048
[  203.489008][ T9448] loop3: detected capacity change from 0 to 1024
[  203.495773][ T9448] EXT4-fs: Ignoring removed orlov option
[  203.623587][ T9454] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  203.656777][ T9454] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  203.710712][ T9458] netlink: 'syz.1.2096': attribute type 10 has an invalid length.
[  203.881768][   T29] audit: type=1326 audit(1752498634.411:11008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9468 comm="syz.1.2099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c083e929 code=0x7ffc0000
[  203.916187][ T9469] FAULT_INJECTION: forcing a failure.
[  203.916187][ T9469] name failslab, interval 1, probability 0, space 0, times 0
[  203.928903][ T9469] CPU: 1 UID: 0 PID: 9469 Comm: syz.1.2099 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(voluntary) 
[  203.928926][ T9469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  203.928940][ T9469] Call Trace:
[  203.928947][ T9469]  <TASK>
[  203.928954][ T9469]  __dump_stack+0x1d/0x30
[  203.929048][ T9469]  dump_stack_lvl+0xe8/0x140
[  203.929065][ T9469]  dump_stack+0x15/0x1b
[  203.929082][ T9469]  should_fail_ex+0x265/0x280
[  203.929107][ T9469]  should_failslab+0x8c/0xb0
[  203.929127][ T9469]  kmem_cache_alloc_noprof+0x50/0x310
[  203.929260][ T9469]  ? audit_log_start+0x365/0x6c0
[  203.929289][ T9469]  audit_log_start+0x365/0x6c0
[  203.929320][ T9469]  audit_seccomp+0x48/0x100
[  203.929410][ T9469]  ? __seccomp_filter+0x68c/0x10d0
[  203.929430][ T9469]  __seccomp_filter+0x69d/0x10d0
[  203.929451][ T9469]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  203.929501][ T9469]  ? vfs_write+0x75e/0x8e0
[  203.929528][ T9469]  ? __rcu_read_unlock+0x4f/0x70
[  203.929547][ T9469]  ? __fget_files+0x184/0x1c0
[  203.929567][ T9469]  __secure_computing+0x82/0x150
[  203.929638][ T9469]  syscall_trace_enter+0xcf/0x1e0
[  203.929737][ T9469]  do_syscall_64+0xac/0x200
[  203.929798][ T9469]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  203.929822][ T9469]  ? clear_bhb_loop+0x40/0x90
[  203.929866][ T9469]  ? clear_bhb_loop+0x40/0x90
[  203.929883][ T9469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.929908][ T9469] RIP: 0033:0x7f72c083e929
[  203.929922][ T9469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.929940][ T9469] RSP: 002b:00007f72beea7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[  203.929959][ T9469] RAX: ffffffffffffffda RBX: 00007f72c0a65fa0 RCX: 00007f72c083e929
[  203.929972][ T9469] RDX: 0000000000006004 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  203.929985][ T9469] RBP: 00007f72beea7090 R08: 0000000000000000 R09: 0000000000000000
[  203.929995][ T9469] R10: 0000000000000703 R11: 0000000000000246 R12: 0000000000000001
[  203.930080][ T9469] R13: 0000000000000000 R14: 00007f72c0a65fa0 R15: 00007ffe12810d48
[  203.930096][ T9469]  </TASK>
[  203.930102][ T9469] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[  203.990816][ T9467] loop0: detected capacity change from 0 to 1024
[  204.175495][ T9476] loop1: detected capacity change from 0 to 512
[  204.182385][ T9476] EXT4-fs: Ignoring removed nobh option
[  204.219635][ T9476] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.2101: corrupted inode contents
[  204.232151][ T9476] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #3: comm syz.1.2101: mark_inode_dirty error
[  204.258036][ T9476] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.2101: corrupted inode contents
[  204.279099][ T9476] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.2101: mark_inode_dirty error
[  204.316536][ T9482] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2102'.
[  204.352364][ T9476] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2101: Failed to acquire dquot type 0
[  204.365319][ T9484] FAULT_INJECTION: forcing a failure.
[  204.365319][ T9484] name failslab, interval 1, probability 0, space 0, times 0
[  204.378122][ T9484] CPU: 1 UID: 0 PID: 9484 Comm: syz.0.2103 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(voluntary) 
[  204.378150][ T9484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  204.378161][ T9484] Call Trace:
[  204.378166][ T9484]  <TASK>
[  204.378172][ T9484]  __dump_stack+0x1d/0x30
[  204.378198][ T9484]  dump_stack_lvl+0xe8/0x140
[  204.378218][ T9484]  dump_stack+0x15/0x1b
[  204.378244][ T9484]  should_fail_ex+0x265/0x280
[  204.378274][ T9484]  should_failslab+0x8c/0xb0
[  204.378297][ T9484]  __kmalloc_noprof+0xa5/0x3e0
[  204.378369][ T9484]  ? qrtr_tun_write_iter+0x87/0x150
[  204.378391][ T9484]  ? __pfx_qrtr_tun_write_iter+0x10/0x10
[  204.378463][ T9484]  qrtr_tun_write_iter+0x87/0x150
[  204.378526][ T9484]  vfs_write+0x49d/0x8e0
[  204.378595][ T9484]  ksys_write+0xda/0x1a0
[  204.378626][ T9484]  __x64_sys_write+0x40/0x50
[  204.378736][ T9484]  x64_sys_call+0x2cdd/0x2fb0
[  204.378757][ T9484]  do_syscall_64+0xd2/0x200
[  204.378774][ T9484]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  204.378798][ T9484]  ? clear_bhb_loop+0x40/0x90
[  204.378864][ T9484]  ? clear_bhb_loop+0x40/0x90
[  204.378886][ T9484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.378926][ T9484] RIP: 0033:0x7f29331ee929
[  204.378938][ T9484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.378955][ T9484] RSP: 002b:00007f2931857038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  204.378974][ T9484] RAX: ffffffffffffffda RBX: 00007f2933415fa0 RCX: 00007f29331ee929
[  204.378988][ T9484] RDX: 00000000000000c8 RSI: 0000000000000000 RDI: 0000000000000003
[  204.378998][ T9484] RBP: 00007f2931857090 R08: 0000000000000000 R09: 0000000000000000
[  204.379033][ T9484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.379043][ T9484] R13: 0000000000000000 R14: 00007f2933415fa0 R15: 00007ffca54d3c38
[  204.379059][ T9484]  </TASK>
[  204.589619][ T9476] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2101: corrupted inode contents
[  204.602236][ T9476] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #16: comm syz.1.2101: mark_inode_dirty error
[  204.615381][ T9476] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2101: corrupted inode contents
[  204.627954][ T9476] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.2101: mark_inode_dirty error
[  204.651267][ T9476] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2101: corrupted inode contents
[  204.671412][ T9486] loop3: detected capacity change from 0 to 2048
[  204.680402][ T9476] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  204.710384][ T9486] Alternate GPT is invalid, using primary GPT.
[  204.716778][ T9486]  loop3: p2 p3 p7
[  204.720551][ T9476] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2101: corrupted inode contents
[  204.786655][ T9492] loop2: detected capacity change from 0 to 2048
[  204.794400][ T9476] EXT4-fs error (device loop1): ext4_truncate:4597: inode #16: comm syz.1.2101: mark_inode_dirty error
[  204.817067][ T9476] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  204.827803][ T9476] EXT4-fs (loop1): 1 truncate cleaned up
[  204.834390][ T9476] ext4 filesystem being mounted at /399/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  204.860983][ T9492] 9pnet_fd: Insufficient options for proto=fd
[  204.949641][ T9504] loop2: detected capacity change from 0 to 2048
[  204.962216][ T9506] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2113'.
[  204.976193][ T9504] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #12: block 9: comm syz.2.2112: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  204.996666][   T29] kauditd_printk_skb: 20 callbacks suppressed
[  204.996677][   T29] audit: type=1400 audit(1752498635.521:11026): avc:  denied  { read write } for  pid=9505 comm="syz.1.2113" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  204.998453][ T9504] EXT4-fs (loop2): Remounting filesystem read-only
[  205.002906][   T29] audit: type=1400 audit(1752498635.521:11027): avc:  denied  { open } for  pid=9505 comm="syz.1.2113" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  205.027837][ T9506] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2113'.
[  205.067867][ T9506] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2113'.
[  205.089752][ T9514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2116'.
[  205.099461][   T29] audit: type=1400 audit(1752498635.631:11028): avc:  denied  { write } for  pid=9505 comm="syz.1.2113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  205.116154][ T9512] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2115'.
[  205.119424][   T29] audit: type=1400 audit(1752498635.631:11029): avc:  denied  { read write } for  pid=9505 comm="syz.1.2113" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  205.152948][   T29] audit: type=1400 audit(1752498635.631:11030): avc:  denied  { open } for  pid=9505 comm="syz.1.2113" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  205.177807][ T9506] team0: Port device dummy0 removed
[  205.184048][ T9506] batman_adv: batadv0: Adding interface: dummy0
[  205.190444][ T9506] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.215937][ T9506] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  205.227441][ T9514] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.281189][ T9514] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.295653][ T9522] loop4: detected capacity change from 0 to 512
[  205.303482][ T9522] EXT4-fs: Ignoring removed nobh option
[  205.320529][ T9522] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.2119: corrupted inode contents
[  205.332677][ T9522] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #3: comm syz.4.2119: mark_inode_dirty error
[  205.345547][ T9522] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.2119: corrupted inode contents
[  205.357559][ T9522] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.2119: mark_inode_dirty error
[  205.370308][ T9522] Quota error (device loop4): write_blk: dquota write failed
[  205.371012][ T9514] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.377762][ T9522] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  205.377829][ T9522] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2119: Failed to acquire dquot type 0
[  205.409278][ T9522] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2119: corrupted inode contents
[  205.421290][ T9522] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #16: comm syz.4.2119: mark_inode_dirty error
[  205.432746][ T9522] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2119: corrupted inode contents
[  205.444841][ T9522] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.2119: mark_inode_dirty error
[  205.456201][ T9522] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2119: corrupted inode contents
[  205.457776][ T9514] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.469254][ T9522] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  205.486968][ T9522] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2119: corrupted inode contents
[  205.499172][ T9522] EXT4-fs error (device loop4): ext4_truncate:4597: inode #16: comm syz.4.2119: mark_inode_dirty error
[  205.510733][ T9522] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  205.520199][ T9522] EXT4-fs (loop4): 1 truncate cleaned up
[  205.526443][ T9522] ext4 filesystem being mounted at /446/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  205.533346][ T9514] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.550155][ T9514] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.562116][ T9514] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.573520][ T9514] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.616189][   T29] audit: type=1326 audit(1752498636.141:11031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9529 comm="syz.2.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdaabbe929 code=0x7ffc0000
[  205.650457][   T29] audit: type=1326 audit(1752498636.171:11032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9529 comm="syz.2.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efdaabbe929 code=0x7ffc0000
[  205.674084][   T29] audit: type=1326 audit(1752498636.171:11033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9529 comm="syz.2.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdaabbe929 code=0x7ffc0000
[  205.816933][ T9551] loop3: detected capacity change from 0 to 512
[  205.827776][ T9551] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  205.861322][ T9551] EXT4-fs (loop3): orphan cleanup on readonly fs
[  205.917781][ T9551] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2125: bg 0: block 248: padding at end of block bitmap is not set
[  205.933456][ T9551] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2125: Failed to acquire dquot type 1
[  205.945829][ T9551] EXT4-fs (loop3): 1 truncate cleaned up
[  205.963064][ T9555] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2129'.
[  206.086443][ T9564] loop0: detected capacity change from 0 to 1024
[  206.622666][ T9580] loop2: detected capacity change from 0 to 512
[  206.633732][ T9580] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  206.699213][ T9580] EXT4-fs (loop2): orphan cleanup on readonly fs
[  206.776157][ T9580] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2139: bg 0: block 248: padding at end of block bitmap is not set
[  206.791339][ T9580] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2139: Failed to acquire dquot type 1
[  206.803709][ T9580] EXT4-fs (loop2): 1 truncate cleaned up
[  207.162940][ T9586] loop4: detected capacity change from 0 to 2048
[  207.195240][ T9586] EXT4-fs error (device loop4): ext4_search_dir:1474: inode #12: block 9: comm syz.4.2142: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  207.257865][ T9586] EXT4-fs (loop4): Remounting filesystem read-only
[  207.572730][ T9590] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2141'.
[  207.747364][ T9598] loop1: detected capacity change from 0 to 2048
[  207.763455][ T9596] loop4: detected capacity change from 0 to 2048
[  207.820449][ T9598] Alternate GPT is invalid, using primary GPT.
[  207.826838][ T9598]  loop1: p2 p3 p7
[  207.842186][ T9596] 9pnet_fd: Insufficient options for proto=fd
[  207.859552][ T9605] netlink: '’': attribute type 10 has an invalid length.
[  207.896696][ T9605] bond0: (slave dummy0): Releasing backup interface
[  207.924059][ T9605] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  207.960241][ T9605] team0: Failed to send options change via netlink (err -105)
[  207.967756][ T9605] team0: Port device dummy0 added
[  208.097728][ T9614] loop4: detected capacity change from 0 to 2048
[  208.160054][ T9618] FAULT_INJECTION: forcing a failure.
[  208.160054][ T9618] name failslab, interval 1, probability 0, space 0, times 0
[  208.173049][ T9618] CPU: 1 UID: 0 PID: 9618 Comm: syz.0.2153 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(voluntary) 
[  208.173184][ T9618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  208.173195][ T9618] Call Trace:
[  208.173201][ T9618]  <TASK>
[  208.173207][ T9618]  __dump_stack+0x1d/0x30
[  208.173271][ T9618]  dump_stack_lvl+0xe8/0x140
[  208.173286][ T9618]  dump_stack+0x15/0x1b
[  208.173375][ T9618]  should_fail_ex+0x265/0x280
[  208.173401][ T9618]  should_failslab+0x8c/0xb0
[  208.173419][ T9618]  kmem_cache_alloc_noprof+0x50/0x310
[  208.173441][ T9618]  ? audit_log_start+0x365/0x6c0
[  208.173545][ T9618]  audit_log_start+0x365/0x6c0
[  208.173572][ T9618]  audit_seccomp+0x48/0x100
[  208.173666][ T9618]  ? __seccomp_filter+0x68c/0x10d0
[  208.173689][ T9618]  __seccomp_filter+0x69d/0x10d0
[  208.173707][ T9618]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  208.173735][ T9618]  ? vfs_write+0x75e/0x8e0
[  208.173814][ T9618]  ? __rcu_read_unlock+0x4f/0x70
[  208.173832][ T9618]  ? __fget_files+0x184/0x1c0
[  208.173849][ T9618]  __secure_computing+0x82/0x150
[  208.173867][ T9618]  syscall_trace_enter+0xcf/0x1e0
[  208.173892][ T9618]  do_syscall_64+0xac/0x200
[  208.173977][ T9618]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  208.174003][ T9618]  ? clear_bhb_loop+0x40/0x90
[  208.174025][ T9618]  ? clear_bhb_loop+0x40/0x90
[  208.174046][ T9618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.174142][ T9618] RIP: 0033:0x7f29331ee929
[  208.174154][ T9618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.174168][ T9618] RSP: 002b:00007f2931857038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b0
[  208.174183][ T9618] RAX: ffffffffffffffda RBX: 00007f2933415fa0 RCX: 00007f29331ee929
[  208.174194][ T9618] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000006
[  208.174235][ T9618] RBP: 00007f2931857090 R08: 0000000000000000 R09: 0000000000000000
[  208.174246][ T9618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.174259][ T9618] R13: 0000000000000000 R14: 00007f2933415fa0 R15: 00007ffca54d3c38
[  208.174350][ T9618]  </TASK>
[  208.514307][ T9630] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2154'.
[  208.546029][ T9643] loop0: detected capacity change from 0 to 1024
[  208.585901][ T9643] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2162'.
[  208.657845][ T9654] loop1: detected capacity change from 0 to 1024
[  208.761236][ T9654] EXT4-fs: Ignoring removed orlov option
[  208.777001][ T9664] loop0: detected capacity change from 0 to 512
[  208.785486][ T9661] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.795624][ T9664] EXT4-fs: Ignoring removed nobh option
[  208.871280][ T9665] loop4: detected capacity change from 0 to 1024
[  208.910096][ T9664] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2169: corrupted inode contents
[  208.930138][ T9661] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.990872][ T9661] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.016984][ T9664] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.2169: mark_inode_dirty error
[  209.072065][ T9664] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2169: corrupted inode contents
[  209.086107][ T9661] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.137269][ T9664] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.2169: mark_inode_dirty error
[  209.154521][ T9664] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2169: Failed to acquire dquot type 0
[  209.166265][ T9664] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2169: corrupted inode contents
[  209.178453][ T9664] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.2169: mark_inode_dirty error
[  209.190129][ T9664] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2169: corrupted inode contents
[  209.202430][ T9664] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2169: mark_inode_dirty error
[  209.216814][ T9664] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2169: corrupted inode contents
[  209.221872][ T9661] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  209.241877][ T9661] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  209.248831][ T9679] loop1: detected capacity change from 0 to 2048
[  209.253057][ T9661] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  209.265407][ T9664] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  209.270119][ T9661] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  209.277453][ T9679] EXT4-fs error (device loop1): ext4_search_dir:1474: inode #12: block 9: comm syz.1.2173: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  209.283090][ T9664] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2169: corrupted inode contents
[  209.308440][ T9679] EXT4-fs (loop1): Remounting filesystem read-only
[  209.327177][ T9664] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.2169: mark_inode_dirty error
[  209.340347][ T9664] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  209.350213][ T9664] EXT4-fs (loop0): 1 truncate cleaned up
[  209.356315][ T9664] ext4 filesystem being mounted at /409/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.390417][ T9686] __nla_validate_parse: 1 callbacks suppressed
[  209.390432][ T9686] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2176'.
[  209.406724][ T9686] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.431177][ T9687] loop2: detected capacity change from 0 to 2048
[  209.441664][ T9687] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #12: block 9: comm syz.2.2175: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  209.459840][ T9687] EXT4-fs (loop2): Remounting filesystem read-only
[  209.479603][ T9686] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.529910][ T9686] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.557230][ T9691] loop4: detected capacity change from 0 to 2048
[  209.564782][ T9691] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  209.576409][ T9686] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.580642][ T9691] ext4 filesystem being mounted at /466/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.617867][ T9696] loop4: detected capacity change from 0 to 128
[  209.725271][ T9701] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2179'.
[  209.759344][ T9701] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.781819][ T9702] netlink: '’': attribute type 10 has an invalid length.
[  209.790299][ T9702] netlink: '’': attribute type 10 has an invalid length.
[  209.798913][ T9702] team0: Port device dummy0 removed
[  209.806236][ T9702] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  209.817119][ T9701] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.827251][ T9704] loop1: detected capacity change from 0 to 2048
[  209.846211][ T9704] EXT4-fs error (device loop1): ext4_search_dir:1474: inode #12: block 9: comm syz.1.2180: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  209.864856][ T9704] EXT4-fs (loop1): Remounting filesystem read-only
[  209.873210][ T9709] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2181'.
[  209.886192][ T9701] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.925554][ T9713] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2183'.
[  209.935522][ T9713] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.949826][ T9701] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.979997][ T9714] netlink: '’': attribute type 10 has an invalid length.
[  209.987612][ T9714] netlink: '’': attribute type 10 has an invalid length.
[  209.995778][ T9714] dummy0: left promiscuous mode
[  210.001371][ T9714] dummy0: left allmulticast mode
[  210.006921][ T9714] team0: Port device dummy0 removed
[  210.015713][ T9714] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  210.025607][ T9713] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.047451][ T9701] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.059269][ T9701] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.071305][ T9701] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.082927][ T9701] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.093070][ T9713] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.107280][ T9686] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.119021][ T9686] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.131661][ T9686] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.132956][ T9722] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2185'.
[  210.143350][ T9686] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.159261][ T9713] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.171389][ T9722] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.218984][ T9725] loop0: detected capacity change from 0 to 512
[  210.225570][ T9725] EXT4-fs: Ignoring removed nobh option
[  210.239553][ T9725] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2186: corrupted inode contents
[  210.251593][ T9725] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.2186: mark_inode_dirty error
[  210.263626][ T9725] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2186: corrupted inode contents
[  210.264878][ T9722] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.276064][ T9725] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.2186: mark_inode_dirty error
[  210.297198][ T9725] __quota_error: 101 callbacks suppressed
[  210.297208][ T9725] Quota error (device loop0): write_blk: dquota write failed
[  210.310638][ T9725] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  210.321113][ T9725] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2186: Failed to acquire dquot type 0
[  210.332910][ T9725] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2186: corrupted inode contents
[  210.345153][ T9725] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.2186: mark_inode_dirty error
[  210.345965][ T9722] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.357858][ T9725] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2186: corrupted inode contents
[  210.378680][ T9725] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2186: mark_inode_dirty error
[  210.390381][ T9725] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2186: corrupted inode contents
[  210.402338][ T9725] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  210.411061][ T9725] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2186: corrupted inode contents
[  210.411912][ T9722] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.424314][ T9725] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.2186: mark_inode_dirty error
[  210.444246][ T9725] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  210.453553][ T9725] EXT4-fs (loop0): 1 truncate cleaned up
[  210.459693][ T9725] ext4 filesystem being mounted at /411/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.569383][ T9736] loop0: detected capacity change from 0 to 2048
[  210.578441][ T9736] EXT4-fs error (device loop0): ext4_search_dir:1474: inode #12: block 9: comm syz.0.2190: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  210.596677][ T9736] EXT4-fs (loop0): Remounting filesystem read-only
[  211.028166][ T9745] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2193'.
[  211.071332][ T9747] netlink: '’': attribute type 10 has an invalid length.
[  211.097872][ T9749] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2195'.
[  211.109727][ T9749] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.160979][ T9749] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.161285][ T9754] netlink: '’': attribute type 10 has an invalid length.
[  211.183495][ T9754] netlink: '’': attribute type 10 has an invalid length.
[  211.191634][ T9754] team0: Port device dummy0 removed
[  211.200569][ T9754] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  211.221204][ T9749] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.281445][ T9749] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.351448][ T9759] loop1: detected capacity change from 0 to 512
[  211.358476][ T9759] EXT4-fs: Ignoring removed nobh option
[  211.386895][ T9759] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.2198: corrupted inode contents
[  211.399174][ T9759] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #3: comm syz.1.2198: mark_inode_dirty error
[  211.410965][ T9759] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.2198: corrupted inode contents
[  211.423020][ T9759] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.2198: mark_inode_dirty error
[  211.434552][ T9759] Quota error (device loop1): write_blk: dquota write failed
[  211.442974][ T9759] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  211.453110][ T9759] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2198: Failed to acquire dquot type 0
[  211.462011][ T9766] loop3: detected capacity change from 0 to 2048
[  211.465684][ T9759] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2198: corrupted inode contents
[  211.483259][ T9759] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #16: comm syz.1.2198: mark_inode_dirty error
[  211.494950][ T9759] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2198: corrupted inode contents
[  211.507436][ T9759] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.2198: mark_inode_dirty error
[  211.519143][ T9759] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2198: corrupted inode contents
[  211.531688][ T9759] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  211.540328][ T9759] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2198: corrupted inode contents
[  211.552513][ T9759] EXT4-fs error (device loop1): ext4_truncate:4597: inode #16: comm syz.1.2198: mark_inode_dirty error
[  211.564192][ T9759] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  211.573954][ T9759] EXT4-fs (loop1): 1 truncate cleaned up
[  211.580252][ T9759] ext4 filesystem being mounted at /417/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  211.603545][ T9770] loop3: detected capacity change from 0 to 2048
[  211.670325][ T9770] Alternate GPT is invalid, using primary GPT.
[  211.676650][ T9770]  loop3: p2 p3 p7
[  212.483463][ T9779] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2204'.
[  212.553194][ T9783] netlink: '’': attribute type 10 has an invalid length.
[  212.672978][ T9713] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.684034][ T9713] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.694552][ T9713] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.705382][ T9713] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.886736][ T9792] loop2: detected capacity change from 0 to 2048
[  212.920267][ T9792] Alternate GPT is invalid, using primary GPT.
[  212.926554][ T9792]  loop2: p2 p3 p7
[  212.969989][ T9794] loop2: detected capacity change from 0 to 2048
[  212.982984][ T9794] 9pnet_fd: Insufficient options for proto=fd
[  213.054602][ T9801] loop2: detected capacity change from 0 to 512
[  213.061258][ T9801] EXT4-fs: Ignoring removed nobh option
[  213.069256][ T9801] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #3: comm syz.2.2213: corrupted inode contents
[  213.081155][ T9801] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #3: comm syz.2.2213: mark_inode_dirty error
[  213.092896][ T9801] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #3: comm syz.2.2213: corrupted inode contents
[  213.105136][ T9801] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.2213: mark_inode_dirty error
[  213.116649][ T9801] Quota error (device loop2): write_blk: dquota write failed
[  213.124342][ T9801] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  213.134380][ T9801] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2213: Failed to acquire dquot type 0
[  213.146046][ T9801] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.2213: corrupted inode contents
[  213.158337][ T9801] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #16: comm syz.2.2213: mark_inode_dirty error
[  213.169876][ T9801] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.2213: corrupted inode contents
[  213.181892][ T9801] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.2213: mark_inode_dirty error
[  213.193273][ T9801] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.2213: corrupted inode contents
[  213.205440][ T9801] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  213.214258][ T9801] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.2213: corrupted inode contents
[  213.226302][ T9801] EXT4-fs error (device loop2): ext4_truncate:4597: inode #16: comm syz.2.2213: mark_inode_dirty error
[  213.237609][ T9801] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  213.246959][ T9801] EXT4-fs (loop2): 1 truncate cleaned up
[  213.253022][ T9801] ext4 filesystem being mounted at /480/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.291314][ T9805] loop2: detected capacity change from 0 to 2048
[  213.470988][ T9815] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2217'.
[  213.527166][   T29] audit: type=1326 audit(1752498644.051:11127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9819 comm="syz.3.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  213.552835][   T29] audit: type=1326 audit(1752498644.081:11128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9819 comm="syz.3.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  213.576499][   T29] audit: type=1326 audit(1752498644.081:11129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9819 comm="syz.3.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  213.600203][   T29] audit: type=1326 audit(1752498644.081:11130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9819 comm="syz.3.2219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f52116ee929 code=0x7ffc0000
[  213.650390][ T9822] loop2: detected capacity change from 0 to 1024
[  213.656938][ T9822] EXT4-fs: Ignoring removed orlov option
[  213.724664][ T9722] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  213.735712][ T9722] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  213.747353][ T9722] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  213.758649][ T9722] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.776859][ T9826] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.786798][ T9826] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.790271][ T9828] netlink: '’': attribute type 10 has an invalid length.
[  213.803818][ T9828] bond0: (slave dummy0): Releasing backup interface
[  213.815423][ T9828] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  213.828210][ T9828] team0: Failed to send options change via netlink (err -105)
[  213.835776][ T9828] team0: Port device dummy0 added
[  213.848109][ T9749] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  213.876481][ T9749] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  213.887868][ T9749] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  213.899693][ T9749] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.974275][ T9835] loop0: detected capacity change from 0 to 512
[  213.980848][ T9835] EXT4-fs: Ignoring removed nobh option
[  213.989847][ T9835] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2224: corrupted inode contents
[  214.001936][ T9835] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.2224: mark_inode_dirty error
[  214.013669][ T9835] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2224: corrupted inode contents
[  214.025779][ T9835] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.2224: mark_inode_dirty error
[  214.037400][ T9835] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2224: Failed to acquire dquot type 0
[  214.049350][ T9835] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2224: corrupted inode contents
[  214.061425][ T9835] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.2224: mark_inode_dirty error
[  214.073214][ T9835] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2224: corrupted inode contents
[  214.085430][ T9835] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2224: mark_inode_dirty error
[  214.096873][ T9835] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2224: corrupted inode contents
[  214.109016][ T9835] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  214.117759][ T9835] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2224: corrupted inode contents
[  214.129828][ T9835] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.2224: mark_inode_dirty error
[  214.141021][ T9835] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  214.150645][ T9835] EXT4-fs (loop0): 1 truncate cleaned up
[  214.156770][ T9835] ext4 filesystem being mounted at /419/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.191892][ T9839] netlink: '’': attribute type 10 has an invalid length.
[  214.201654][ T9839] bond0: (slave dummy0): Releasing backup interface
[  214.210960][ T9839] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  214.219784][ T9839] team0: Failed to send options change via netlink (err -105)
[  214.227264][ T9839] team0: Port device dummy0 added
[  214.636282][ T9853] loop2: detected capacity change from 0 to 1024
[  215.061422][ T9863] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2233'.
[  215.071882][ T9863] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.074300][ T9865] loop1: detected capacity change from 0 to 512
[  215.089635][ T9865] EXT4-fs: Ignoring removed nobh option
[  215.099498][ T9865] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.2234: corrupted inode contents
[  215.111682][ T9865] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #3: comm syz.1.2234: mark_inode_dirty error
[  215.117381][ T9869] loop0: detected capacity change from 0 to 512
[  215.125217][ T9870] netlink: '’': attribute type 10 has an invalid length.
[  215.130525][ T9869] EXT4-fs: Ignoring removed nobh option
[  215.141449][ T9870] netlink: '’': attribute type 10 has an invalid length.
[  215.149510][ T9865] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.2234: corrupted inode contents
[  215.161542][ T9865] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.2234: mark_inode_dirty error
[  215.161640][ T9870] team0: Port device dummy0 removed
[  215.173943][ T9865] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2234: Failed to acquire dquot type 0
[  215.180425][ T9870] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  215.190803][ T9865] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2234: corrupted inode contents
[  215.210514][ T9863] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.211611][ T9865] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #16: comm syz.1.2234: mark_inode_dirty error
[  215.232194][ T9865] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2234: corrupted inode contents
[  215.233219][ T9869] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2235: corrupted inode contents
[  215.256500][ T9869] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.2235: mark_inode_dirty error
[  215.256997][ T9865] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.2234: mark_inode_dirty error
[  215.268824][ T9869] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2235: corrupted inode contents
[  215.282227][ T9865] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2234: corrupted inode contents
[  215.297435][ T9869] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.2235: mark_inode_dirty error
[  215.314601][ T9869] __quota_error: 14 callbacks suppressed
[  215.314615][ T9869] Quota error (device loop0): write_blk: dquota write failed
[  215.327945][ T9869] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  215.347347][ T9876] loop3: detected capacity change from 0 to 2048
[  215.355316][ T9863] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.366395][ T9869] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2235: Failed to acquire dquot type 0
[  215.378752][ T9869] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2235: corrupted inode contents
[  215.380023][ T9865] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  215.391041][ T9869] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.2235: mark_inode_dirty error
[  215.400245][ T9865] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2234: corrupted inode contents
[  215.412479][ T9869] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2235: corrupted inode contents
[  215.435142][ T9865] EXT4-fs error (device loop1): ext4_truncate:4597: inode #16: comm syz.1.2234: mark_inode_dirty error
[  215.448981][ T9863] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.453911][ T9880] loop2: detected capacity change from 0 to 512
[  215.461315][ T9869] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2235: mark_inode_dirty error
[  215.466013][ T9880] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  215.480889][ T9865] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  215.494354][ T9869] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2235: corrupted inode contents
[  215.506595][ T9869] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  215.515782][ T9865] EXT4-fs (loop1): 1 truncate cleaned up
[  215.522185][ T9865] ext4 filesystem being mounted at /423/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.534379][ T9869] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2235: corrupted inode contents
[  215.547620][ T9869] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.2235: mark_inode_dirty error
[  215.557060][ T9884] loop2: detected capacity change from 0 to 2048
[  215.559286][ T9869] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  215.574971][ T9869] EXT4-fs (loop0): 1 truncate cleaned up
[  215.581451][ T9869] ext4 filesystem being mounted at /422/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.611872][ T9884] 9pnet_fd: Insufficient options for proto=fd
[  215.614250][   T29] audit: type=1326 audit(1752498646.141:11141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9887 comm="syz.1.2239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c083e929 code=0x7ffc0000
[  215.653510][   T29] audit: type=1326 audit(1752498646.171:11142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9887 comm="syz.1.2239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72c083e929 code=0x7ffc0000
[  215.677177][   T29] audit: type=1326 audit(1752498646.171:11143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9887 comm="syz.1.2239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c083e929 code=0x7ffc0000
[  215.700931][   T29] audit: type=1326 audit(1752498646.171:11144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9887 comm="syz.1.2239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f72c083e929 code=0x7ffc0000
[  215.724355][   T29] audit: type=1326 audit(1752498646.171:11145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9887 comm="syz.1.2239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c083e929 code=0x7ffc0000
[  215.747903][   T29] audit: type=1326 audit(1752498646.171:11146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9887 comm="syz.1.2239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f72c083e929 code=0x7ffc0000
[  215.771536][   T29] audit: type=1326 audit(1752498646.171:11147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9887 comm="syz.1.2239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c083e929 code=0x7ffc0000
[  215.795038][   T29] audit: type=1326 audit(1752498646.171:11148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9887 comm="syz.1.2239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f72c083e929 code=0x7ffc0000
[  215.916590][ T9903] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2246'.
[  216.131453][ T9909] loop0: detected capacity change from 0 to 1024
[  216.439675][ T9913] lo speed is unknown, defaulting to 1000
[  216.460968][ T9915] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2249'.
[  216.470922][ T9915] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.518748][ T9917] loop3: detected capacity change from 0 to 2048
[  216.519769][ T9915] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.537720][ T9918] netlink: '’': attribute type 10 has an invalid length.
[  216.544919][ T9918] batman_adv: batadv0: Removing interface: dummy0
[  216.554022][ T9918] team0: Port device dummy0 added
[  216.600013][ T9915] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.624176][ T9922] loop3: detected capacity change from 0 to 2048
[  216.669705][ T9915] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.802363][ T9915] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.813690][ T9915] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.825824][ T9915] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.840522][ T9931] loop2: detected capacity change from 0 to 2048
[  216.850159][ T9931] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #12: block 9: comm syz.2.2254: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  216.852758][ T9915] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.879241][ T9931] EXT4-fs (loop2): Remounting filesystem read-only
[  217.300011][ T9951] loop2: detected capacity change from 0 to 2048
[  217.378785][ T9955] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2262'.
[  217.387798][ T9955] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2262'.
[  217.571447][ T9957] loop3: detected capacity change from 0 to 1024
[  217.578205][ T9957] EXT4-fs: Ignoring removed orlov option
[  217.585703][ T9957] EXT4-fs mount: 108 callbacks suppressed
[  217.585713][ T9957] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.643571][ T9863] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  217.654970][ T9863] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  217.667196][ T9863] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  217.680293][ T9863] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.709808][ T9963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  217.713161][ T9962] loop4: detected capacity change from 0 to 2048
[  217.725275][ T9963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  217.740411][ T9962] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.831069][ T9967] lo speed is unknown, defaulting to 1000
[  217.839711][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.877626][ T9971] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2267'.
[  217.887470][ T9971] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.929724][ T9974] loop4: detected capacity change from 0 to 2048
[  217.933170][ T9976] netlink: '’': attribute type 10 has an invalid length.
[  217.946550][ T9974] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.948712][ T9971] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.970345][ T9974] EXT4-fs error (device loop4): ext4_search_dir:1474: inode #12: block 9: comm syz.4.2269: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  217.988504][ T9974] EXT4-fs (loop4): Remounting filesystem read-only
[  218.020125][ T9971] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.079890][ T9971] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.144641][ T9971] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.155286][ T9971] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.166167][ T9971] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.177144][ T9971] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.311476][ T9984] loop0: detected capacity change from 0 to 512
[  218.317978][ T9983] loop2: detected capacity change from 0 to 2048
[  218.325530][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.335507][ T9984] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  218.349866][ T9983] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.366836][ T9984] EXT4-fs (loop0): orphan cleanup on readonly fs
[  218.377705][ T9984] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2270: bg 0: block 248: padding at end of block bitmap is not set
[  218.399168][ T9988] loop3: detected capacity change from 0 to 2048
[  218.420494][ T9984] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2270: Failed to acquire dquot type 1
[  218.421248][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.432527][ T9984] EXT4-fs (loop0): 1 truncate cleaned up
[  218.446923][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.457590][ T9984] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  218.482311][ T9992] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2274'.
[  218.509028][ T9988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.522446][ T9992] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.546667][ T9996] loop2: detected capacity change from 0 to 1024
[  218.555002][ T9996] EXT4-fs: Ignoring removed orlov option
[  218.567765][ T9996] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.579805][ T9999] netlink: '’': attribute type 10 has an invalid length.
[  218.591867][ T9999] bond0: (slave dummy0): Releasing backup interface
[  218.631788][T10000] netlink: 'syz.4.2274': attribute type 10 has an invalid length.
[  218.729739][ T9999] team0: Port device dummy0 added
[  218.737099][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.767131][ T9992] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.828727][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.848865][T10000] team0: Port device dummy0 removed
[  218.860184][T10000] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  218.889500][ T9992] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.998342][T10012] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2280'.
[  219.007353][T10012] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2280'.
[  219.039516][ T9992] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.741079][T10021] netlink: 'syz.1.2283': attribute type 10 has an invalid length.
[  219.749990][T10018] loop2: detected capacity change from 0 to 1024
[  219.756663][T10018] EXT4-fs: Ignoring removed orlov option
[  219.771633][T10018] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.891390][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.902383][T10028] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  219.910876][T10028] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  219.926847][T10027] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2284'.
[  219.984208][T10032] loop1: detected capacity change from 0 to 2048
[  219.999527][T10032] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.024996][T10036] loop0: detected capacity change from 0 to 512
[  220.031726][T10036] EXT4-fs: Ignoring removed nobh option
[  220.039240][T10036] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2287: corrupted inode contents
[  220.051204][T10036] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.2287: mark_inode_dirty error
[  220.062807][T10036] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2287: corrupted inode contents
[  220.074731][T10036] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.2287: mark_inode_dirty error
[  220.075004][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.086312][T10036] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2287: Failed to acquire dquot type 0
[  220.106644][T10036] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2287: corrupted inode contents
[  220.118783][T10036] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.2287: mark_inode_dirty error
[  220.130451][T10036] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2287: corrupted inode contents
[  220.143010][T10036] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2287: mark_inode_dirty error
[  220.154588][T10036] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2287: corrupted inode contents
[  220.166832][T10036] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  220.175636][T10036] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2287: corrupted inode contents
[  220.187681][T10036] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.2287: mark_inode_dirty error
[  220.198910][T10036] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  220.209376][T10036] EXT4-fs (loop0): 1 truncate cleaned up
[  220.215531][T10036] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.228705][T10036] ext4 filesystem being mounted at /432/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.271332][T10044] loop1: detected capacity change from 0 to 512
[  220.279111][T10044] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  220.297203][T10044] EXT4-fs (loop1): orphan cleanup on readonly fs
[  220.297965][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.315941][T10044] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2289: bg 0: block 248: padding at end of block bitmap is not set
[  220.341528][T10044] __quota_error: 110 callbacks suppressed
[  220.341586][T10044] Quota error (device loop1): write_blk: dquota write failed
[  220.354779][T10044] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  220.364837][T10044] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2289: Failed to acquire dquot type 1
[  220.399037][T10047] loop0: detected capacity change from 0 to 2048
[  220.407583][T10044] EXT4-fs (loop1): 1 truncate cleaned up
[  220.442623][T10044] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  220.474056][T10047] Alternate GPT is invalid, using primary GPT.
[  220.480502][T10047]  loop0: p2 p3 p7
[  220.504049][T10051] loop3: detected capacity change from 0 to 512
[  220.518363][T10051] EXT4-fs: Ignoring removed nobh option
[  220.534840][T10051] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #3: comm syz.3.2292: corrupted inode contents
[  220.547399][T10051] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #3: comm syz.3.2292: mark_inode_dirty error
[  220.547884][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.570117][T10051] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #3: comm syz.3.2292: corrupted inode contents
[  220.588098][T10051] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.2292: mark_inode_dirty error
[  220.603409][T10051] Quota error (device loop3): write_blk: dquota write failed
[  220.612992][T10051] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  220.623131][T10051] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2292: Failed to acquire dquot type 0
[  220.625253][T10055] netlink: 'syz.0.2294': attribute type 10 has an invalid length.
[  220.645656][T10051] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.2292: corrupted inode contents
[  220.659237][T10051] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #16: comm syz.3.2292: mark_inode_dirty error
[  220.670986][T10051] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.2292: corrupted inode contents
[  220.684328][T10051] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.2292: mark_inode_dirty error
[  220.696065][T10051] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.2292: corrupted inode contents
[  220.709635][T10051] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  220.733092][T10051] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.2292: corrupted inode contents
[  220.769192][T10051] EXT4-fs error (device loop3): ext4_truncate:4597: inode #16: comm syz.3.2292: mark_inode_dirty error
[  220.782573][T10051] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  220.811699][T10051] EXT4-fs (loop3): 1 truncate cleaned up
[  220.818196][T10051] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.831480][T10051] ext4 filesystem being mounted at /441/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.867244][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.893103][T10071] loop3: detected capacity change from 0 to 512
[  220.900131][T10071] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  220.915299][   T29] audit: type=1400 audit(1752498651.441:11255): avc:  denied  { setopt } for  pid=10073 comm="syz.2.2300" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  220.939524][T10071] EXT4-fs (loop3): orphan cleanup on readonly fs
[  220.946033][   T29] audit: type=1326 audit(1752498651.461:11256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10073 comm="syz.2.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdaabbe929 code=0x7ffc0000
[  220.946409][T10071] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2299: bg 0: block 248: padding at end of block bitmap is not set
[  220.969726][   T29] audit: type=1326 audit(1752498651.461:11257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10073 comm="syz.2.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdaabbe929 code=0x7ffc0000
[  220.985294][T10071] Quota error (device loop3): write_blk: dquota write failed
[  221.007463][   T29] audit: type=1326 audit(1752498651.461:11258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10073 comm="syz.2.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efdaabbe929 code=0x7ffc0000
[  221.007489][   T29] audit: type=1326 audit(1752498651.461:11259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10073 comm="syz.2.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdaabbe929 code=0x7ffc0000
[  221.014854][T10071] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2299: Failed to acquire dquot type 1
[  221.047860][T10074] lo speed is unknown, defaulting to 1000
[  221.088644][T10071] EXT4-fs (loop3): 1 truncate cleaned up
[  221.095879][T10071] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  221.123935][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.211509][T10074] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  221.265312][T10084] loop2: detected capacity change from 0 to 1024
[  221.273623][T10084] EXT4-fs: Ignoring removed orlov option
[  221.281365][T10084] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.373466][ T9992] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.391865][ T9992] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.401295][T10088] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.412554][ T9992] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.421273][T10088] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.452054][ T9992] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.513927][T10090] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2305'.
[  221.524103][T10090] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.549654][T10090] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.584899][T10093] netlink: 'syz.0.2306': attribute type 10 has an invalid length.
[  221.595040][T10090] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.640975][T10090] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.783478][T10101] loop0: detected capacity change from 0 to 512
[  221.790186][T10101] EXT4-fs: Ignoring removed nobh option
[  221.799990][T10101] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2309: corrupted inode contents
[  221.811942][T10101] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.2309: mark_inode_dirty error
[  221.824335][T10101] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2309: corrupted inode contents
[  221.836361][T10101] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.2309: mark_inode_dirty error
[  221.848987][T10101] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2309: Failed to acquire dquot type 0
[  221.861151][T10101] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2309: corrupted inode contents
[  221.874302][T10101] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.2309: mark_inode_dirty error
[  221.886197][T10101] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2309: corrupted inode contents
[  221.898978][T10101] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2309: mark_inode_dirty error
[  221.910734][T10101] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2309: corrupted inode contents
[  221.923580][T10101] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  221.932306][T10101] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2309: corrupted inode contents
[  221.945299][T10101] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.2309: mark_inode_dirty error
[  221.956633][T10101] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  221.966865][T10101] EXT4-fs (loop0): 1 truncate cleaned up
[  221.972919][T10101] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.985453][T10101] ext4 filesystem being mounted at /439/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.986199][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.020992][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.037317][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.042110][T10107] loop3: detected capacity change from 0 to 2048
[  222.063043][T10107] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.076272][T10109] loop0: detected capacity change from 0 to 1024
[  222.084523][T10109] EXT4-fs: Ignoring removed orlov option
[  222.097312][T10109] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.122942][T10114] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2312'.
[  222.165440][T10119] lo speed is unknown, defaulting to 1000
[  222.185473][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.226765][T10125] netlink: 'syz.1.2317': attribute type 10 has an invalid length.
[  222.236342][T10126] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  222.245053][T10126] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  222.329944][T10135] loop1: detected capacity change from 0 to 512
[  222.339424][T10136] loop2: detected capacity change from 0 to 512
[  222.346389][T10136] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  222.356936][T10135] EXT4-fs: Ignoring removed nobh option
[  222.358276][T10136] EXT4-fs (loop2): orphan cleanup on readonly fs
[  222.369733][T10136] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2318: bg 0: block 248: padding at end of block bitmap is not set
[  222.384538][T10136] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2318: Failed to acquire dquot type 1
[  222.389912][T10135] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.2320: corrupted inode contents
[  222.396330][T10136] EXT4-fs (loop2): 1 truncate cleaned up
[  222.413698][T10135] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #3: comm syz.1.2320: mark_inode_dirty error
[  222.414006][T10136] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  222.426666][T10135] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.2320: corrupted inode contents
[  222.450153][T10135] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.2320: mark_inode_dirty error
[  222.461723][T10135] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2320: Failed to acquire dquot type 0
[  222.473671][T10135] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2320: corrupted inode contents
[  222.485757][T10135] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #16: comm syz.1.2320: mark_inode_dirty error
[  222.497575][T10135] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2320: corrupted inode contents
[  222.509623][T10135] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.2320: mark_inode_dirty error
[  222.521161][T10135] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2320: corrupted inode contents
[  222.533332][T10135] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  222.542104][T10135] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.2320: corrupted inode contents
[  222.554268][T10135] EXT4-fs error (device loop1): ext4_truncate:4597: inode #16: comm syz.1.2320: mark_inode_dirty error
[  222.565691][T10135] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  222.575066][T10135] EXT4-fs (loop1): 1 truncate cleaned up
[  222.581430][T10135] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.594032][T10135] ext4 filesystem being mounted at /441/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  222.625543][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.650150][T10141] loop1: detected capacity change from 0 to 1024
[  222.657059][T10141] EXT4-fs: Ignoring removed orlov option
[  222.664625][T10141] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.855796][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.878010][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.881942][T10145] loop1: detected capacity change from 0 to 1024
[  222.894890][T10145] EXT4-fs: Ignoring removed orlov option
[  222.902953][T10145] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.919715][T10149] loop0: detected capacity change from 0 to 512
[  222.926419][T10149] EXT4-fs: Ignoring removed nobh option
[  222.950243][T10149] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2323: corrupted inode contents
[  222.962208][T10149] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.2323: mark_inode_dirty error
[  222.974368][T10149] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2323: corrupted inode contents
[  222.986336][T10149] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.2323: mark_inode_dirty error
[  222.998558][T10149] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2323: Failed to acquire dquot type 0
[  223.010442][T10149] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2323: corrupted inode contents
[  223.022798][T10149] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.2323: mark_inode_dirty error
[  223.023111][T10153] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.042761][T10153] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.050600][T10149] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2323: corrupted inode contents
[  223.070403][T10149] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2323: mark_inode_dirty error
[  223.082256][T10149] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2323: corrupted inode contents
[  223.094434][T10149] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  223.103738][T10149] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2323: corrupted inode contents
[  223.116091][T10149] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.2323: mark_inode_dirty error
[  223.127781][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.136862][T10149] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  223.146294][T10149] EXT4-fs (loop0): 1 truncate cleaned up
[  223.152350][T10149] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.166051][T10149] ext4 filesystem being mounted at /441/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.191905][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.210314][T10159] loop2: detected capacity change from 0 to 2048
[  223.230872][T10159] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.238407][T10161] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2326'.
[  223.295752][T10167] lo speed is unknown, defaulting to 1000
[  223.336225][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.361402][T10169] loop0: detected capacity change from 0 to 512
[  223.366255][T10171] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2330'.
[  223.368401][T10169] EXT4-fs: Ignoring removed nobh option
[  223.383197][T10171] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.400814][T10169] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2331: corrupted inode contents
[  223.412930][T10169] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.2331: mark_inode_dirty error
[  223.424515][T10169] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.2331: corrupted inode contents
[  223.436076][T10174] netlink: '’': attribute type 10 has an invalid length.
[  223.436781][T10169] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.2331: mark_inode_dirty error
[  223.455087][T10174] bond0: (slave dummy0): Releasing backup interface
[  223.458477][T10169] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2331: Failed to acquire dquot type 0
[  223.474843][T10174] dummy0: entered promiscuous mode
[  223.480083][T10174] dummy0: entered allmulticast mode
[  223.480473][T10169] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2331: corrupted inode contents
[  223.485848][T10174] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  223.498519][T10169] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.2331: mark_inode_dirty error
[  223.506235][T10175] netlink: 'syz.2.2330': attribute type 10 has an invalid length.
[  223.517444][T10174] team0: Failed to send options change via netlink (err -105)
[  223.526306][T10169] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2331: corrupted inode contents
[  223.532632][T10174] team0: Port device dummy0 added
[  223.545716][T10169] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2331: mark_inode_dirty error
[  223.561170][T10169] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2331: corrupted inode contents
[  223.573287][T10169] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  223.576176][T10171] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.582791][T10169] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.2331: corrupted inode contents
[  223.604214][T10169] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.2331: mark_inode_dirty error
[  223.604349][T10175] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  223.615974][T10169] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  223.625437][T10175] dummy0: left promiscuous mode
[  223.634415][T10169] EXT4-fs (loop0): 1 truncate cleaned up
[  223.643831][T10169] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.652704][T10175] dummy0: left allmulticast mode
[  223.659974][T10169] ext4 filesystem being mounted at /445/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.662023][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.690845][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.700138][T10175] team0: Failed to send options change via netlink (err -105)
[  223.706647][T10180] netlink: '’': attribute type 10 has an invalid length.
[  223.707688][T10175] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  223.723952][T10175] team0: Port device dummy0 removed
[  223.731136][T10175] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  223.752223][T10171] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.800043][T10171] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.815006][T10188] netlink: 'syz.0.2336': attribute type 10 has an invalid length.
[  223.865799][T10171] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.878783][T10171] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.891715][T10171] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.903796][T10171] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.977246][T10202] loop3: detected capacity change from 0 to 2048
[  223.980916][T10198] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2339'.
[  224.042871][T10203] loop0: detected capacity change from 0 to 1024
[  224.081112][T10208] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2342'.
[  224.090139][T10208] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2342'.
[  224.112231][T10202] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.127509][T10203] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.224133][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.336901][T10211] loop3: detected capacity change from 0 to 1024
[  224.343647][T10211] EXT4-fs: Ignoring removed orlov option
[  224.351254][T10211] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.451742][T10211] ==================================================================
[  224.459870][T10211] BUG: KCSAN: data-race in filemap_read / filemap_read
[  224.466831][T10211] 
[  224.469156][T10211] write to 0xffff88810431e768 of 8 bytes by task 10214 on cpu 1:
[  224.470507][T10215] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.476862][T10211]  filemap_read+0x974/0xa00
[  224.476895][T10211]  generic_file_read_iter+0x79/0x330
[  224.476923][T10211]  ext4_file_read_iter+0x1cc/0x290
[  224.476941][T10211]  copy_splice_read+0x3c1/0x5f0
[  224.476964][T10211]  splice_direct_to_actor+0x290/0x680
[  224.505199][T10215] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  224.510273][T10211]  do_splice_direct+0xda/0x150
[  224.510300][T10211]  do_sendfile+0x380/0x650
[  224.510318][T10211]  __x64_sys_sendfile64+0x105/0x150
[  224.510334][T10211]  x64_sys_call+0xb39/0x2fb0
[  224.510352][T10211]  do_syscall_64+0xd2/0x200
[  224.541469][T10211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.547362][T10211] 
[  224.549676][T10211] write to 0xffff88810431e768 of 8 bytes by task 10211 on cpu 0:
[  224.557449][T10211]  filemap_read+0x974/0xa00
[  224.561956][T10211]  generic_file_read_iter+0x79/0x330
[  224.567248][T10211]  ext4_file_read_iter+0x1cc/0x290
[  224.572371][T10211]  copy_splice_read+0x3c1/0x5f0
[  224.577221][T10211]  splice_direct_to_actor+0x290/0x680
[  224.582593][T10211]  do_splice_direct+0xda/0x150
[  224.587355][T10211]  do_sendfile+0x380/0x650
[  224.591768][T10211]  __x64_sys_sendfile64+0x105/0x150
[  224.596958][T10211]  x64_sys_call+0xb39/0x2fb0
[  224.601540][T10211]  do_syscall_64+0xd2/0x200
[  224.606030][T10211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.611913][T10211] 
[  224.614225][T10211] value changed: 0x0000000000000223 -> 0x0000000000000224
[  224.621318][T10211] 
[  224.623625][T10211] Reported by Kernel Concurrency Sanitizer on:
[  224.629759][T10211] CPU: 0 UID: 0 PID: 10211 Comm: syz.3.2343 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(voluntary) 
[  224.640509][T10211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  224.650553][T10211] ==================================================================
[  224.718308][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.187522][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.262222][T10090] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.272900][T10090] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.283525][T10090] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  225.294245][T10090] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0