last executing test programs:

8.444072456s ago: executing program 3 (id=1770):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
sendmsg$nl_route(r0, 0x0, 0x0)

8.392630191s ago: executing program 3 (id=1771):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
move_pages(r1, 0x3, &(0x7f0000000180)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil], 0x0, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000002c40)={&(0x7f0000003180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a01080000e0030000000e02000000090001007300803000000000080002400000000214000000110001"], 0x50}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
signalfd4(0xffffffffffffffff, &(0x7f0000000380), 0x8, 0x80000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
socket$pppoe(0x18, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newlink={0xf8, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xb}, [@IFLA_AF_SPEC={0xd8, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET={0x30, 0x2, 0x0, 0x1, {0x2c, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x8, 0xd}, {0x8}]}}, @AF_INET6={0x40, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x14, 0x7, @dev}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_MPLS={0x4}, @AF_INET6={0x4}, @AF_MPLS={0x4}]}]}, 0xf8}}, 0x0)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x0, 0xffffffff, 0x8, 0x11, 0xea, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c58510695231c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f784062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

8.392352191s ago: executing program 3 (id=1772):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x49, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff"], 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x20, &(0x7f0000000340)={&(0x7f0000000240)=""/196, 0xc4, <r0=>0x0, &(0x7f0000000080)=""/32, 0x20}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000400)={'ip6gre0\x00', &(0x7f00000004c0)={'ip6tnl0\x00', <r1=>0x0, 0x29, 0x5, 0xc, 0x101, 0x10, @private1, @private1={0xfc, 0x1, '\x00', 0x1}, 0xa6, 0x706, 0xed78, 0x8f1}})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001", @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008001000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="ffffffffffff00000000000008"], 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
keyctl$set_reqkey_keyring(0xe, 0x5)
request_key(&(0x7f00000000c0)='logon\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='-\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
write(0xffffffffffffffff, &(0x7f0000000600)="5112c56c574712cf5f23c2a1ae00d6809a9bcb6cff7a28682374100d1c5fd14f4fdc52591adae690093d22533ff5bbc85b2cb564d2dd89663ceab0", 0x3b)

8.389690641s ago: executing program 3 (id=1773):
socket$packet(0x11, 0x2, 0x300)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1], 0x0, 0x1, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r4=>0x0})
setsockopt$packet_int(r0, 0x107, 0x7, &(0x7f0000000180)=0x8, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000008c0)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x5, [@enum={0x7, 0x2, 0x0, 0x6, 0x4, [{0xb, 0x2e}, {0x5, 0x81}]}]}, {0x0, [0x30, 0x2e, 0x0]}}, &(0x7f0000000800)=""/125, 0x39, 0x7d, 0x0, 0x5a92, 0x10000, @value}, 0x28)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r3, &(0x7f00000000c0)="3f03fe7f0300120006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)

8.372245903s ago: executing program 3 (id=1774):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x24, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1000, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r5}]}, 0x20}}, 0x0)

8.327567977s ago: executing program 3 (id=1776):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x80080400)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000006c0)={'erspan0\x00', &(0x7f0000000600)={'gretap0\x00', <r1=>0x0, 0x10, 0x7800, 0xfffffff7, 0x6, {{0x1c, 0x4, 0x3, 0x1a, 0x70, 0x67, 0x0, 0xb, 0x2f, 0x0, @remote, @private=0xa010102, {[@generic={0x94, 0x8, "6074037ced21"}, @rr={0x7, 0x13, 0x6a, [@multicast1, @local, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @cipso={0x86, 0x3f, 0x0, [{0x0, 0xa, "1e3e70cbb471ba8a"}, {0x4, 0xf, "661e500905f9c08051355cbdbd"}, {0x0, 0xf, "ad9973272de639cb4077d6096c"}, {0x0, 0xb, "e8b09d594fdae2292d"}, {0x6, 0x3, "d9"}, {0x0, 0x3, 'Z'}]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000780)={'ip6gre0\x00', &(0x7f0000000700)={'syztnl0\x00', r1, 0x4, 0x3c, 0x1, 0xfc37, 0x1, @empty, @empty, 0x20, 0x7800, 0x10, 0x7}})
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000009c0)={'vcan0\x00', <r3=>0x0})
setsockopt$SO_J1939_PROMISC(r2, 0x6b, 0x2, &(0x7f0000000100)=0x1, 0x4)
prctl$PR_SET_SECCOMP(0x37, 0x1, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r3}, 0x18)
sendmsg$can_j1939(r4, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bind$can_j1939(r2, &(0x7f0000001000)={0x1d, r3, 0x0, {0x0, 0x0, 0x4}, 0xff}, 0x18)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r7}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x9403, 0x9a, 0x2e0, 0x2c0, 0x410, 0x3d8, 0x3d8, 0x410, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0xffffffff, 0x1, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@ipv6={@empty, @local, [], [], 'ip6erspan0\x00', 'bridge_slave_1\x00'}, 0x0, 0xd0, 0x130, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@remote}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace', 0x0, 0x0)
r10 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r10])
write$binfmt_script(r10, &(0x7f0000000540)={'#! ', './file0', [{0x20, '\x00'}, {}, {0x20, 'syz0\x00'}, {0x20, 'rpfilter\x00'}, {}], 0xa, "134db26942ad17b4fa28a5fb90a15192204cc087fff9f113aff0865aa5d38b4706988cc36b8bdfa0929dca3cb87dee208d6d32fa40dc9010dca6f8d56093b94e6c31346277fedbc8bb0c49007481bccbef2d7961d2ed00267550d74367bf21f54e880fb6f56e98cd32f3e58cba9047906a4cdebf763cd4d80b8524291894871ed6f8503a44de82be282a38ef7d29017f03c0"}, 0xb1)
r11 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000800)=@generic={&(0x7f00000007c0)='./file0\x00', 0x0, 0x10}, 0x18)
r12 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r13=>0x0})
sendmsg$nl_route(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newlink={0x34, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r13, 0x600}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x2}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d00)={r9, 0xe0, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, &(0x7f0000000a40)=[0x0], &(0x7f0000000a80)=[0x0, 0x0, 0x0, 0x0, 0x0], <r14=>0x0, 0xed, &(0x7f0000000ac0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000b40), &(0x7f0000000b80), 0x8, 0x15, 0x8, 0x8, &(0x7f0000000bc0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0x18, &(0x7f0000000840)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0xbb}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x10}, @map_idx={0x18, 0x6, 0x5, 0x0, 0x1}, @map_val={0x18, 0x4, 0x2, 0x0, r11, 0x0, 0x0, 0x0, 0x8}, @tail_call={{0x18, 0x2, 0x1, 0x0, r9}}, @map_idx={0x18, 0x0, 0x5, 0x0, 0xe}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, @map_val={0x18, 0x6, 0x2, 0x0, r9, 0x0, 0x0, 0x0, 0x3}, @jmp={0x5, 0x1, 0x9, 0x3, 0x9, 0xfffffffffffffff4}]}, &(0x7f0000000900)='syzkaller\x00', 0xf02, 0x0, &(0x7f0000000940), 0x41000, 0x20, '\x00', r13, @fallback=0xf, r9, 0x8, &(0x7f0000000980)={0x6, 0x4}, 0x8, 0x10, 0x0, 0x0, r14, r10, 0x3, &(0x7f0000000d40)=[r9, r10], &(0x7f0000000d80)=[{0x4, 0x8, 0x9, 0x6}, {0x5, 0x3, 0xf, 0x1}, {0x0, 0x3, 0x10, 0x2}], 0x10, 0x26d31516, @void, @value}, 0x94)

7.912026415s ago: executing program 2 (id=1782):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x49, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff"], 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x20, &(0x7f0000000340)={&(0x7f0000000240)=""/196, 0xc4, <r0=>0x0, &(0x7f0000000080)=""/32, 0x20}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000400)={'ip6gre0\x00', &(0x7f00000004c0)={'ip6tnl0\x00', <r1=>0x0, 0x29, 0x5, 0xc, 0x101, 0x10, @private1, @private1={0xfc, 0x1, '\x00', 0x1}, 0xa6, 0x706, 0xed78, 0x8f1}})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001", @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008001000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="ffffffffffff00000000000008"], 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
keyctl$set_reqkey_keyring(0xe, 0x5)
request_key(&(0x7f00000000c0)='logon\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='-\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
write(0xffffffffffffffff, &(0x7f0000000600)="5112c56c574712cf5f23c2a1ae00d6809a9bcb6cff7a28682374100d1c5fd14f4fdc52591adae690093d22533ff5bbc85b2cb564d2dd89663ceab0", 0x3b)

7.837382292s ago: executing program 2 (id=1783):
socket$packet(0x11, 0x2, 0x300)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1], 0x0, 0x1, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r4=>0x0})
setsockopt$packet_int(r0, 0x107, 0x7, &(0x7f0000000180)=0x8, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000008c0)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x5, [@enum={0x7, 0x2, 0x0, 0x6, 0x4, [{0xb, 0x2e}, {0x5, 0x81}]}]}, {0x0, [0x30, 0x2e, 0x0]}}, &(0x7f0000000800)=""/125, 0x39, 0x7d, 0x0, 0x5a92, 0x10000, @value}, 0x28)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r3, &(0x7f00000000c0)="3f03fe7f0300120006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)

7.790610336s ago: executing program 2 (id=1786):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2f, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1e00000000000000050000000600000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000000090000000000000c0320060096ffa1fbe7d27f6cafa07dc8ae48a90f1c9517cb0da343aea758c7ba06c83980f946d0d4b0e25124c481457d83eebf18918c1be78b031dba18034bc2b14afb39fcaa21fd0f14277485f8746f6501426c578843906ea205f875", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f00000000c0), 0x80000075, r2}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r3}, 0x10)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r1}, 0xc)

2.968442668s ago: executing program 0 (id=1849):
syz_clone(0xd5ba2180, 0x0, 0x0, 0x0, 0x0, 0x0)

2.95174245s ago: executing program 0 (id=1850):
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000010000000080007000000000018000180140002006e657464657673696d300000000000000800060000000000080008"], 0x44}}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/pm_debug_messages', 0x100102, 0x0)
sendfile(r2, r2, 0x0, 0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_request}}}}, 0x0)
sendmsg(r5, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

2.932239991s ago: executing program 0 (id=1851):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

2.915972403s ago: executing program 0 (id=1852):
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000010000000080007000000000018000180140002006e657464657673696d300000000000000800060000000000080008"], 0x44}}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/pm_debug_messages', 0x100102, 0x0)
sendfile(r2, r2, 0x0, 0x6)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000040)=[@in={0x2, 0x4e21, @empty}, @in6={0xa, 0x4e20, 0x4, @dev={0xfe, 0x80, '\x00', 0x30}, 0x3}, @in6={0xa, 0x4e23, 0x1000, @dev={0xfe, 0x80, '\x00', 0x2a}, 0xc4}], 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x47)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg(r6, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

2.895617785s ago: executing program 0 (id=1853):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000fd00000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
request_key(&(0x7f0000002280)='asymmetric\x00', &(0x7f0000002200)={'syz', 0x2}, 0x0, 0xffffffffffffffff)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
unshare(0x8020600)
unshare(0x2c020400)

2.003390597s ago: executing program 0 (id=1863):
r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="091b8cfff12c4f48af4dd58038f5f4f798000400", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001d40)={{r3}, &(0x7f0000001cc0), &(0x7f0000001d00)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
creat(0x0, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_GET(r5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r6, 0x0, r7, 0x0, 0xf3a, 0x7)
sendmsg$key(0xffffffffffffffff, 0x0, 0x4000004)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x0, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f0000000680)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000640)={&(0x7f0000000500)={0xcc, r2, 0x4, 0x70bd2b, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x4}, {0x8, 0x13, 0x2}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffff482}, {0x6, 0x11, 0xe8d}, {0x8, 0x13, 0x4}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x2}, {0x8, 0x13, 0xfffffffc}, {0x5, 0x14, 0x1}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4000}, 0x80850)
r8 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01000000000000000000090000003c000380140002007663616e30000000000000000000000014000600ff0500000000000000000000000000010800010001000000080003"], 0x50}}, 0x0)
sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000040)={0x14, r9, 0x100, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20008080}, 0x40040)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000052b7e59f2d2b30101d97800894a337d00", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r8, @ANYBLOB="0100"/28], 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r12}, 0x10)
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x202, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r13, 0x0, 0x20000000}, 0x20)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)

1.958945201s ago: executing program 1 (id=1865):
unshare(0xe000480)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r0, 0x40107446, 0x0)
openat$selinux_checkreqprot(0xffffffffffffff9c, 0x0, 0x181c41, 0x0)

1.86458981s ago: executing program 1 (id=1866):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r1, &(0x7f0000000100)={0x2, 0x0, @remote}, 0x10)
r2 = socket$kcm(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000080)='ip6_vti0\x00', 0x10)
bind$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @broadcast}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x444, &(0x7f0000000ac0)=ANY=[@ANYBLOB="75746638006d61703d6f983c756661703d6e6f726d616c2c6909000000f2ff00003dda5de4d586f0df206d65656b416d6f64653d3078303030303010303071303030303030302c73657373696f6e3d307830faffffff30303030303030f4e4b4f82c6d61736b3d4d4159574b50be30c8486470722677b93165cfe6f62127553b2017754598752d977369672c7063723d303030303030303030303030303030303030332c64566e745f6d6561737572652c00000000000000006bbf4d6406b59dbc529c00000000000000fada265ab14119997600a2299d2c35a2efc1bf037787a0d801f26d335ef2ba9ac2423a358ccbb776b21e1d3b", @ANYRESDEC=0x0, @ANYRES16], 0xfe, 0x674, &(0x7f0000000c00)="$eJzs3V2P21gdx/GfM5lHpAUBWlVVt3O2ZaWpKGmS2c5qVC4wjjPjJYkj24NmrlZlO7OqmulCWyQ6N8vc8CDBG+Bub/aCF4HENde8AS6RVnCHhISCbMdJJnEm6Ty1sN/PqM2J/bfP3z6uTz2JjwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGQ5tXK5YqnhtXZ2zWROLfCbp8xP1zavO2nhztR6JSv+o6UlXUsnXfv2YPbb8V+3dCN9d0NL8cuSjr729jcefKtYyJY/JaGz0Kuu8PnLoycPO539Z2errWudZblLMZaJCjMsteW2vND3mvaWa7zQN5sbG+V72/XQ1L2GG+6Fkds0TuAWIj8wa84dU9ncXDduac/faW3V7IabTfzge9VyecN8uNhr/nsflkJn22s0vNZWEhPPjmMW+0eIazeNOXjc2V+flmQcVJklqDotqFquViuVarWycX/z/gflcnFsQnmExiIGB+2b0/i4BF/XhNPJBZ25gfMrxP3/3yypoSW1tKNdmdwfRzUF8tWcML8n6//fu+eeWu9w/5/18tcGs68r6f9vpu9uTur/J+RiZJIF8uZYE6af7ee5XupIT/RQHXW0r2cXs97Vi8vwcn+2pKLkKZQvT03Z2pIr05titKkNbaisj7StukIZ1eWpIVeh9hQqkqtm0iaBXNmK5CuQ0Zoc3ZFRRZva1LqMXJW0J187amlLNdn6V7fbPdDjZL+vn5KjsqDKLEHF/jE4HjSp///JZ+kSr9b/4/9P/9iZIQZ47bq96//J5vImrl5eRgAAAAAA4KJZyW/freSz+3ckdVX3Gm75dacFAAAAAAAuUPLJ/434ZT4uvSNrwvV/9+pzAwAAAAAAF8NK7rGzJK0kX+q3BndCzfIlgNybAwAAAAAAwJsl+fz/5oLUTYZWW5X1Stf/AAAAAADgf8BvhsbYL2Zj7Hazj/ULksL2ovWnfywqmLeO27vfsQ7teI592IsZ+wZAVL9uFZUO1JuM17sgKXnnuDes3vjAvUEwrXRgX+nLg2lj/VvBSAILc9mvL3ISeOtoKIGNYu+dfqd305h3e/U+OioomZPWslL3Gm7J8RsPKrLttwqRuxv9/OnjX0hBfzsPHnf2Sx9/2nmU5HIcTzo+jPP47EQ6hWm5vEjGW0juucjb4mXVsyp/22quWEm95Wz752QfFoYrmm37f6VbacytlfR15ShrAVm/7BUqpaTJBlufjA5hDbKojG55XkNMyGIpyeJ2GnN77Xb6kuWXtsLSd+ekamm8DYLhLKrDWUzfF9Y/x/bFlCziY2E9zuLP8YomZLH+almMtQgAvC4Hg14oGcR8fIz90X73LGe56b37D07W8uIP3fSGwzmp2PtsIr0JcVK/oviMvpaGLaSjuBev55zRy71+ZUkTzujlc/RucV1/HDwDqZd2b06xn8W/u93ug0pS7+9HetXP4wU+n1hv2KjOxbvw3ovDnyYD4Mc+2f9k/2m1ur5Rfr9cvl/VfLIZvRf6HgBAjunP2DkZsTToz/p99/v9q+pHf38vLZ3od7/Z/0pBSR/rU3X0SHezRwis5te7MvQ1hLvjV61x7LI0GlvR3YlXdUlfOhRb7cfOK1vk5P8XBrHrl90MAABcqVtT+uHR/j/v2v1udt29dj33uvtkXz76hOBJsZUr3hMAAHx1uMGX1kr0aysIvPZHlc3Nih1tuybwnR+ZwKttucZrRW7gbNutLde0Az/yHb9h2oEWvZobmnCn3faDyNT9wLT90NtNnvxueo9+D92m3Yo8J2w3XDt0jeO3ItuJTM0LHdPe+WHDC7fdIFk4bLuOV/ccO/L8lgn9ZTluyZjQdYcCvZrbiry6Fxdbph14TTvYMz/2GztN19Tc0Am8duSnK8zq8lp1P2gmqy2pe9qDDgEA+Mp4/vLoycNOZ//ZKYVjpYXs+2inBC/krfA1byIAABhBLw0AAAAAAAAAAAAAAAAAAAAAwJtvlvv/Ti1kNwVmU+aVEyz1p/zsrZnWbGkw5Yu/nivDfmFZswYXRqf0RtrtTl/8L2mhmBezHBcWJHWy3T8cc3zuDRwurM4UrLRQvKBKhwrLUt6RcGmF7x+cPA7HYuKZubMW+21RPP8/h7zC0y8mzJp+RC2e3IcL/zllA08WipKeLZyjCa7+XATgav03AAD//+QsPRw=")
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)

1.75142215s ago: executing program 1 (id=1867):
r0 = socket(0x28, 0x5, 0x0)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
listen(r1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080), 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000000100), 0x0, 0x0)
r4 = accept4$unix(r1, 0x0, 0x0, 0x0)
recvfrom$unix(r4, &(0x7f0000000180)=""/235, 0x1ffd4, 0x0, 0x0, 0x0)

1.145189855s ago: executing program 4 (id=1873):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$kcm(0x15, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000580)={&(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000002000000000000000000000000000000001c0a5c7ac822dafdfa0e051e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x3b, &(0x7f00000004c0)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_setup(0x2736, &(0x7f00000003c0)={0x0, 0x0, 0x1, 0x8000000}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000480))
syz_io_uring_submit(r4, r3, &(0x7f0000000300)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0})
io_uring_enter(r2, 0x306f, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00'}, 0x10)

1.09534107s ago: executing program 4 (id=1874):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x800700, &(0x7f0000000880)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@sysvgroups}, {@usrjquota}]}, 0x3, 0x467, &(0x7f0000002280)="$eJzs3M9rHFUcAPDvzCb93SbWKrRWjRYx+CNp0qo9eFEUPFQU9FCPcZOW0m0jTQRbio0i9SJIQc/iUfAv8OZF1JPgVe9SKBqEVk+R2Z1JN9vdZNNsdmv384Fp39t5M/O+O+/tvJm3mwD61kj2TxKxKyJ+i4ihWnZlgZHafzcXL5X/WbxUTmJp6a0/k2q5G4uXykXRYrudeWY0jUg/SfKDxNb63c5duHhmqlKZOZ/nx+fPvjc+d+His6fPTp2aOTVzbvLYsaNHJl54fvK5tuJI1lifxXXjwIezB/e/9s7V18snrr7707fZNrvy9fVxdMpIFvhfS1WN657o9MF6bHddOhnoYUVYl1JEZKdrsNr/h6IUt07eULz6cU8rB2yq7Nq0tfXqhSXgHpbE2mX+7kZFgC4rLvTZ/W+xdGnocVe4/lLtBiiL+2a+1NYMRJqXGWy4v+2kkYg4sfDvV9kSm/QcAgCg3mflL4/HM83Gf2k8WFduTz6HMhwR90XE3oi4PyL2RcQDEVnZxiFlW0Ya8rePf9JrdxhaW7Lx34v53NbK8V8x+ovhUp7bXY1/MDl5ujJzOH9PRmNwa5afWOUY37/y6+et1tWP/7IlO34xFszrcW2g4QHd9NT8VHVQ2gHXP4o4MNAs/mR5JiCJiP0RcWB9u95TJE4/9c3B7QebF1o7/lV0YJ5p6euIJ2vnfyEa4i8kq89Pjm+Lyszh8aJV3O7nX6682er4LeLfsvHI2pOd/x0r239jkeGkfr52bv3HuPL7py3vae60/W9J3q6el+KN+mBqfv78RMSW5Hg1v+L1yVvbFvmifBb/6KHm/X9vvk12nIciImvCD0fEIxHxaF73xyLi8Yg4tEr8P76cJ5q01w21/w7I4p9u+vm33P4bzv/6E6UzP3xX7GzbuuPPzv/Ramo0f6X6+beGdiu40fcPAAAA/g/S6nfgk3RsOZ2mY2O17/Dvix1pZXZu/umTs++fm659V344BtPiSddQ3fPQiWQh32MtP5k/Ky7WH8mfG39R2l7Nj5VnK9M9jh363c4W/T/zR6nXtQM2XbN5tMmuTUEBvdTY/9OV2ctvdLMyQFf5vTb0rzX6f9qtegDd5/oP/atZ/7/ckDcXAPcm13/oX/o/9C/9H/qX/g99aSO/65fo50Sklcr0tojVCxd/EOjuqLNE+4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xn8BAAD///xQ9VA=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
setxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0\x00', &(0x7f0000000240), &(0x7f0000000880)=ANY=[], 0xff27, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)

982.75647ms ago: executing program 4 (id=1875):
r0 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000000)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000880)={0xc, 0x8, 0xfa00, {&(0x7f0000002200)}}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000d40)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @local}}}, 0x48)

852.870002ms ago: executing program 1 (id=1876):
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000010000000080007000000000018000180140002006e657464657673696d300000000000000800060000000000080008"], 0x44}}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/pm_debug_messages', 0x100102, 0x0)
sendfile(r2, r2, 0x0, 0x6)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000040)=[@in={0x2, 0x4e21, @empty}, @in6={0xa, 0x4e20, 0x4, @dev={0xfe, 0x80, '\x00', 0x30}, 0x3}, @in6={0xa, 0x4e23, 0x1000, @dev={0xfe, 0x80, '\x00', 0x2a}, 0xc4}], 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x47)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr=0x64010101, @local}, @time_exceeded={0x80, 0x0, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @loopback}}}}}}, 0x0)
r5 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_request}}}}, 0x0)
sendmsg(r5, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

851.750952ms ago: executing program 1 (id=1877):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000f6ff850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x508, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x568)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'veth0_vlan\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), r2)
sendmsg$TIPC_NL_NODE_GET(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000c00)={0x2c4, r4, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x64, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xccba}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x36ac}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8001}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}]}, @TIPC_NLA_BEARER={0xb0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x482}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6c1d}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}]}, @TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x101}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x800}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2e2e}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_MEDIA={0xe4, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xbd}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa9d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7018}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff9f66}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x18a}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}]}]}, 0x2c4}, 0x1, 0x0, 0x0, 0x8844}, 0x0)
unshare(0x62040200)
r5 = gettid()
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r3, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r5], 0x28}}, 0x0)

736.052113ms ago: executing program 1 (id=1878):
r0 = open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000080000000000000000000018110000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0100000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000f5000000000000000041eb26a6318f03f7554b5ad429ce3ba68be21446de14fe2edc0df97367b7bce505667164290da714b5f0c1ce6ce6e7255724647753cb430b4e5ef382f9528bc22402156e02aafba87858f571ce0ec05b77d94d8b0260aa17de46fa65e75f499fe4a68d5d3ea963393b904384b14388b47f851adb0f35f5f7cf6335763ca640f8198effe373892f8fb18d97a6471adff3779ddb666b982fcc9de15fd3d4f10fa37651dd652bfc1cde6968e3f2", @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000180)=ANY=[@ANYRES8=r3, @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000edff7a8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085006c7f3f0448cde29befa17987377d2d3e7b6db0fd1947dffe6c371979d5f3f24e430a0424a7326c", @ANYRES64=r1, @ANYRESDEC=r3, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000080)=@gcm_128={{0x304}, "64a10954381ba5ca", "5b1fc14e01f58b345d2b586782b283bd", "688f376b", "9b62ebdfe88499df"}, 0x28)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x5, 0x10012, 0xffffffffffffffff, 0x0)
r5 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x0)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000340)={0x2a, 0x0, 0x4001}, 0xc)
ioctl$USBDEVFS_CONNECTINFO(r6, 0x5452, &(0x7f0000000000))
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000000000)=<r8=>0x0)
r9 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
readv(r9, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
timer_settime(r8, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000010043da0027000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r10}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, 0xffffffffffffffff, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
write$RDMA_USER_CM_CMD_GET_EVENT(r5, &(0x7f0000000880)={0xc, 0x8, 0xfa00, {&(0x7f0000002200)}}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000d00)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000cc0)={<r11=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000d40)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @local}, r11}}, 0x48)
r12 = socket$inet_icmp(0x2, 0x2, 0x1)
bind$inet(r12, &(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
pipe2$9p(&(0x7f0000000240), 0x0)
epoll_create1(0x0)
epoll_create1(0x0)

215.915921ms ago: executing program 2 (id=1879):
unshare(0xe000480)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000240)='xdp_devmap_xmit\x00', r0}, 0x18)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xc804, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8102033200fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r4, 0x40107446, 0x0)
openat$selinux_checkreqprot(0xffffffffffffff9c, 0x0, 0x181c41, 0x0)

182.491814ms ago: executing program 2 (id=1880):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c9000009000000014f0c00", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000f00)={&(0x7f0000000a00)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000e00)=[{&(0x7f0000000a40)="36461a", 0x3}, {&(0x7f0000000a80)="406a62f85996ab0640ecf75b8dd13b344e7dad2849bd064ac9377bb3c039bf8269356d1c443ca94ad0f910e2b2735474a17fc6371a53988246902fb8b046bde38c1ec68f374f4a206d735b23f4383180833e12defd6f3ee9324f14d03b55655920bd9e68bedd72b531be4d686ad98864cbeda9cef21bb7021a995b24c2a88bdf1c0f3e22a9b284554a090a081a184084116296054bac8583764abf308020551ed21320ecb1eeab7f1c08913cde9e7f99e1536b0d2a3d50ae6cf8043b4eb02e89e704f2f50c63c7950bae63f992145aea46c8e44eca0c578a37", 0xd9}, {&(0x7f0000000b80)="81c9", 0x2}, {&(0x7f0000000bc0)}, {&(0x7f0000000c00)="724b8c3691b5f2", 0x7}, {&(0x7f0000000c40)="a0069d6670d64217a1528f314d38ccf10c8e1cd1bb3003da09f6b3001b561c2390a29dac7a8f1c602ea13e683676", 0x2e}, {&(0x7f0000000c80)="db3e010c5638af92dd6354fb68f6bb8d58a0a192d80aee31ceb3fe6285dc4a9692bb585e3aaec6f6f88cf1723cd40b23e040596ef41c303c791b3fe88ce8b66fd9afe8e6cf9d7f5c9f070778e1d1a041e1aaf00db269ef15e64c7d64f04a81d98a76914a9bef7625fa379cc62a325c318799b7b4ded3a82935f7d137b6de549bfc47808900e5e980629baccb88e9af0ae6afb8cf8fe6dece7301580877393f8584b4acab20f9ffb0333ef2fe252921dbc940e90c6dc12155f0279d81", 0xbc}, {&(0x7f0000000d40)="1917d285c709c5f2a43bf2fe83d1c2abeed798c073d701c98f97eb6b340cd82af56216bf47a67b4c62b940fd94bcbd03172141213418a585ea337a5e2a00caf0244370e06cdbc86b6d007b63089c5e6551720c7e1052e1a588c837f1db5ec9257fb94f2ef70df3b66cdc8dcce6e18d39a6f492c4126ff0446140fbc3388c2abbe5644ba351c78ac8367c66", 0x8b}], 0x8, &(0x7f0000000e80)=[@ip_retopts={{0x54, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x44, 0xeb, 0x3, 0x0, [{@loopback, 0x7}, {@empty, 0x2}, {@rand_addr=0x64010101, 0x7}, {@local}, {@remote, 0xffffffff}, {@rand_addr=0x64010100, 0x4}, {@empty, 0x3}, {@empty, 0x5}]}]}}}], 0x58}, 0x20040080)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f0000000880)=ANY=[@ANYBLOB="85000000130000005d0000000000000095000000000000000a621cf434b9eaafdc2a00e9bfde908990817b364e51afe9c8dab05b16a6437211f9f0570759f1cae63487ff68fffffffffffe8e3932e2b75a25a4cf8a9456aa8a701c318c67edb6e9330b53c0eeba8644311ba7541189070000f50c000000d8e5b1dc91c5499be2097784a94b6cc2d272ac751d8bce5db4862c1b2eab7007ceea158dbc329bab5f8450147b2b9629fdd6cdb5507d3a76dbaf6f93d161caa513f8aa41f795507856ea0015166c56ea0103220ed5a66834be086ef206a8606b04fc8462cbbe8233f381b4eefbdbdac708c1f4959cb6c008397006da8e243ec9fb19f3fab2b0f46d73a9f2d7c674cdbe4d7f76f5fbd05043e81f435fccf5063a93aa9b4c7f68670594"], &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffd}, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2000000, 0x12, 0x0, &(0x7f0000000380)="263abd030e98ff4dc870bd6688a8640888a8", 0x0, 0x1200, 0x300}, 0x28)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0x1000}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000140), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f00000000c0)=@ccm_128={{0x304}, '\x00', "15ce0457497df05a6d2fdb8d0f302c82", "36a38b8f", "a3fcdcf2f741031e"}, 0x28)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x11a, 0x4, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000740), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a84000000060a09040000000000000000020000055800048010000180090001006c6173740000000010000180090001006d6173710000000024000180090001006861736800000000140002800800074000000000080006400000000910000180090001007866726d000000000900010073797a30000000000900020073797a32"], 0xc0}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r5, &(0x7f00000000c0), 0xfffffff4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x9)
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)

115.9737ms ago: executing program 4 (id=1881):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x3}, 0x18)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x64b11f98, 0x3, 0x1}})

85.698403ms ago: executing program 4 (id=1882):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x800700, &(0x7f0000000880)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@sysvgroups}, {@usrjquota}]}, 0x3, 0x467, &(0x7f0000002280)="$eJzs3M9rHFUcAPDvzCb93SbWKrRWjRYx+CNp0qo9eFEUPFQU9FCPcZOW0m0jTQRbio0i9SJIQc/iUfAv8OZF1JPgVe9SKBqEVk+R2Z1JN9vdZNNsdmv384Fp39t5M/O+O+/tvJm3mwD61kj2TxKxKyJ+i4ihWnZlgZHafzcXL5X/WbxUTmJp6a0/k2q5G4uXykXRYrudeWY0jUg/SfKDxNb63c5duHhmqlKZOZ/nx+fPvjc+d+His6fPTp2aOTVzbvLYsaNHJl54fvK5tuJI1lifxXXjwIezB/e/9s7V18snrr7707fZNrvy9fVxdMpIFvhfS1WN657o9MF6bHddOhnoYUVYl1JEZKdrsNr/h6IUt07eULz6cU8rB2yq7Nq0tfXqhSXgHpbE2mX+7kZFgC4rLvTZ/W+xdGnocVe4/lLtBiiL+2a+1NYMRJqXGWy4v+2kkYg4sfDvV9kSm/QcAgCg3mflL4/HM83Gf2k8WFduTz6HMhwR90XE3oi4PyL2RcQDEVnZxiFlW0Ya8rePf9JrdxhaW7Lx34v53NbK8V8x+ovhUp7bXY1/MDl5ujJzOH9PRmNwa5afWOUY37/y6+et1tWP/7IlO34xFszrcW2g4QHd9NT8VHVQ2gHXP4o4MNAs/mR5JiCJiP0RcWB9u95TJE4/9c3B7QebF1o7/lV0YJ5p6euIJ2vnfyEa4i8kq89Pjm+Lyszh8aJV3O7nX6682er4LeLfsvHI2pOd/x0r239jkeGkfr52bv3HuPL7py3vae60/W9J3q6el+KN+mBqfv78RMSW5Hg1v+L1yVvbFvmifBb/6KHm/X9vvk12nIciImvCD0fEIxHxaF73xyLi8Yg4tEr8P76cJ5q01w21/w7I4p9u+vm33P4bzv/6E6UzP3xX7GzbuuPPzv/Ramo0f6X6+beGdiu40fcPAAAA/g/S6nfgk3RsOZ2mY2O17/Dvix1pZXZu/umTs++fm659V344BtPiSddQ3fPQiWQh32MtP5k/Ky7WH8mfG39R2l7Nj5VnK9M9jh363c4W/T/zR6nXtQM2XbN5tMmuTUEBvdTY/9OV2ctvdLMyQFf5vTb0rzX6f9qtegDd5/oP/atZ/7/ckDcXAPcm13/oX/o/9C/9H/qX/g99aSO/65fo50Sklcr0tojVCxd/EOjuqLNE+4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xn8BAAD///xQ9VA=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
setxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0\x00', &(0x7f0000000240), &(0x7f0000000880)=ANY=[], 0xff27, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)

18.883329ms ago: executing program 2 (id=1883):
r0 = open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0100000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000f5000000000000000041eb26a6318f03f7554b5ad429ce3ba68be21446de14fe2edc0df97367b7bce505667164290da714b5f0c1ce6ce6e7255724647753cb430b4e5ef382f9528bc22402156e02aafba87858f571ce0ec05b77d94d8b0260aa17de46fa65e75f499fe4a68d5d3ea963393b904384b14388b47f851adb0f35f5f7cf6335763ca640f8198effe373892f8fb18d97a6471adff3779ddb666b982fcc9de15fd3d4f10fa37651dd652bfc1cde6968e3f285dbc122a1750166a515f09f0ec249f73340ccf2b9566c1327e1bf", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000180)=ANY=[@ANYRES8=r1, @ANYRES32, @ANYBLOB="0000000000000000b70800000000edff7a8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085006c7f3f0448cde29befa17987377d2d3e7b6db0fd1947dffe6c371979d5f3f24e430a0424a7326cbfaa60e6494e40e8e095e7fefd3ed9d0abb80200000053b903a721a10c9016ed", @ANYRES64, @ANYRESDEC=r1, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000080)=@gcm_128={{0x304}, "64a10954381ba5ca", "5b1fc14e01f58b345d2b586782b283bd", "688f376b", "9b62ebdfe88499df"}, 0x28)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x5, 0x10012, 0xffffffffffffffff, 0x0)
r3 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x0)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000340)={0x2a, 0x0, 0x4001}, 0xc)
ioctl$USBDEVFS_CONNECTINFO(r4, 0x5452, &(0x7f0000000000))
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000000000)=<r6=>0x0)
r7 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
readv(r7, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
timer_settime(r6, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000010043da0027000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r8}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, 0xffffffffffffffff, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
write$RDMA_USER_CM_CMD_GET_EVENT(r3, &(0x7f0000000880)={0xc, 0x8, 0xfa00, {&(0x7f0000002200)}}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000d00)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000cc0)={<r9=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000d40)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @local}, r9}}, 0x48)
socket$inet_icmp(0x2, 0x2, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000000240), 0x0)
epoll_create1(0x0)
epoll_create1(0x0)

0s ago: executing program 4 (id=1884):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000fd00000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
request_key(&(0x7f0000002280)='asymmetric\x00', &(0x7f0000002200)={'syz', 0x2}, 0x0, 0xffffffffffffffff)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
unshare(0x8020600)
unshare(0x2c020400)

kernel console output (not intermixed with test programs):

ntries 1, max 4(4), depth 2048(2048)
[   95.581948][ T6387] EXT4-fs error (device loop1): ext4_quota_enable:7025: comm syz.1.1010: Bad quota inode: 3, type: 0
[   95.601639][ T6387] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   95.617845][ T6387] EXT4-fs (loop1): mount failed
[   95.630280][ T6387] netlink: 'syz.1.1010': attribute type 12 has an invalid length.
[   95.649029][ T6387] netlink: 'syz.1.1010': attribute type 27 has an invalid length.
[   95.668976][ T6399] loop3: detected capacity change from 0 to 128
[   95.700429][ T6387] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.707871][ T6387] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.725750][ T6399] syz.3.1014: attempt to access beyond end of device
[   95.725750][ T6399] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   95.739369][ T6399] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   95.798445][ T6387] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   95.821394][ T6387] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   95.889471][ T6387] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.898495][ T6387] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.907467][ T6387] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.916411][ T6387] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.933883][ T6400] netlink: 'syz.1.1010': attribute type 2 has an invalid length.
[   95.987913][    T9] usb usb6-port1: unable to enumerate USB device
[   96.259764][ T6413] loop2: detected capacity change from 0 to 512
[   96.278871][ T6413] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1018: corrupted in-inode xattr: invalid ea_ino
[   96.292601][ T6413] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1018: couldn't read orphan inode 15 (err -117)
[   96.310820][ T6413] netem: unknown loss type 5
[   96.315458][ T6413] netem: change failed
[   96.328807][ T6413] EXT4-fs error (device loop2): ext4_find_dest_de:2067: inode #2: block 13: comm syz.2.1018: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[   96.836666][ T6424] vxcan0: tx drop: invalid da for name 0x0000000000000015
[   96.846596][ T6421] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[   96.853240][ T6421] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   96.860926][ T6421] vhci_hcd vhci_hcd.0: Device attached
[   96.883705][ T6425] vhci_hcd: connection closed
[   96.883994][   T11] vhci_hcd: stop threads
[   96.893153][   T11] vhci_hcd: release socket
[   96.897720][   T11] vhci_hcd: disconnect device
[   96.942480][ T6436] loop1: detected capacity change from 0 to 512
[   96.951152][ T6436] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1026: corrupted in-inode xattr: invalid ea_ino
[   96.965624][ T6436] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1026: couldn't read orphan inode 15 (err -117)
[   96.982920][ T6436] netem: unknown loss type 5
[   96.987549][ T6436] netem: change failed
[   97.000272][ T6436] EXT4-fs error (device loop1): ext4_find_dest_de:2067: inode #2: block 13: comm syz.1.1026: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[   97.044611][ T6440] loop1: detected capacity change from 0 to 128
[   97.081273][ T6440] syz.1.1027: attempt to access beyond end of device
[   97.081273][ T6440] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[   97.094985][ T6440] Buffer I/O error on dev loop1, logical block 128, lost async page write
[   97.175967][ T6449] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6449 comm=syz.3.1030
[   97.206476][   T29] kauditd_printk_skb: 98 callbacks suppressed
[   97.206495][   T29] audit: type=1400 audit(1726815028.432:2516): avc:  denied  { mount } for  pid=6445 comm="syz.4.1031" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   97.247152][   T29] audit: type=1400 audit(1726815028.472:2517): avc:  denied  { write } for  pid=6445 comm="syz.4.1031" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   97.268730][   T29] audit: type=1400 audit(1726815028.472:2518): avc:  denied  { add_name } for  pid=6445 comm="syz.4.1031" name="pids.current" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   97.290186][   T29] audit: type=1400 audit(1726815028.472:2519): avc:  denied  { associate } for  pid=6445 comm="syz.4.1031" name="pids.current" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   97.314328][   T29] audit: type=1400 audit(1726815028.472:2520): avc:  denied  { unmount } for  pid=3261 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   97.392443][   T29] audit: type=1400 audit(1726815028.622:2521): avc:  denied  { connect } for  pid=6462 comm="syz.3.1036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   97.456112][   T29] audit: type=1400 audit(1726815028.682:2522): avc:  denied  { mounton } for  pid=6462 comm="syz.3.1036" path="/proc/641/task" dev="proc" ino=16386 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   97.459461][ T6463] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 262144 (only 8 groups)
[   97.592335][ T6470] siw: device registration error -23
[   97.609462][ T6467] loop2: detected capacity change from 0 to 164
[   97.615936][ T6467] iso9660: Unknown parameter 'còuft'
[   97.621427][   T29] audit: type=1400 audit(1726815028.842:2523): avc:  denied  { listen } for  pid=6466 comm="syz.2.1039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   97.680068][ T6467] syz.2.1039[6467] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   97.680135][ T6467] syz.2.1039[6467] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   97.763613][   T29] audit: type=1400 audit(1726815028.992:2524): avc:  denied  { ioctl } for  pid=6479 comm="syz.3.1043" path="socket:[15949]" dev="sockfs" ino=15949 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   98.054412][   T29] audit: type=1400 audit(1726815029.282:2525): avc:  denied  { write } for  pid=6487 comm="syz.1.1044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   98.232095][ T6498] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1046'.
[   98.254021][ T6503] loop3: detected capacity change from 0 to 512
[   98.267273][ T6503] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1049: corrupted in-inode xattr: invalid ea_ino
[   98.283723][ T6503] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1049: couldn't read orphan inode 15 (err -117)
[   98.296249][ T6503] EXT4-fs mount: 32 callbacks suppressed
[   98.296321][ T6503] EXT4-fs (loop3): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.342816][ T6503] netem: unknown loss type 5
[   98.347507][ T6503] netem: change failed
[   98.370323][ T6476] chnl_net:caif_netlink_parms(): no params data found
[   98.401233][   T58] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.418466][ T3265] EXT4-fs (loop3): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[   98.441621][   T58] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.469246][ T6513] loop1: detected capacity change from 0 to 512
[   98.514726][ T6513] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.572150][   T58] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.596389][ T6513] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.681770][ T6526] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.1051: Directory hole found for htree leaf block 0
[   98.721450][   T58] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.747900][ T5902] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.757805][ T6476] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.765055][ T6476] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.774497][ T6476] bridge_slave_0: entered allmulticast mode
[   98.781589][ T6476] bridge_slave_0: entered promiscuous mode
[   98.790460][ T6476] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.797540][ T6476] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.805813][ T6476] bridge_slave_1: entered allmulticast mode
[   98.828129][ T6476] bridge_slave_1: entered promiscuous mode
[   98.899788][ T6476] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.913278][   T58] bridge_slave_1: left allmulticast mode
[   98.918980][   T58] bridge_slave_1: left promiscuous mode
[   98.924868][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.967163][   T58] bridge_slave_0: left allmulticast mode
[   98.973003][   T58] bridge_slave_0: left promiscuous mode
[   98.978667][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.988634][ T6530] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   99.013537][ T6530] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.343426][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   99.354720][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   99.364718][   T58] bond0 (unregistering): Released all slaves
[   99.373888][ T6476] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   99.398062][ T6542] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1061'.
[   99.409810][   T58] hsr_slave_0: left promiscuous mode
[   99.438867][   T58] hsr_slave_1: left promiscuous mode
[   99.444976][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.452426][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.465341][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.473131][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.484455][   T58] veth1_macvtap: left promiscuous mode
[   99.490017][   T58] veth0_macvtap: left promiscuous mode
[   99.678378][   T58] team0 (unregistering): Port device team_slave_1 removed
[   99.694679][   T58] team0 (unregistering): Port device team_slave_0 removed
[   99.742107][ T6557] Cannot find set identified by id 0 to match
[   99.805201][ T6476] team0: Port device team_slave_0 added
[   99.821224][ T6476] team0: Port device team_slave_1 added
[   99.838364][ T6476] batman_adv: batadv0: Adding interface: batadv_slave_0
[   99.845403][ T6476] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   99.871613][ T6476] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   99.885723][ T6476] batman_adv: batadv0: Adding interface: batadv_slave_1
[   99.892778][ T6476] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   99.918932][ T6476] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   99.933074][ T6565] netlink: 'syz.3.1068': attribute type 10 has an invalid length.
[   99.949254][ T6565] veth0_macvtap: left promiscuous mode
[   99.957671][ T6565] veth0_macvtap: entered promiscuous mode
[   99.964847][ T6565] team0: Device macvtap0 failed to register rx_handler
[   99.973713][ T6565] veth0_macvtap: left promiscuous mode
[  100.012064][ T6476] hsr_slave_0: entered promiscuous mode
[  100.018804][ T6476] hsr_slave_1: entered promiscuous mode
[  100.025376][ T6476] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  100.033175][ T6476] Cannot create hsr debugfs directory
[  100.165205][ T6574] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1071'.
[  100.174250][ T6574] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1071'.
[  100.186086][ T6574] 9pnet_fd: Insufficient options for proto=fd
[  100.219641][ T6578] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.1072' sets config #0
[  100.233146][ T6578] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1072'.
[  100.264803][ T6580] pim6reg: entered allmulticast mode
[  100.273656][ T6580] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  100.282928][ T6580] pim6reg: left allmulticast mode
[  100.349952][ T6579] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  100.365855][ T6476] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  100.386021][ T6476] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  100.400044][ T6582] loop3: detected capacity change from 0 to 512
[  100.408358][ T6476] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  100.417280][ T6476] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  100.425825][ T6582] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1074: corrupted in-inode xattr: invalid ea_ino
[  100.445086][ T6582] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1074: couldn't read orphan inode 15 (err -117)
[  100.475183][ T6582] EXT4-fs (loop3): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.500027][ T6476] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.514782][ T6476] 8021q: adding VLAN 0 to HW filter on device team0
[  100.530414][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.537534][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.559052][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.566182][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.576028][ T3265] EXT4-fs (loop3): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  100.639549][ T6588] loop3: detected capacity change from 0 to 1024
[  100.665330][ T6591] loop1: detected capacity change from 0 to 1024
[  100.677974][ T6588] EXT4-fs: Ignoring removed nomblk_io_submit option
[  100.699015][ T6591] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.722370][ T6476] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.737633][ T6588] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854e01c, mo2=0003]
[  100.745851][ T6588] System zones: 0-1, 3-36
[  100.768586][ T6588] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.837914][ T6591] tipc: Started in network mode
[  100.842857][ T6591] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  100.851855][ T6591] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  100.932833][ T6476] veth0_vlan: entered promiscuous mode
[  100.947521][ T6476] veth1_vlan: entered promiscuous mode
[  100.955381][ T5902] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.963733][ T6476] veth0_macvtap: entered promiscuous mode
[  100.975193][ T6476] veth1_macvtap: entered promiscuous mode
[  100.988977][ T6476] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.999589][ T6476] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.015752][ T6476] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.026581][ T6476] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  101.037075][ T6476] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.046983][ T6476] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  101.057509][ T6476] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.067395][ T6476] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  101.077973][ T6476] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.089263][ T6476] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.097971][ T6476] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.106780][ T6476] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.115589][ T6476] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.124417][ T6476] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.228816][ T6610] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6610 comm=syz.0.1040
[  101.339753][ T6610] veth0_vlan: left promiscuous mode
[  101.346779][ T6610] veth0_vlan: entered promiscuous mode
[  101.548265][ T3265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.615837][ T6626] syz.0.1084: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  101.630439][ T6626] CPU: 1 UID: 0 PID: 6626 Comm: syz.0.1084 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0
[  101.638312][ T6627] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1082'.
[  101.640780][ T6626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  101.640799][ T6626] Call Trace:
[  101.649841][ T6627] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1082'.
[  101.659767][ T6626]  <TASK>
[  101.675041][ T6626]  dump_stack_lvl+0xf2/0x150
[  101.679743][ T6626]  dump_stack+0x15/0x20
[  101.683971][ T6626]  warn_alloc+0x145/0x1b0
[  101.688365][ T6626]  ? __vmalloc_node_range_noprof+0x88/0xec0
[  101.694290][ T6626]  ? ctx_sched_in+0x389/0x3b0
[  101.699033][ T6626]  __vmalloc_node_range_noprof+0xaa/0xec0
[  101.704906][ T6626]  ? __rcu_read_unlock+0x4e/0x70
[  101.710008][ T6626]  ? __perf_event_task_sched_in+0x9ac/0xa10
[  101.715932][ T6626]  ? save_fpregs_to_fpstate+0x102/0x160
[  101.721555][ T6626]  ? xskq_create+0x36/0xd0
[  101.726014][ T6626]  vmalloc_user_noprof+0x59/0x70
[  101.730972][ T6626]  ? xskq_create+0x79/0xd0
[  101.735465][ T6626]  xskq_create+0x79/0xd0
[  101.739773][ T6626]  xsk_init_queue+0x82/0xd0
[  101.744303][ T6626]  xsk_setsockopt+0x409/0x520
[  101.749017][ T6626]  ? __pfx_xsk_setsockopt+0x10/0x10
[  101.754357][ T6626]  __sys_setsockopt+0x1cc/0x240
[  101.759366][ T6626]  __x64_sys_setsockopt+0x66/0x80
[  101.764427][ T6626]  x64_sys_call+0x278d/0x2d60
[  101.769127][ T6626]  do_syscall_64+0xc9/0x1c0
[  101.773652][ T6626]  ? clear_bhb_loop+0x55/0xb0
[  101.778446][ T6626]  ? clear_bhb_loop+0x55/0xb0
[  101.783202][ T6626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.789221][ T6626] RIP: 0033:0x7f9e6a05def9
[  101.793668][ T6626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.813499][ T6626] RSP: 002b:00007f9e68cd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  101.816077][ T6630] loop3: detected capacity change from 0 to 512
[  101.821948][ T6626] RAX: ffffffffffffffda RBX: 00007f9e6a215f80 RCX: 00007f9e6a05def9
[  101.821969][ T6626] RDX: 0000000000000002 RSI: 000000000000011b RDI: 000000000000000c
[  101.821987][ T6626] RBP: 00007f9e6a0d0b76 R08: 0000000000000020 R09: 0000000000000000
[  101.852299][ T6626] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000000
[  101.860292][ T6626] R13: 0000000000000000 R14: 00007f9e6a215f80 R15: 00007ffda59cfde8
[  101.868320][ T6626]  </TASK>
[  101.871648][ T6626] Mem-Info:
[  101.874789][ T6626] active_anon:5888 inactive_anon:0 isolated_anon:0
[  101.874789][ T6626]  active_file:10796 inactive_file:12730 isolated_file:0
[  101.874789][ T6626]  unevictable:0 dirty:200 writeback:0
[  101.874789][ T6626]  slab_reclaimable:2594 slab_unreclaimable:13747
[  101.874789][ T6626]  mapped:23615 shmem:3122 pagetables:653
[  101.874789][ T6626]  sec_pagetables:0 bounce:0
[  101.874789][ T6626]  kernel_misc_reclaimable:0
[  101.874789][ T6626]  free:1894980 free_pcp:9582 free_cma:0
[  101.919719][ T6626] Node 0 active_anon:23668kB inactive_anon:0kB active_file:43184kB inactive_file:50920kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:94460kB dirty:800kB writeback:0kB shmem:12488kB writeback_tmp:0kB kernel_stack:2768kB pagetables:2612kB sec_pagetables:0kB all_unreclaimable? no
[  101.947644][ T6626] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  101.974558][ T6626] lowmem_reserve[]: 0 2866 7844 0
[  101.979686][ T6626] Node 0 DMA32 free:2950356kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953888kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[  102.008294][ T6626] lowmem_reserve[]: 0 0 4978 0
[  102.013112][ T6626] Node 0 Normal free:4614460kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:23668kB inactive_anon:0kB active_file:43184kB inactive_file:50920kB unevictable:0kB writepending:800kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:34792kB local_pcp:8476kB free_cma:0kB
[  102.043512][ T6626] lowmem_reserve[]: 0 0 0 0
[  102.048155][ T6626] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  102.060936][ T6626] Node 0 DMA32: 3*4kB (M) 3*8kB (M) 3*16kB (M) 4*32kB (M) 2*64kB (M) 3*128kB (M) 2*256kB (M) 2*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950356kB
[  102.077174][ T6626] Node 0 Normal: 3*4kB (E) 2*8kB (ME) 8*16kB (UE) 27*32kB (UME) 35*64kB (UE) 31*128kB (UE) 63*256kB (UME) 49*512kB (UME) 101*1024kB (UME) 27*2048kB (UME) 1076*4096kB (UM) = 4614460kB
[  102.095623][ T6626] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  102.105027][ T6626] 26644 total pagecache pages
[  102.105037][ T6626] 0 pages in swap cache
[  102.105044][ T6626] Free swap  = 124988kB
[  102.105053][ T6626] Total swap = 124996kB
[  102.105062][ T6626] 2097051 pages RAM
[  102.105102][ T6626] 0 pages HighMem/MovableOnly
[  102.105109][ T6626] 80187 pages reserved
[  102.127333][ T6630] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1086: corrupted in-inode xattr: invalid ea_ino
[  102.127547][ T6630] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1086: couldn't read orphan inode 15 (err -117)
[  102.128566][ T6630] EXT4-fs (loop3): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.132098][ T6630] netem: unknown loss type 5
[  102.132131][ T6630] netem: change failed
[  102.140759][ T6636] loop4: detected capacity change from 0 to 512
[  102.151645][ T6636] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1087: corrupted in-inode xattr: invalid ea_ino
[  102.151810][ T6636] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1087: couldn't read orphan inode 15 (err -117)
[  102.152322][ T6636] EXT4-fs (loop4): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.159617][ T3265] EXT4-fs (loop3): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  102.238626][ T6641] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1089'.
[  102.256383][ T6641] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1089'.
[  102.265335][ T6645] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6645 comm=syz.3.1090
[  102.272031][ T3261] EXT4-fs (loop4): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  102.283264][ T6641] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1089'.
[  102.349466][ T6649] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1091'.
[  102.360773][ T6651] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1092'.
[  102.506704][ T6662] Illegal XDP return value 4294967274 on prog  (id 708) dev N/A, expect packet loss!
[  102.543084][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  102.543100][   T29] audit: type=1400 audit(1726815033.772:2551): avc:  denied  { execute_no_trans } for  pid=6661 comm="syz.0.1094" path="/6/file0" dev="tmpfs" ino=50 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  102.588132][   T29] audit: type=1326 audit(1726815033.792:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.4.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  102.611820][   T29] audit: type=1326 audit(1726815033.792:2553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.4.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  102.635530][   T29] audit: type=1326 audit(1726815033.802:2554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.4.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  102.650529][ T6672] loop3: detected capacity change from 0 to 512
[  102.659288][   T29] audit: type=1326 audit(1726815033.802:2555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.4.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  102.659323][   T29] audit: type=1326 audit(1726815033.812:2556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.4.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  102.712772][   T29] audit: type=1326 audit(1726815033.812:2557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.4.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  102.736292][   T29] audit: type=1326 audit(1726815033.812:2558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.4.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  102.740014][ T6672] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1096: bg 0: block 5: invalid block bitmap
[  102.759742][   T29] audit: type=1326 audit(1726815033.812:2559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.4.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  102.759776][   T29] audit: type=1326 audit(1726815033.812:2560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.4.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  102.820642][ T6672] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  102.830924][ T6672] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1096: invalid indirect mapped block 3 (level 2)
[  102.844308][ T6672] EXT4-fs (loop3): 1 orphan inode deleted
[  102.850344][ T6672] EXT4-fs (loop3): 1 truncate cleaned up
[  102.856384][ T6672] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.898966][ T6671] syz.3.1096 uses obsolete (PF_INET,SOCK_PACKET)
[  102.959338][ T6677] geneve2: entered promiscuous mode
[  102.964608][ T6677] geneve2: entered allmulticast mode
[  102.972760][ T3265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.438286][ T6704] loop0: detected capacity change from 0 to 512
[  103.559922][ T6704] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1109: corrupted in-inode xattr: invalid ea_ino
[  103.580348][ T6704] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1109: couldn't read orphan inode 15 (err -117)
[  103.597104][ T6704] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.683308][ T6476] EXT4-fs (loop0): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  103.925662][ T6733] loop1: detected capacity change from 0 to 4096
[  103.960903][ T6734] loop0: detected capacity change from 0 to 2048
[  103.967717][ T6734] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.981192][ T6736] capability: warning: `syz.4.1121' uses deprecated v2 capabilities in a way that may be insecure
[  104.022817][ T6741] syz.4.1123[6741] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.022953][ T6741] syz.4.1123[6741] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.040579][ T6741] loop4: detected capacity change from 0 to 512
[  104.072421][ T6734] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.086602][ T6733] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.121738][ T5902] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.180497][ T6741] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  104.250042][ T6752] loop3: detected capacity change from 0 to 256
[  104.266994][ T6752] vfat: Bad value for 'shortname'
[  104.299125][ T6741] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  104.714599][ T6749] syz.3.1127 (6749) used greatest stack depth: 6328 bytes left
[  104.833291][ T6768] loop3: detected capacity change from 0 to 512
[  104.842010][ T6768] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  104.860291][ T6768] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.873126][ T6768] ext4 filesystem being mounted at /297/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.895248][ T3265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.015910][ T6476] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.289478][ T6801] loop0: detected capacity change from 0 to 1024
[  105.304422][ T6801] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  105.315533][ T6801] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  105.329212][ T6801] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  105.339437][ T6801] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  105.348310][ T6801] EXT4-fs (loop0): filesystem has both journal inode and journal device!
[  105.378722][ T6811] __nla_validate_parse: 10 callbacks suppressed
[  105.378773][ T6811] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1146'.
[  105.414598][ T6809] loop4: detected capacity change from 0 to 256
[  105.424326][ T6809] netlink: 324 bytes leftover after parsing attributes in process `syz.4.1148'.
[  105.510176][ T6819] loop4: detected capacity change from 0 to 4096
[  105.524983][ T6819] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.569486][ T3261] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.713243][ T6843] loop4: detected capacity change from 0 to 512
[  105.728362][ T6843] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  105.770915][ T6843] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.790204][ T6843] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.856560][ T6848] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6848 comm=syz.3.1165
[  105.911916][ T3261] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.922264][ T6851] geneve0: entered allmulticast mode
[  105.971106][ T6854] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1167'.
[  105.994808][ T6854] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1167'.
[  106.014863][ T6854] netlink: 'syz.4.1167': attribute type 10 has an invalid length.
[  106.072520][ T6854] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  106.264305][ T6884] loop3: detected capacity change from 0 to 1024
[  106.588326][ T6884] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.674102][   T28] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  106.690143][   T28] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[  106.702544][   T28] EXT4-fs (loop3): This should not happen!! Data will be lost
[  106.702544][   T28] 
[  106.712252][   T28] EXT4-fs (loop3): Total free blocks count 0
[  106.718358][   T28] EXT4-fs (loop3): Free/Dirty block details
[  106.724260][   T28] EXT4-fs (loop3): free_blocks=68451041280
[  106.730132][   T28] EXT4-fs (loop3): dirty_blocks=64
[  106.735308][   T28] EXT4-fs (loop3): Block reservation details
[  106.738162][ T6905] loop2: detected capacity change from 0 to 128
[  106.741313][   T28] EXT4-fs (loop3): i_reserved_data_blocks=4
[  106.755269][ T3265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.756317][ T6905] vfat: Unknown parameter '1844674407370955161500000000000000000000000'
[  106.783720][ T6907] loop3: detected capacity change from 0 to 128
[  106.792462][ T6905] syzkaller0: entered allmulticast mode
[  106.805716][ T6905] syzkaller0 (unregistering): left allmulticast mode
[  106.813323][ T6907] syz.3.1187: attempt to access beyond end of device
[  106.813323][ T6907] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[  106.826896][ T6907] Buffer I/O error on dev loop3, logical block 128, lost async page write
[  106.944334][ T6914] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  107.136988][ T6925] loop2: detected capacity change from 0 to 2048
[  107.145272][ T6924] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1194'.
[  107.179628][ T6925] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.577292][ T6939] loop4: detected capacity change from 0 to 512
[  107.636164][ T6939] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.682293][ T6939] ext4 filesystem being mounted at /264/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  107.725394][ T6939] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.1198: Directory hole found for htree leaf block 0
[  107.796640][ T3261] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.900182][ T6947] loop4: detected capacity change from 0 to 512
[  107.910796][ T6946] loop1: detected capacity change from 0 to 512
[  107.920142][ T6947] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1200: corrupted in-inode xattr: invalid ea_ino
[  107.929304][ T6946] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  107.948545][ T6140] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.963124][ T6947] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1200: couldn't read orphan inode 15 (err -117)
[  107.987002][ T6946] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.006748][ T6947] EXT4-fs (loop4): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.031219][ T6946] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.093610][ T5902] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.155939][ T3261] EXT4-fs (loop4): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  108.354335][ T6974] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6974 comm=syz.0.1212
[  108.459684][ T6986] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1217'.
[  108.485864][ T6990] loop4: detected capacity change from 0 to 512
[  108.494232][ T6990] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1219: corrupted in-inode xattr: invalid ea_ino
[  108.509801][ T6990] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1219: couldn't read orphan inode 15 (err -117)
[  108.522824][ T6990] EXT4-fs (loop4): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.597077][ T3261] EXT4-fs (loop4): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  108.637150][ T6999] loop0: detected capacity change from 0 to 512
[  108.647521][ T6999] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  108.688894][ T6999] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.703528][ T6999] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.738443][ T6476] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.772530][ T7009] syz.0.1225 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  108.830536][ T7002] loop4: detected capacity change from 0 to 128
[  108.851438][ T7002] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  108.867365][ T7002] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  108.882701][ T7017] siw: device registration error -23
[  108.950298][   T29] kauditd_printk_skb: 458 callbacks suppressed
[  108.950315][   T29] audit: type=1400 audit(1726815040.182:3019): avc:  denied  { nlmsg_read } for  pid=7020 comm="syz.2.1229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  108.997552][   T36] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  109.225663][ T7037] loop4: detected capacity change from 0 to 512
[  109.240057][   T29] audit: type=1400 audit(1726815040.472:3020): avc:  denied  { mount } for  pid=7022 comm="syz.0.1230" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  109.272427][ T7037] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1236: corrupted in-inode xattr: invalid ea_ino
[  109.311056][ T7037] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1236: couldn't read orphan inode 15 (err -117)
[  109.337751][ T7037] EXT4-fs (loop4): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.384627][   T29] audit: type=1400 audit(1726815040.612:3021): avc:  denied  { unmount } for  pid=6476 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  109.437787][ T3261] EXT4-fs (loop4): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  109.494366][ T7047] hub 2-0:1.0: USB hub found
[  109.499368][ T7047] hub 2-0:1.0: 8 ports detected
[  109.517518][ T7047] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  109.565293][ T7054] loop1: detected capacity change from 0 to 164
[  109.588670][ T7054] Unable to read rock-ridge attributes
[  109.598688][   T29] audit: type=1400 audit(1726815040.832:3022): avc:  denied  { mount } for  pid=7053 comm="syz.1.1242" name="/" dev="loop1" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  109.639816][ T7054] Unable to read rock-ridge attributes
[  109.726275][   T29] audit: type=1400 audit(1726815040.952:3023): avc:  denied  { unmount } for  pid=5902 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  109.812798][ T7064] loop1: detected capacity change from 0 to 128
[  109.870915][ T7064] syz.1.1247: attempt to access beyond end of device
[  109.870915][ T7064] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[  109.884594][ T7064] Buffer I/O error on dev loop1, logical block 128, lost async page write
[  110.105761][ T7066] hub 2-0:1.0: USB hub found
[  110.110984][ T7066] hub 2-0:1.0: 8 ports detected
[  110.469720][   T29] audit: type=1400 audit(1726815041.702:3024): avc:  denied  { create } for  pid=7081 comm="syz.1.1253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  110.906385][ T7093] loop0: detected capacity change from 0 to 512
[  110.927822][ T7093] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  110.960506][ T7093] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.968968][ T7095] loop4: detected capacity change from 0 to 128
[  110.981732][ T7095] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  110.994781][ T7093] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.006093][ T7095] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  111.047259][ T6476] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.091755][ T7102] siw: device registration error -23
[  111.144170][ T7112] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1265'.
[  111.301991][   T29] audit: type=1400 audit(1726815042.492:3025): avc:  denied  { read } for  pid=7108 comm="syz.4.1265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  111.321681][   T29] audit: type=1326 audit(1726815042.522:3026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7123 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6a05def9 code=0x7ffc0000
[  111.345287][   T29] audit: type=1326 audit(1726815042.522:3027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7123 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6a05def9 code=0x7ffc0000
[  111.368828][   T29] audit: type=1326 audit(1726815042.522:3028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7123 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9e6a05fe17 code=0x7ffc0000
[  111.411993][ T7125] loop1: detected capacity change from 0 to 128
[  111.429909][ T7125] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  111.512479][ T7132] loop2: detected capacity change from 0 to 1024
[  111.620248][ T7132] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  111.629609][ T7132] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[  111.638740][ T7125] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  111.834815][ T7137] siw: device registration error -23
[  111.885808][ T7141] loop0: detected capacity change from 0 to 128
[  111.894852][ T7141] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  111.911308][ T7141] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  111.924248][ T7143] loop1: detected capacity change from 0 to 512
[  111.934517][ T7143] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1277: corrupted in-inode xattr: invalid ea_ino
[  111.961268][ T7143] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1277: couldn't read orphan inode 15 (err -117)
[  111.980306][ T7143] EXT4-fs (loop1): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.161659][ T7156] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7156 comm=syz.4.1279
[  112.218049][ T5902] EXT4-fs (loop1): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  112.559860][ T7167] loop4: detected capacity change from 0 to 164
[  112.573858][ T7167] Unable to read rock-ridge attributes
[  112.651706][ T7177] Unable to read rock-ridge attributes
[  112.680251][ T7179] loop1: detected capacity change from 0 to 2048
[  112.700482][ T7179] EXT4-fs: dax option not supported
[  112.735564][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.743193][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.750727][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.758213][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.765600][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.773080][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.780589][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.787992][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.795389][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.802813][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.810245][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.817692][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.825100][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.832536][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.839971][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.847377][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.854923][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.862511][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.869965][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.877444][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.885096][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.892560][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.899998][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.907442][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.914997][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.922461][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.929917][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.937330][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.944785][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.952336][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.959754][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.967156][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.974584][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.982021][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.989432][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  112.996836][ T5606] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  113.050997][ T5606] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  113.085541][ T7184] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1289'.
[  113.107400][ T7188] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1291'.
[  113.121397][ T7186] netlink: 'syz.0.1290': attribute type 10 has an invalid length.
[  113.158553][ T7186] bond0: (slave batadv0): Error -22 calling dev_set_mtu
[  113.204040][ T7193] loop0: detected capacity change from 0 to 164
[  113.213773][ T7193] Unable to read rock-ridge attributes
[  113.277062][ T7197] Unable to read rock-ridge attributes
[  113.338853][ T7200] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7200 comm=syz.4.1295
[  113.456391][ T7212] loop2: detected capacity change from 0 to 128
[  113.473708][ T7214] loop4: detected capacity change from 0 to 1024
[  113.493296][ T7214] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.513493][ T7212] syz.2.1299: attempt to access beyond end of device
[  113.513493][ T7212] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[  113.527011][ T7212] Buffer I/O error on dev loop2, logical block 128, lost async page write
[  113.560351][ T7214] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  113.581524][ T7214] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 23 with max blocks 1 with error 28
[  113.593871][ T7214] EXT4-fs (loop4): This should not happen!! Data will be lost
[  113.593871][ T7214] 
[  113.603626][ T7214] EXT4-fs (loop4): Total free blocks count 0
[  113.609661][ T7214] EXT4-fs (loop4): Free/Dirty block details
[  113.615586][ T7214] EXT4-fs (loop4): free_blocks=68451041280
[  113.621446][ T7214] EXT4-fs (loop4): dirty_blocks=32
[  113.626649][ T7214] EXT4-fs (loop4): Block reservation details
[  113.632671][ T7214] EXT4-fs (loop4): i_reserved_data_blocks=2
[  113.648718][ T7217] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 24 with error 28
[  113.695551][ T7221] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1302'.
[  113.743593][ T7223] siw: device registration error -23
[  113.785311][ T7226] loop4: detected capacity change from 0 to 512
[  113.803983][ T7226] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  113.831226][ T7226] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.858295][ T7226] ext4 filesystem being mounted at /293/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.913810][ T3261] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.100506][ T7240] loop4: detected capacity change from 0 to 164
[  114.113214][ T7242] loop1: detected capacity change from 0 to 128
[  114.120766][ T7240] Unable to read rock-ridge attributes
[  114.192186][ T7242] syz.1.1308: attempt to access beyond end of device
[  114.192186][ T7242] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[  114.205706][ T7242] Buffer I/O error on dev loop1, logical block 128, lost async page write
[  114.214402][ T7243] Unable to read rock-ridge attributes
[  114.507689][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  114.507710][   T29] audit: type=1326 audit(1726815045.652:3052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7248 comm="syz.4.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  114.537222][   T29] audit: type=1326 audit(1726815045.652:3053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7248 comm="syz.4.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  114.560690][   T29] audit: type=1326 audit(1726815045.652:3054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7248 comm="syz.4.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  114.584305][   T29] audit: type=1326 audit(1726815045.652:3055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7248 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  114.607222][   T29] audit: type=1326 audit(1726815045.652:3056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7248 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  114.630521][   T29] audit: type=1326 audit(1726815045.652:3057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7248 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  114.653410][   T29] audit: type=1326 audit(1726815045.652:3058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7248 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  114.676328][   T29] audit: type=1326 audit(1726815045.652:3059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7248 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  114.699322][   T29] audit: type=1326 audit(1726815045.652:3060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7248 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  114.722281][   T29] audit: type=1326 audit(1726815045.652:3061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7248 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7fc374c8def9 code=0x7ffc0000
[  114.943348][ T7261] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1315'.
[  114.992982][ T7265] dummy0: entered promiscuous mode
[  115.002679][ T7265] batman_adv: batadv0: Adding interface: macsec1
[  115.009107][ T7265] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.054764][ T7265] batman_adv: batadv0: Interface activated: macsec1
[  115.119798][ T7273] siw: device registration error -23
[  115.274803][ T7287] loop4: detected capacity change from 0 to 512
[  115.306727][ T7292] loop2: detected capacity change from 0 to 128
[  115.316025][ T7287] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.359610][ T7287] ext4 filesystem being mounted at /301/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.371506][ T7292] syz.2.1328: attempt to access beyond end of device
[  115.371506][ T7292] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[  115.385054][ T7292] Buffer I/O error on dev loop2, logical block 128, lost async page write
[  115.417023][ T7287] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.1326: Directory hole found for htree leaf block 0
[  115.455355][ T3261] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.581930][ T7306] loop2: detected capacity change from 0 to 764
[  115.592606][ T7308] siw: device registration error -23
[  115.600677][ T7306] Symlink component flag not implemented
[  115.606693][ T7306] Symlink component flag not implemented (129)
[  115.619990][ T7306] rock: directory entry would overflow storage
[  115.626182][ T7306] rock: sig=0x4f50, size=4, remaining=3
[  115.631801][ T7306] iso9660: Corrupted directory entry in block 6 of inode 1792
[  115.701477][ T7315] dummy0: mtu less than device minimum
[  115.801003][ T7322] loop2: detected capacity change from 0 to 2048
[  115.824718][ T7327] syz.4.1330[7327] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.824794][ T7327] syz.4.1330[7327] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.861187][ T7322] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.991140][ T7322] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  116.065051][ T6140] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.235983][ T7361] loop2: detected capacity change from 0 to 512
[  116.251457][ T7364] loop3: detected capacity change from 0 to 512
[  116.258512][ T7361] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1353: corrupted in-inode xattr: invalid ea_ino
[  116.273712][ T7361] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1353: couldn't read orphan inode 15 (err -117)
[  116.286804][ T7361] EXT4-fs (loop2): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.286817][ T7364] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1355: corrupted in-inode xattr: invalid ea_ino
[  116.287057][ T7364] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1355: couldn't read orphan inode 15 (err -117)
[  116.326279][ T7364] EXT4-fs (loop3): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.343562][ T6140] EXT4-fs (loop2): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  116.387568][ T3265] EXT4-fs (loop3): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  116.409694][ T7371] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7371 comm=syz.3.1357
[  116.519369][ T7371] veth0_vlan: left promiscuous mode
[  116.525277][ T7371] veth0_vlan: entered promiscuous mode
[  116.712717][ T7392] syz.0.1363[7392] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  116.712947][ T7392] syz.0.1363[7392] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  116.726556][ T7392] Cannot find del_set index 0 as target
[  116.776473][ T7396] loop0: detected capacity change from 0 to 512
[  116.834084][ T7396] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.846983][ T7396] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.861127][ T7396] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.1368: Directory hole found for htree leaf block 0
[  117.274212][ T6476] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.288219][ T7405] syz.2.1369[7405] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  117.288286][ T7405] syz.2.1369[7405] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  117.301157][ T7405] Cannot find del_set index 0 as target
[  117.465480][ T7419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7419 comm=syz.0.1377
[  117.519968][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.527531][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.535154][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.542756][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.550381][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.558053][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.565666][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.573257][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.580833][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.588388][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.595795][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.603326][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.611612][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.619059][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.626638][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.630625][ T7425] dccp_close: ABORT with 32 bytes unread
[  117.634099][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.647109][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.654540][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.662043][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.669471][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.676976][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.684458][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.691888][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.693099][ T7432] loop0: detected capacity change from 0 to 512
[  117.699318][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.699347][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.720781][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.728213][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.735651][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.743103][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.743566][ T7433] loop2: detected capacity change from 0 to 512
[  117.750561][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.764273][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.771803][  T751] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  117.822749][  T751] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  117.848946][ T7432] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.861625][ T7432] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.868983][ T7433] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.884662][ T7433] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.900980][ T7430] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.1379: Directory hole found for htree leaf block 0
[  117.935159][ T7446] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  118.013353][ T7444] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1383'.
[  118.036704][ T7446] tipc: Resetting bearer <eth:syzkaller0>
[  118.078824][ T7461] loop4: detected capacity change from 0 to 512
[  118.086137][ T7445] tipc: Disabling bearer <eth:syzkaller0>
[  118.115207][ T7461] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1392: corrupted in-inode xattr: invalid ea_ino
[  118.138730][ T7461] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1392: couldn't read orphan inode 15 (err -117)
[  118.231537][ T7483] loop3: detected capacity change from 0 to 512
[  118.231560][ T7482] loop1: detected capacity change from 0 to 2048
[  118.249305][ T7483] ext4 filesystem being mounted at /327/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.285094][ T7482] Alternate GPT is invalid, using primary GPT.
[  118.291521][ T7482]  loop1: p2 p3 p7
[  118.388364][ T7483] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.1399: Directory hole found for htree leaf block 0
[  119.302077][ T7517] loop2: detected capacity change from 0 to 1024
[  119.310542][ T7517] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  119.399148][ T7517] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  119.407281][ T7517] EXT4-fs (loop2): orphan cleanup on readonly fs
[  119.498837][ T7517] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #3: block 3: comm syz.2.1409: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.515050][ T7517] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.1409: Failed to acquire dquot type 0
[  119.534051][ T7517] EXT4-fs error (device loop2): ext4_map_blocks:609: inode #3: block 3: comm syz.2.1409: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.552906][ T7527] loop0: detected capacity change from 0 to 512
[  119.561415][ T7517] __quota_error: 284 callbacks suppressed
[  119.561459][ T7517] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  119.577816][ T7517] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.1409: Failed to acquire dquot type 0
[  119.590053][ T7517] EXT4-fs error (device loop2): ext4_free_blocks:6590: comm syz.2.1409: Freeing blocks not in datazone - block = 0, count = 4096
[  119.613846][ T7517] EXT4-fs error (device loop2): ext4_map_blocks:609: inode #3: block 3: comm syz.2.1409: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.636809][ T7517] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  119.648051][ T7517] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.1409: Failed to acquire dquot type 0
[  119.652000][ T7527] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.665356][ T7517] EXT4-fs (loop2): 1 orphan inode deleted
[  119.687331][ T7527] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.1413: Directory hole found for htree leaf block 0
[  119.687800][ T7517] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  119.793951][ T7547] IPVS: Error connecting to the multicast addr
[  120.002554][ T7567] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1427'.
[  120.104330][   T29] audit: type=1400 audit(1726815051.332:3343): avc:  denied  { create } for  pid=7573 comm="syz.0.1430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  120.129225][   T29] audit: type=1400 audit(1726815051.362:3344): avc:  denied  { sys_admin } for  pid=7573 comm="syz.0.1430" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  120.235280][ T7581] loop2: detected capacity change from 0 to 512
[  120.251740][ T7581] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1433: corrupted in-inode xattr: invalid ea_ino
[  120.275766][ T7581] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1433: couldn't read orphan inode 15 (err -117)
[  120.291423][ T7581] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1433: invalid indirect mapped block 234881024 (level 0)
[  120.305504][   T29] audit: type=1400 audit(1726815051.522:3345): avc:  denied  { unlink } for  pid=7580 comm="syz.2.1433" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  120.586239][   T29] audit: type=1326 audit(1726815051.812:3346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7598 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  120.608612][ T7600] loop3: detected capacity change from 0 to 8192
[  120.629350][   T29] audit: type=1326 audit(1726815051.812:3347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7598 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  120.652575][   T29] audit: type=1326 audit(1726815051.842:3348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7598 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f535e01c9df code=0x7ffc0000
[  120.675597][   T29] audit: type=1326 audit(1726815051.842:3349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7598 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  120.698551][   T29] audit: type=1326 audit(1726815051.842:3350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7598 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  120.748757][ T7576] coredump: 237(syz.0.1430): written to core: VMAs: 29, size 89030656; core: 60011182 bytes, pos 89038848
[  121.430648][ T3338] usb usb6-port1: attempt power cycle
[  121.464612][ T7613] loop2: detected capacity change from 0 to 512
[  121.490859][ T7613] ext4 filesystem being mounted at /83/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.504246][ T7613] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.1445: Directory hole found for htree leaf block 0
[  121.524058][ T7622] netlink: 'syz.3.1448': attribute type 10 has an invalid length.
[  121.534895][ T7622] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  121.583281][ T7628] loop3: detected capacity change from 0 to 512
[  121.590387][ T7628] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  121.602180][ T7628] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.1451: invalid indirect mapped block 512 (level 0)
[  121.615943][ T7628] EXT4-fs (loop3): Remounting filesystem read-only
[  121.622710][ T7628] EXT4-fs (loop3): 1 orphan inode deleted
[  121.628483][ T7628] EXT4-fs (loop3): 1 truncate cleaned up
[  121.634452][ T7628] SELinux: (dev loop3, type ext4) getxattr errno 5
[  121.841098][ T7650] loop3: detected capacity change from 0 to 512
[  121.859209][ T7650] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.872141][ T7650] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.1459: Directory hole found for htree leaf block 0
[  121.970704][ T7658] hub 2-0:1.0: USB hub found
[  121.975439][ T7658] hub 2-0:1.0: 8 ports detected
[  122.065055][ T7670] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1468'.
[  122.093612][ T7670] batadv0: entered promiscuous mode
[  122.100005][ T7670] batadv_slave_0: entered promiscuous mode
[  122.106054][ T7670] batadv_slave_0: left promiscuous mode
[  122.111854][ T7670] batadv0: left promiscuous mode
[  122.629439][ T7683] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1472'.
[  122.712334][ T7685] loop1: detected capacity change from 0 to 256
[  122.724902][ T7685] vfat: Bad value for 'shortname'
[  122.759736][ T7689] loop2: detected capacity change from 0 to 1024
[  122.809772][ T7694] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1476'.
[  123.092666][ T7706] loop3: detected capacity change from 0 to 1024
[  123.100196][ T7706] ext2: Bad value for 'auto_da_alloc'
[  123.267142][ T7714] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1483'.
[  123.364220][ T7722] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1487'.
[  123.384199][ T7722] bond1: entered promiscuous mode
[  123.389421][ T7722] bond1: entered allmulticast mode
[  123.395372][ T7722] 8021q: adding VLAN 0 to HW filter on device bond1
[  123.414662][ T7722] loop0: detected capacity change from 0 to 2048
[  123.561187][ T7729] loop0: detected capacity change from 0 to 512
[  123.601099][ T7729] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.612944][ T3338] usb usb6-port1: unable to enumerate USB device
[  123.620107][ T7729] EXT4-fs (loop0): resizing filesystem from 128 to 1 blocks
[  123.627430][ T7729] EXT4-fs warning (device loop0): ext4_resize_fs:2041: can't shrink FS - resize aborted
[  124.679224][ T7746] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1494'.
[  124.764392][ T7746] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1494'.
[  124.823693][   T29] kauditd_printk_skb: 66 callbacks suppressed
[  124.823708][   T29] audit: type=1400 audit(1726815056.052:3417): avc:  denied  { lock } for  pid=7760 comm="syz.2.1501" path="socket:[20974]" dev="sockfs" ino=20974 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  124.855811][ T7746] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1494'.
[  124.907426][ T7768] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  124.915703][ T7768] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  124.957246][ T7768] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  124.963889][ T7768] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  124.971737][ T7768] vhci_hcd vhci_hcd.0: Device attached
[  124.984881][ T7774] loop1: detected capacity change from 0 to 512
[  125.000996][ T7774] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.029959][ T7774] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.1507: Directory hole found for htree leaf block 0
[  125.144920][ T7796] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1514'.
[  125.167819][    T9] vhci_hcd: vhci_device speed not set
[  125.195808][ T7796] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1514'.
[  125.227756][    T9] usb 5-1: new full-speed USB device number 2 using vhci_hcd
[  125.256987][ T7802] loop4: detected capacity change from 0 to 1024
[  125.263822][ T7802] EXT4-fs: Ignoring removed nomblk_io_submit option
[  125.282430][ T7802] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854e01c, mo2=0003]
[  125.290752][ T7802] System zones: 0-1, 3-36
[  125.298952][ T7800] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1509'.
[  125.308148][ T7802] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1516'.
[  125.654982][ T7775] vhci_hcd: connection reset by peer
[  125.660569][   T50] vhci_hcd: stop threads
[  125.664869][   T50] vhci_hcd: release socket
[  125.669371][   T50] vhci_hcd: disconnect device
[  125.998373][ T7811] loop3: detected capacity change from 0 to 128
[  126.023315][ T7811] syz.3.1518: attempt to access beyond end of device
[  126.023315][ T7811] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[  126.036900][ T7811] Buffer I/O error on dev loop3, logical block 128, lost async page write
[  126.133225][ T7818] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1521'.
[  126.266139][   T29] audit: type=1326 audit(1726815057.492:3418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  126.290192][   T29] audit: type=1326 audit(1726815057.492:3419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  126.313737][   T29] audit: type=1326 audit(1726815057.502:3420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  126.337168][   T29] audit: type=1326 audit(1726815057.502:3421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  126.360794][   T29] audit: type=1326 audit(1726815057.502:3422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  126.384249][   T29] audit: type=1326 audit(1726815057.502:3423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  126.407727][   T29] audit: type=1326 audit(1726815057.502:3424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  126.431324][   T29] audit: type=1326 audit(1726815057.502:3425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  126.455017][   T29] audit: type=1326 audit(1726815057.502:3426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  126.502760][ T7849] loop2: detected capacity change from 0 to 1024
[  126.518006][ T7849] EXT4-fs: Ignoring removed nomblk_io_submit option
[  126.537457][ T7849] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854e01c, mo2=0003]
[  126.545789][ T7849] System zones: 0-1, 3-36
[  126.818457][ T7864] vhci_hcd: invalid port number 157
[  126.823826][ T7864] vhci_hcd: default hub control req: c1ef v21ba i009d l29779
[  126.932635][ T7878] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7878 comm=syz.0.1542
[  127.112849][ T7891] loop4: detected capacity change from 0 to 512
[  127.140367][ T7891] ext4 filesystem being mounted at /327/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.153795][ T7891] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.1547: Directory hole found for htree leaf block 0
[  127.237583][ T7909] loop0: detected capacity change from 0 to 2048
[  127.288050][ T7909]  loop0: p2 < > p4
[  127.292423][ T7909] loop0: p4 size 8192 extends beyond EOD, truncated
[  127.606659][ T7954] loop2: detected capacity change from 0 to 512
[  127.609871][ T7955] loop3: detected capacity change from 0 to 1024
[  127.620314][ T7955] EXT4-fs: Ignoring removed nomblk_io_submit option
[  127.630775][ T7954] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1570: corrupted in-inode xattr: invalid ea_ino
[  127.660147][ T7954] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1570: couldn't read orphan inode 15 (err -117)
[  127.673159][ T7955] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854e01c, mo2=0003]
[  127.693740][ T7955] System zones: 0-1, 3-36
[  127.705271][ T7954] netlink: 'syz.2.1570': attribute type 10 has an invalid length.
[  127.722737][ T7954] team0: Port device geneve0 added
[  127.963067][ T7919] coredump: 915(syz.3.1555): written to core: VMAs: 32, size 91525120; core: 71021539 bytes, pos 91533312
[  128.066061][ T7982] netlink: 'syz.2.1579': attribute type 10 has an invalid length.
[  128.076982][ T7982] 8021q: adding VLAN 0 to HW filter on device batadv0
[  128.085102][ T7982] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  128.276171][ T8004] __nla_validate_parse: 19 callbacks suppressed
[  128.276189][ T8004] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1588'.
[  128.295865][ T8008] loop2: detected capacity change from 0 to 256
[  128.296521][    C0] vcan0: j1939_session_tx_dat: 0xffff888114896e00: queue data error: -100
[  128.311793][ T8004] ------------[ cut here ]------------
[  128.317281][ T8004] refcount_t: underflow; use-after-free.
[  128.323284][ T8004] WARNING: CPU: 0 PID: 8004 at lib/refcount.c:28 refcount_warn_saturate+0x1c6/0x230
[  128.332756][ T8004] Modules linked in:
[  128.336762][ T8004] CPU: 0 UID: 0 PID: 8004 Comm: syz.4.1588 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0
[  128.347151][ T8004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  128.357367][ T8004] RIP: 0010:refcount_warn_saturate+0x1c6/0x230
[  128.363598][ T8004] Code: 72 ff ff ff e8 1b 65 72 ff 48 c7 c7 a9 fd b2 86 e8 bf cb 8a ff c6 05 11 2a f5 04 01 90 48 c7 c7 b8 34 1b 86 e8 eb 23 54 ff 90 <0f> 0b 90 90 e9 43 ff ff ff e8 ec 64 72 ff 48 c7 c7 a6 fd b2 86 e8
[  128.383416][ T8004] RSP: 0018:ffffc9000778f468 EFLAGS: 00010246
[  128.389530][ T8004] RAX: 59bf7e82360ef600 RBX: ffff8881149eafe4 RCX: 0000000000040000
[  128.397532][ T8004] RDX: ffffc90004844000 RSI: 0000000000005501 RDI: 0000000000005502
[  128.405651][ T8004] RBP: 0000000000000003 R08: ffffffff8111f8f7 R09: 0000000000000000
[  128.413431][ T8013] loop0: detected capacity change from 0 to 128
[  128.413662][ T8004] R10: 0001ffffffffffff R11: ffff888103151080 R12: ffff888114897a68
[  128.427917][ T8004] R13: ffff888114897a00 R14: ffff8881149eafe4 R15: 0000000000000000
[  128.430668][ T8013] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  128.435932][ T8004] FS:  00007fc3739076c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[  128.435958][ T8004] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  128.448530][ T8014] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[  128.456743][ T8004] CR2: 0000000000000000 CR3: 0000000113aa0000 CR4: 00000000003506f0
[  128.479551][ T8013] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  128.479893][ T8004] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  128.494620][ T8014] 9pnet_fd: Insufficient options for proto=fd
[  128.496874][ T8004] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  128.496895][ T8004] Call Trace:
[  128.496902][ T8004]  <TASK>
[  128.496911][ T8004]  ? __warn+0x141/0x350
[  128.521663][ T8004]  ? report_bug+0x315/0x420
[  128.526237][ T8004]  ? refcount_warn_saturate+0x1c6/0x230
[  128.531811][ T8004]  ? handle_bug+0x60/0x90
[  128.536213][ T8004]  ? exc_invalid_op+0x1a/0x50
[  128.540911][ T8004]  ? asm_exc_invalid_op+0x1a/0x20
[  128.546051][ T8004]  ? __warn_printk+0x167/0x1b0
[  128.550933][ T8004]  ? refcount_warn_saturate+0x1c6/0x230
[  128.556489][ T8004]  ? refcount_warn_saturate+0x1c5/0x230
[  128.562146][ T8004]  sk_skb_reason_drop+0xe9/0x290
[  128.567109][ T8004]  j1939_session_put+0x157/0x2a0
[  128.572135][ T8004]  j1939_cancel_active_session+0x1d4/0x220
[  128.578010][ T8004]  j1939_netdev_notify+0x13a/0x1b0
[  128.583125][ T8004]  ? __pfx_j1939_netdev_notify+0x10/0x10
[  128.588863][ T8004]  raw_notifier_call_chain+0x6f/0x1d0
[  128.594370][ T8004]  call_netdevice_notifiers_info+0xae/0x100
[  128.600357][ T8004]  dev_close_many+0x174/0x240
[  128.605107][ T8004]  unregister_netdevice_many_notify+0x263/0x11b0
[  128.611512][ T8004]  ? __list_add_valid_or_report+0x36/0xc0
[  128.617250][ T8004]  ? unregister_netdevice_queue+0x12b/0x220
[  128.623185][ T8004]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  128.629536][ T8004]  rtnl_dellink+0x380/0x580
[  128.634067][ T8004]  ? security_capable+0x81/0x90
[  128.639028][ T8004]  ? ns_capable+0x7d/0xb0
[  128.643361][ T8004]  ? __pfx_rtnl_dellink+0x10/0x10
[  128.648430][ T8004]  rtnetlink_rcv_msg+0x6aa/0x710
[  128.653463][ T8004]  ? __dev_queue_xmit+0x161/0x1fe0
[  128.658640][ T8004]  netlink_rcv_skb+0x12c/0x230
[  128.663441][ T8004]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  128.668975][ T8004]  rtnetlink_rcv+0x1c/0x30
[  128.673480][ T8004]  netlink_unicast+0x599/0x670
[  128.678400][ T8004]  netlink_sendmsg+0x5cc/0x6e0
[  128.683208][ T8004]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.688649][ T8004]  __sock_sendmsg+0x140/0x180
[  128.693469][ T8004]  ____sys_sendmsg+0x312/0x410
[  128.698383][ T8004]  __sys_sendmsg+0x1dd/0x270
[  128.703135][ T8004]  __x64_sys_sendmsg+0x46/0x50
[  128.707981][ T8004]  x64_sys_call+0x2689/0x2d60
[  128.712780][ T8004]  do_syscall_64+0xc9/0x1c0
[  128.717279][ T8004]  ? clear_bhb_loop+0x55/0xb0
[  128.721985][ T8004]  ? clear_bhb_loop+0x55/0xb0
[  128.726684][ T8004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.732618][ T8004] RIP: 0033:0x7fc374c8def9
[  128.737204][ T8004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.756879][ T8004] RSP: 002b:00007fc373907038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  128.765776][ T8004] RAX: ffffffffffffffda RBX: 00007fc374e45f80 RCX: 00007fc374c8def9
[  128.773783][ T8004] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000006
[  128.781803][ T8004] RBP: 00007fc374d00b76 R08: 0000000000000000 R09: 0000000000000000
[  128.789801][ T8004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  128.797934][ T8004] R13: 0000000000000000 R14: 00007fc374e45f80 R15: 00007ffde1e58388
[  128.805957][ T8004]  </TASK>
[  128.809029][ T8004] ---[ end trace 0000000000000000 ]---
[  128.865584][   T58] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  128.876126][ T8014] geneve0: entered allmulticast mode
[  128.991061][ T3265] EXT4-fs unmount: 35 callbacks suppressed
[  128.991127][ T3265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.408987][ T8037] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1599'.
[  129.426608][ T8037] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1599'.
[  129.451514][ T8037] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1599'.
[  129.579666][ T8052] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.1604' sets config #0
[  129.603751][ T8054] loop1: detected capacity change from 0 to 128
[  129.627557][ T8054] syz.1.1605: attempt to access beyond end of device
[  129.627557][ T8054] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[  129.641266][ T8054] Buffer I/O error on dev loop1, logical block 128, lost async page write
[  129.668938][ T8056] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1606'.
[  130.267743][    T9] usb 5-1: enqueue for inactive port 0
[  130.273360][    T9] usb 5-1: enqueue for inactive port 0
[  130.351036][    T9] vhci_hcd: vhci_device speed not set
[  130.402382][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  130.402400][   T29] audit: type=1400 audit(1726815061.632:3437): avc:  denied  { wake_alarm } for  pid=8079 comm="syz.3.1616" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  130.439043][ T8083] loop3: detected capacity change from 0 to 128
[  130.462040][ T8083] syz.3.1617: attempt to access beyond end of device
[  130.462040][ T8083] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[  130.475549][ T8083] Buffer I/O error on dev loop3, logical block 128, lost async page write
[  130.570244][ T8088] loop3: detected capacity change from 0 to 256
[  130.577246][ T8088] vfat: Bad value for 'shortname'
[  131.040555][   T29] audit: type=1326 audit(1726815062.272:3438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8108 comm="syz.2.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  131.064301][   T29] audit: type=1326 audit(1726815062.272:3439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8108 comm="syz.2.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  131.109180][ T8111] loop1: detected capacity change from 0 to 1024
[  131.123338][   T29] audit: type=1326 audit(1726815062.332:3440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8108 comm="syz.2.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  131.126467][ T8111] EXT4-fs: Ignoring removed nomblk_io_submit option
[  131.146728][   T29] audit: type=1326 audit(1726815062.332:3441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8108 comm="syz.2.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  131.176835][   T29] audit: type=1326 audit(1726815062.332:3442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8108 comm="syz.2.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535e01def9 code=0x7ffc0000
[  131.210912][ T8111] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854e01c, mo2=0003]
[  131.223108][ T8111] System zones: 0-1, 3-36
[  131.236425][ T8111] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.272331][ T8111] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1629'.
[  131.523356][ T8127] loop0: detected capacity change from 0 to 128
[  131.534076][ T8127] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  131.547534][ T8127] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  131.590982][   T50] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  131.663670][ T8087] syz.3.1619 (8087) used greatest stack depth: 5416 bytes left
[  131.908516][ T5902] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.981115][ T8154] loop1: detected capacity change from 0 to 128
[  131.996473][ T8154] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  132.014152][ T8154] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  132.056868][   T28] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  132.115950][ T8167] syz.1.1651[8167] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  132.116012][ T8167] syz.1.1651[8167] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  132.130650][   T29] audit: type=1326 audit(1726815063.362:3443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8166 comm="syz.1.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844051def9 code=0x7ffc0000
[  132.166844][   T29] audit: type=1326 audit(1726815063.362:3444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8166 comm="syz.1.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844051def9 code=0x7ffc0000
[  132.190421][   T29] audit: type=1326 audit(1726815063.362:3445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8166 comm="syz.1.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f844051def9 code=0x7ffc0000
[  132.213948][   T29] audit: type=1326 audit(1726815063.362:3446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8166 comm="syz.1.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844051def9 code=0x7ffc0000
[  132.364239][ T8178] loop1: detected capacity change from 0 to 1024
[  132.370870][ T8178] EXT4-fs: Ignoring removed nomblk_io_submit option
[  132.389688][ T8178] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854e01c, mo2=0003]
[  132.397984][ T8178] System zones: 0-1, 3-36
[  132.403166][ T8178] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.417474][ T8178] netlink: 'syz.1.1656': attribute type 8 has an invalid length.
[  132.425249][ T8178] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1656'.
[  133.089241][ T8225] loop2: detected capacity change from 0 to 128
[  133.098172][ T8225] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  133.110839][ T8225] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  133.150813][   T28] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  133.277447][ T5902] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.837902][ T8250] loop3: detected capacity change from 0 to 256
[  133.844583][ T8250] vfat: Bad value for 'shortname'
[  133.926025][ T8254] loop0: detected capacity change from 0 to 128
[  133.937387][ T8254] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  133.954068][ T8254] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  133.955270][ T8259] loop3: detected capacity change from 0 to 1024
[  133.986823][ T8259] EXT4-fs: Ignoring removed nomblk_io_submit option
[  134.003768][ T8259] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854e01c, mo2=0003]
[  134.012328][ T8259] System zones: 0-1, 3-36
[  134.013596][   T50] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  134.018130][ T8259] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.050035][ T8259] netlink: 'syz.3.1688': attribute type 8 has an invalid length.
[  134.057841][ T8259] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1688'.
[  134.452475][ T8279] loop1: detected capacity change from 0 to 512
[  134.526805][ T8251] coredump: 988(syz.3.1684): written to core: VMAs: 29, size 89030656; core: 60011182 bytes, pos 89038848
[  134.535290][ T8289] loop1: detected capacity change from 0 to 128
[  134.563932][ T8289] syz.1.1699: attempt to access beyond end of device
[  134.563932][ T8289] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[  134.577698][ T8289] Buffer I/O error on dev loop1, logical block 128, lost async page write
[  134.826156][ T3265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.128275][ T8300] loop0: detected capacity change from 0 to 1024
[  135.140418][ T8300] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.159010][ T8300] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  135.206624][ T6476] EXT4-fs error (device loop0): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /155/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.229037][ T6476] EXT4-fs error (device loop0): ext4_empty_dir:3094: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.248409][ T6476] EXT4-fs warning (device loop0): ext4_empty_dir:3096: inode #11: comm syz-executor: directory missing '.'
[  135.260008][ T6476] EXT4-fs error (device loop0): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /155/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.282536][ T6476] EXT4-fs error (device loop0): ext4_empty_dir:3094: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.301902][ T6476] EXT4-fs warning (device loop0): ext4_empty_dir:3096: inode #11: comm syz-executor: directory missing '.'
[  135.313559][ T6476] EXT4-fs error (device loop0): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /155/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.335103][ T6476] EXT4-fs error (device loop0): ext4_empty_dir:3094: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.355496][ T6476] EXT4-fs warning (device loop0): ext4_empty_dir:3096: inode #11: comm syz-executor: directory missing '.'
[  135.367013][ T6476] EXT4-fs error (device loop0): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /155/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.390878][ T6476] EXT4-fs error (device loop0): ext4_empty_dir:3094: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.410287][ T6476] EXT4-fs warning (device loop0): ext4_empty_dir:3096: inode #11: comm syz-executor: directory missing '.'
[  135.421902][ T6476] EXT4-fs error (device loop0): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /155/bus/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.445520][ T6476] EXT4-fs error (device loop0): ext4_empty_dir:3094: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.446152][ T6476] EXT4-fs warning (device loop0): ext4_empty_dir:3096: inode #11: comm syz-executor: directory missing '.'
[  135.463363][ T6476] EXT4-fs warning (device loop0): ext4_empty_dir:3096: inode #11: comm syz-executor: directory missing '.'
[  135.489753][ T6476] EXT4-fs warning (device loop0): ext4_empty_dir:3096: inode #11: comm syz-executor: directory missing '.'
[  135.502976][ T6476] EXT4-fs warning (device loop0): ext4_empty_dir:3096: inode #11: comm syz-executor: directory missing '.'
[  135.514978][ T6476] EXT4-fs warning (device loop0): ext4_empty_dir:3096: inode #11: comm syz-executor: directory missing '.'
[  135.528337][ T6476] EXT4-fs warning (device loop0): ext4_empty_dir:3096: inode #11: comm syz-executor: directory missing '.'
[  135.555618][ T8326] 9pnet: Could not find request transport: f
[  135.562280][ T8327] 9pnet: Could not find request transport: f
[  135.568812][ T8326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1716'.
[  135.649969][ T8335] pim6reg: entered allmulticast mode
[  135.672562][ T8335] pim6reg: left allmulticast mode
[  135.705124][ T8341] loop3: detected capacity change from 0 to 128
[  135.728277][ T8341] syz.3.1720: attempt to access beyond end of device
[  135.728277][ T8341] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[  135.741806][ T8341] Buffer I/O error on dev loop3, logical block 128, lost async page write
[  135.783364][   T58] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.833567][ T8351] loop3: detected capacity change from 0 to 256
[  135.854341][ T8351] vfat: Bad value for 'shortname'
[  135.874806][   T58] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.931296][   T58] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.975269][ T8356] loop1: detected capacity change from 0 to 164
[  135.993689][   T58] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.005359][ T6476] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.014426][ T8356] Unable to read rock-ridge attributes
[  136.029160][ T8356] Unable to read rock-ridge attributes
[  136.066086][   T58] bridge_slave_1: left allmulticast mode
[  136.072462][   T58] bridge_slave_1: left promiscuous mode
[  136.078181][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.087374][   T58] bridge_slave_0: left allmulticast mode
[  136.093095][   T58] bridge_slave_0: left promiscuous mode
[  136.099153][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.220928][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  136.239637][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  136.254948][   T58] bond0 (unregistering): Released all slaves
[  136.265711][   T58] bond1 (unregistering): Released all slaves
[  136.316378][   T58] hsr_slave_0: left promiscuous mode
[  136.336225][   T58] hsr_slave_1: left promiscuous mode
[  136.372029][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  136.380607][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  136.392009][ T8376] loop1: detected capacity change from 0 to 128
[  136.401997][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  136.409854][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  136.410784][ T8376] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  136.443807][   T58] veth1_macvtap: left promiscuous mode
[  136.450073][   T58] veth0_macvtap: left promiscuous mode
[  136.456637][ T8376] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  136.527816][   T11] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  136.574613][   T58] team0 (unregistering): Port device team_slave_1 removed
[  136.586861][   T58] team0 (unregistering): Port device team_slave_0 removed
[  136.883852][ T8363] chnl_net:caif_netlink_parms(): no params data found
[  136.999006][ T8363] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.006176][ T8363] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.022337][ T8363] bridge_slave_0: entered allmulticast mode
[  137.029019][ T8363] bridge_slave_0: entered promiscuous mode
[  137.035929][ T8363] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.043066][ T8363] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.050393][ T8363] bridge_slave_1: entered allmulticast mode
[  137.057086][ T8363] bridge_slave_1: entered promiscuous mode
[  137.094285][ T8363] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.119151][ T8363] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.157924][ T8363] team0: Port device team_slave_0 added
[  137.164739][ T8363] team0: Port device team_slave_1 added
[  137.193663][ T8363] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.200753][ T8363] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.226984][ T8363] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.240979][ T8363] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.248554][ T8363] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.274534][ T8363] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.302314][ T8363] hsr_slave_0: entered promiscuous mode
[  137.308434][ T8363] hsr_slave_1: entered promiscuous mode
[  137.314452][ T8363] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  137.322774][ T8363] Cannot create hsr debugfs directory
[  137.550084][ T8422] loop1: detected capacity change from 0 to 128
[  137.572278][ T8422] syz.1.1748: attempt to access beyond end of device
[  137.572278][ T8422] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[  137.583676][ T8363] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  137.586002][ T8422] Buffer I/O error on dev loop1, logical block 128, lost async page write
[  137.603654][ T8363] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  137.614394][ T8363] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  137.624369][ T8363] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  137.640189][ T8363] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.647367][ T8363] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.654774][ T8363] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.661890][ T8363] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.670368][ T8427] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8427 comm=syz.1.1750
[  137.702735][ T8363] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.723746][   T50] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.732013][   T50] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.749531][ T8428] veth0_vlan: left promiscuous mode
[  137.755291][ T8428] veth0_vlan: entered promiscuous mode
[  137.768499][ T8363] 8021q: adding VLAN 0 to HW filter on device team0
[  137.778711][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.785823][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.808930][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.816060][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.901956][ T8437] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1754'.
[  137.919402][ T8363] 8021q: adding VLAN 0 to HW filter on device batadv0
[  137.926394][ T8437] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1754'.
[  137.956422][ T8437] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1754'.
[  138.007116][ T8363] veth0_vlan: entered promiscuous mode
[  138.017971][ T8363] veth1_vlan: entered promiscuous mode
[  138.034584][ T8363] veth0_macvtap: entered promiscuous mode
[  138.042923][ T8363] veth1_macvtap: entered promiscuous mode
[  138.053535][ T8363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  138.064124][ T8363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.075189][ T8363] batman_adv: batadv0: Interface activated: batadv_slave_0
[  138.083779][ T8363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  138.094298][ T8363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.104252][ T8363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  138.114722][ T8363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.124599][ T8363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  138.135120][ T8363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.148130][ T8363] batman_adv: batadv0: Interface activated: batadv_slave_1
[  138.163355][ T8363] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.172297][ T8363] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.181122][ T8363] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.190152][ T8363] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.206704][ T8456] loop3: detected capacity change from 0 to 512
[  138.214563][ T8456] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  138.235545][ T8456] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.249281][ T8456] ext4 filesystem being mounted at /412/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.305118][ T3265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.667152][ T8509] loop2: detected capacity change from 0 to 512
[  138.677518][ T8509] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  138.702027][ T8509] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.711964][ T8514] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1776'.
[  138.717130][ T8509] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.758080][ T6140] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.778373][ T8515] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[  138.790059][ T8515] 9pnet_fd: Insufficient options for proto=fd
[  138.801304][ T8515] geneve0: entered allmulticast mode
[  138.812450][ T8480] chnl_net:caif_netlink_parms(): no params data found
[  138.867132][ T8480] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.874263][ T8480] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.881596][ T8480] bridge_slave_0: entered allmulticast mode
[  138.888640][ T8480] bridge_slave_0: entered promiscuous mode
[  138.896059][ T8480] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.903226][ T8480] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.919161][ T8480] bridge_slave_1: entered allmulticast mode
[  138.925953][ T8480] bridge_slave_1: entered promiscuous mode
[  138.953787][ T8480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  138.964896][ T8480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  138.969319][ T8526] loop1: detected capacity change from 0 to 512
[  138.992243][ T8480] team0: Port device team_slave_0 added
[  138.995854][ T8526] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1780: corrupted in-inode xattr: invalid ea_ino
[  139.012735][ T8480] team0: Port device team_slave_1 added
[  139.018661][ T8526] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1780: couldn't read orphan inode 15 (err -117)
[  139.031901][ T8526] EXT4-fs (loop1): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.057969][ T8480] batman_adv: batadv0: Adding interface: batadv_slave_0
[  139.064970][ T8480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.090966][ T8480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  139.104717][ T5902] EXT4-fs (loop1): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  139.109637][ T8480] batman_adv: batadv0: Adding interface: batadv_slave_1
[  139.120695][ T8480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.146765][ T8480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  139.177540][ T8480] hsr_slave_0: entered promiscuous mode
[  139.183742][ T8480] hsr_slave_1: entered promiscuous mode
[  139.190746][ T8480] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  139.198361][ T8480] Cannot create hsr debugfs directory
[  139.232649][ T8539] siw: device registration error -23
[  139.416986][ T8480] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.513335][ T8480] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.600233][ T8480] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.667413][ T8480] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.938518][ T8554] loop0: detected capacity change from 0 to 512
[  139.985325][ T8480] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  140.010289][ T8480] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  140.026149][ T8480] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  140.041057][ T8480] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  140.077625][ T8554] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1791: corrupted in-inode xattr: invalid ea_ino
[  140.099261][ T8554] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1791: couldn't read orphan inode 15 (err -117)
[  140.133596][ T8554] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.136667][ T8480] 8021q: adding VLAN 0 to HW filter on device bond0
[  140.157903][ T8480] 8021q: adding VLAN 0 to HW filter on device team0
[  140.167183][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.174302][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.185058][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.192177][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.239499][ T8363] EXT4-fs (loop0): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  140.262161][ T8480] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  140.272695][ T8480] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  140.435776][ T8480] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.444190][ T8564] loop0: detected capacity change from 0 to 128
[  140.469795][ T8564] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  140.504004][ T8564] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  140.637183][   T58] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  140.747457][ T8480] veth0_vlan: entered promiscuous mode
[  140.767083][ T8480] veth1_vlan: entered promiscuous mode
[  140.808991][ T8480] veth0_macvtap: entered promiscuous mode
[  140.822006][ T8480] veth1_macvtap: entered promiscuous mode
[  140.836749][ T8480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.847317][ T8480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.857168][ T8480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.867669][ T8480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.880765][ T8480] batman_adv: batadv0: Interface activated: batadv_slave_0
[  140.892849][ T8480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.903391][ T8480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.913337][ T8480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.923774][ T8480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.933674][ T8480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.944225][ T8480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.954111][ T8480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.964579][ T8480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.977322][ T8480] batman_adv: batadv0: Interface activated: batadv_slave_1
[  140.997424][ T8480] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.006546][ T8480] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.015470][ T8480] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.024414][ T8480] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.090243][ T8594] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8594 comm=syz.4.1761
[  141.835529][ T8621] loop0: detected capacity change from 0 to 512
[  141.849588][ T8621] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1811: corrupted in-inode xattr: invalid ea_ino
[  141.858048][ T8626] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8626 comm=syz.1.1813
[  141.865045][ T8621] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1811: couldn't read orphan inode 15 (err -117)
[  141.896765][ T8621] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.928412][ T8621] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1811: invalid indirect mapped block 234881024 (level 0)
[  141.966680][ T8363] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.029397][ T8626] veth0_vlan: left promiscuous mode
[  142.034762][ T8626] veth0_vlan: entered promiscuous mode
[  142.123243][ T8633] loop1: detected capacity change from 0 to 512
[  142.130379][ T8633] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  142.194808][ T8638] loop0: detected capacity change from 0 to 512
[  142.224997][ T8638] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  142.287267][ T8633] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.303437][ T8638] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.316359][ T8633] ext4 filesystem being mounted at /217/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.327203][ T8638] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.385404][ T8363] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.402891][ T5902] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.472785][ T8654] loop1: detected capacity change from 0 to 128
[  142.481722][ T8655] loop0: detected capacity change from 0 to 512
[  142.493214][ T8655] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1824: corrupted in-inode xattr: invalid ea_ino
[  142.507243][ T8655] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1824: couldn't read orphan inode 15 (err -117)
[  142.522263][ T8655] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.536771][ T8654] syz.1.1825: attempt to access beyond end of device
[  142.536771][ T8654] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[  142.550250][ T8654] Buffer I/O error on dev loop1, logical block 128, lost async page write
[  142.562101][ T8655] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1824: invalid indirect mapped block 234881024 (level 0)
[  142.608278][ T8363] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.623973][ T8658] loop1: detected capacity change from 0 to 512
[  142.632618][ T8658] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1826: corrupted in-inode xattr: invalid ea_ino
[  142.651968][ T8658] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1826: couldn't read orphan inode 15 (err -117)
[  142.667883][ T8658] EXT4-fs (loop1): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.862350][ T5902] EXT4-fs (loop1): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  143.088448][ T8681] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1835'.
[  143.106924][ T8681] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1835'.
[  143.133714][ T8685] loop4: detected capacity change from 0 to 512
[  143.148312][ T8681] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1835'.
[  143.168089][ T8685] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1836: corrupted in-inode xattr: invalid ea_ino
[  143.197971][ T8685] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1836: couldn't read orphan inode 15 (err -117)
[  143.228536][ T8685] EXT4-fs (loop4): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.273960][ T8480] EXT4-fs (loop4): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  143.335567][ T8695] loop1: detected capacity change from 0 to 128
[  143.344969][ T8695] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  143.359158][ T8695] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  143.375819][ T8697] siw: device registration error -23
[  143.422986][   T28] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  143.525602][ T8703] loop4: detected capacity change from 0 to 8192
[  143.541314][ T8703] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  143.542207][ T8708] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8708 comm=syz.1.1845
[  143.617636][   T29] kauditd_printk_skb: 20 callbacks suppressed
[  143.617656][   T29] audit: type=1400 audit(1726815074.842:3467): avc:  denied  { mounton } for  pid=8702 comm="syz.4.1844" path="/9/file2/file0/file0" dev="loop4" ino=66 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  143.651728][ T8703] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  143.658379][ T8703] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  143.666112][ T8703] vhci_hcd vhci_hcd.0: Device attached
[  143.672707][ T8711] vhci_hcd: connection closed
[  143.672968][   T36] vhci_hcd: stop threads
[  143.682009][   T36] vhci_hcd: release socket
[  143.686504][   T36] vhci_hcd: disconnect device
[  143.905205][ T8714] loop0: detected capacity change from 0 to 512
[  143.912309][ T8714] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  143.940979][ T8714] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.954762][ T8714] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.979715][ T8363] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.011505][ T8718] siw: device registration error -23
[  144.373755][ T8736] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8736 comm=syz.4.1856
[  144.637338][ T8746] loop1: detected capacity change from 0 to 512
[  144.646833][ T8746] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1860: corrupted in-inode xattr: invalid ea_ino
[  144.661691][ T8746] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1860: couldn't read orphan inode 15 (err -117)
[  144.674693][ T8746] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.690700][ T8746] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1860: invalid indirect mapped block 234881024 (level 0)
[  144.716978][ T5902] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.084167][ T8762] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.131392][ T8762] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.153966][ T8763] IPVS: Error connecting to the multicast addr
[  145.176808][ T8765] loop1: detected capacity change from 0 to 164
[  145.205601][ T8762] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.219622][ T8765] Unable to read rock-ridge attributes
[  145.233127][ T8765] Unable to read rock-ridge attributes
[  145.262558][ T8762] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.324367][ T8762] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.350486][ T8762] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.372271][ T8762] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.400224][ T8762] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.474249][ T8769] loop4: detected capacity change from 0 to 512
[  145.493274][ T8769] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  145.515596][ T8753] coredump: 566(syz.1.1861): written to core: VMAs: 32, size 89427968; core: 68920291 bytes, pos 89436160
[  145.540095][ T8769] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.566236][ T8769] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.597105][ T8480] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.696142][ T8779] loop4: detected capacity change from 0 to 128
[  145.926126][ T8785] loop4: detected capacity change from 0 to 512
[  145.957692][ T8785] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1874: corrupted in-inode xattr: invalid ea_ino
[  145.971293][ T8785] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1874: couldn't read orphan inode 15 (err -117)
[  145.983767][ T8785] EXT4-fs (loop4): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.033255][ T8480] EXT4-fs (loop4): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  146.187084][ T8793] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8793 comm=syz.1.1877
[  146.897748][ T8803] loop2: detected capacity change from 0 to 128
[  146.906869][ T8803] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  146.922106][ T8803] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  146.938141][ T8808] loop4: detected capacity change from 0 to 512
[  146.946236][ T8808] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1882: corrupted in-inode xattr: invalid ea_ino
[  146.960098][ T8808] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1882: couldn't read orphan inode 15 (err -117)
[  146.973153][ T8808] EXT4-fs (loop4): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.994868][   T11] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  147.016089][ T8480] EXT4-fs (loop4): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  147.034278][ T8796] ==================================================================
[  147.042364][ T8796] BUG: KCSAN: assert: race in dequeue_entities+0x6df/0x760
[  147.049569][ T8796] 
[  147.051898][ T8796] race at unknown origin, with assert no writes to 0xffff888107078068 of 4 bytes by task 8796 on cpu 0:
[  147.063086][ T8796]  dequeue_entities+0x6df/0x760
[  147.067935][ T8796]  pick_next_task_fair+0x7d/0x410
[  147.072959][ T8796]  __schedule+0x27c/0x940
[  147.077289][ T8796]  schedule+0x55/0xc0
[  147.081284][ T8796]  do_nanosleep+0xa3/0x300
[  147.085705][ T8796]  hrtimer_nanosleep+0xc4/0x1c0
[  147.090562][ T8796]  common_nsleep+0x68/0x90
[  147.094996][ T8796]  __se_sys_clock_nanosleep+0x20a/0x240
[  147.100537][ T8796]  __x64_sys_clock_nanosleep+0x55/0x70
[  147.106012][ T8796]  x64_sys_call+0x253f/0x2d60
[  147.110692][ T8796]  do_syscall_64+0xc9/0x1c0
[  147.115227][ T8796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.121119][ T8796] 
[  147.123475][ T8796] value changed: 0x00000000 -> 0x00000001
[  147.129205][ T8796] 
[  147.131517][ T8796] Reported by Kernel Concurrency Sanitizer on:
[  147.137659][ T8796] CPU: 0 UID: 0 PID: 8796 Comm: syz.1.1878 Tainted: G        W          6.11.0-syzkaller-07337-g2004cef11ea0 #0
[  147.149464][ T8796] Tainted: [W]=WARN
[  147.153256][ T8796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  147.163318][ T8796] ==================================================================