last executing test programs:

3.99775483s ago: executing program 0 (id=245):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
readv(r1, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0x1c}], 0x4)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})

3.683342223s ago: executing program 0 (id=249):
r0 = socket$kcm(0x1e, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r1 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[], 0x101d0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
close(0x3)

3.586091177s ago: executing program 0 (id=251):
socket$inet_smc(0x2b, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r2, &(0x7f0000001c80)=[{{&(0x7f0000000240)={0xa, 0x4e21, 0x1, @private0, 0x3}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000440)="14", 0x1}], 0x1}}, {{&(0x7f0000000300)={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0x28}, 0x8}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000800)='M', 0x1}], 0x1}}], 0x2, 0x931766f6319eed40)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101042, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x40000000000, 0x3, 0x4, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
shutdown(r2, 0x1)

3.349555827s ago: executing program 0 (id=252):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff6, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x7000000}, 0x48)

3.262167541s ago: executing program 1 (id=255):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
write(r1, &(0x7f0000000280)="e8bd8a4c56281ba2ba42cfa5b9fe5fc6dcde2ee431f5595ceadb9a2c95e57f15ee4a83f9e7d78ea996f78bd588bedcdbc730d6d15df6d2a26ca4e55e97ed0522a190ce241a37bad3317fba7e4be3dbbfec5e2f401b5658cc8fda", 0xffffffe5)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x7f)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000080), &(0x7f0000000280)=0x4)

3.06121271s ago: executing program 3 (id=256):
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='workqueue_queue_work\x00', r0, 0x0, 0xd4}, 0x18)
socket$netlink(0x10, 0x3, 0xa)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r3 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
r4 = fcntl$dupfd(r2, 0x406, r2)
ioctl$MON_IOCX_GETX(r3, 0x4018920a, &(0x7f00000000c0)={&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000940)=""/4096, 0x1000})
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

2.748418693s ago: executing program 3 (id=258):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000b00)={0xa, 0xfdfe, 0x100007, @remote, 0xa}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x2, 0x0, {0xa, 0x0, 0xf9d, @private2={0xfc, 0x2, '\x00', 0x1}}}}, 0x32)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)

2.619397268s ago: executing program 0 (id=260):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
accept$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
shmctl$SHM_INFO(0x0, 0xe, &(0x7f00000004c0)=""/38)

2.594933759s ago: executing program 3 (id=261):
socket$inet_smc(0x2b, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r2, &(0x7f0000001c80)=[{{&(0x7f0000000240)={0xa, 0x4e21, 0x1, @private0, 0x3}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000440)="14", 0x1}], 0x1}}, {{&(0x7f0000000300)={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0x28}, 0x8}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000800)='M', 0x1}], 0x1}}], 0x2, 0x931766f6319eed40)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101042, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x40000000000, 0x3, 0x4, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
shutdown(r2, 0x1)

2.496347233s ago: executing program 0 (id=262):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x1f00, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x4, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4040c00)

2.416498497s ago: executing program 3 (id=263):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x9, 0x1, 0x56d, 0x2}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001f80), 0xfffffffb, r2}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200), &(0x7f00000004c0), 0x1000, r2, 0x0, 0x11000000}, 0x38)

2.264995814s ago: executing program 1 (id=265):
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r2, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="5c00000015006b0300224ed86e6c1d000a117ea6e070d6064e22000300000000250002000f00000017d34460bc24eab556a705251e6182949a00003d3b48dfd8cdbf9767b4fa51f62a64c9f4060046d88037e786a6d0a5d700000017", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

2.09996259s ago: executing program 1 (id=267):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000700)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',access=', @ANYBLOB="03"])

1.863307501s ago: executing program 1 (id=268):
openat(0xffffffffffffff9c, 0x0, 0x35b043, 0x13)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r1, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000500)=""/18, 0x12, 0x3, 0x4, 0x0, 0x0, 0xc04}}, 0x120)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}], 0x1)

1.838709862s ago: executing program 2 (id=269):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x80}, 0x18)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
lsetxattr$trusted_overlay_origin(&(0x7f00000004c0)='./file0/../file0\x00', &(0x7f0000000500), 0x0, 0x0, 0x3)

1.672842669s ago: executing program 2 (id=270):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0}, 0x94)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

1.493576226s ago: executing program 3 (id=271):
socket$inet_smc(0x2b, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r2, &(0x7f0000001c80)=[{{&(0x7f0000000240)={0xa, 0x4e21, 0x1, @private0, 0x3}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000440)="14", 0x1}], 0x1}}, {{&(0x7f0000000300)={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0x28}, 0x8}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000800)='M', 0x1}], 0x1}}], 0x2, 0x931766f6319eed40)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101042, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x40000000000, 0x3, 0x4, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
shutdown(r2, 0x1)

1.346386713s ago: executing program 3 (id=272):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
readv(r1, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0x1c}], 0x4)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000080)={0x0, 'syzkaller1\x00', {0x4}, 0x1})
ioctl$SIOCSIFHWADDR(r2, 0x8914, 0x0)

1.195259799s ago: executing program 1 (id=273):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
write(r1, &(0x7f0000000280)="e8bd8a4c56281ba2ba42cfa5b9fe5fc6dcde2ee431f5595ceadb9a2c95e57f15ee4a83f9e7d78ea996f78bd588bedcdbc730d6d15df6d2a26ca4e55e97ed0522a190ce241a37bad3317fba7e4be3dbbfec5e2f401b5658cc8fda", 0xffffffe5)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x7f)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000080), &(0x7f0000000280)=0x4)

516.766428ms ago: executing program 2 (id=274):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="180200000000000000000000000000008500000053000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000d00)="e0274239ad0d85490a4ddf977499", 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

306.994507ms ago: executing program 1 (id=275):
symlinkat(&(0x7f0000001b00)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xadz\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)="e502", 0x2)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r2 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='bridge_slave_0\x00', 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), r2)
getpeername$packet(r2, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000002c0)=0x14)
ioctl$PPPIOCGIDLE32(0xffffffffffffffff, 0x8008743f, &(0x7f0000000800))
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r3=>0x0})
sendto$packet(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x14000b01, &(0x7f00000000c0)={0x11, 0x5, r3, 0x1, 0x80}, 0x14)
getsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f0000000400)={@remote, @loopback}, &(0x7f0000000440)=0xc)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000000580)={'erspan0\x00', &(0x7f0000000480)={'gretap0\x00', 0x0, 0x20, 0x20, 0xfff, 0x24dd, {{0x28, 0x4, 0x3, 0x39, 0xa0, 0x65, 0x0, 0xfe, 0x2f, 0x0, @broadcast, @loopback, {[@lsrr={0x83, 0x1f, 0x5b, [@dev={0xac, 0x14, 0x14, 0x2a}, @empty, @empty, @broadcast, @multicast2, @remote, @multicast2]}, @ra={0x94, 0x4}, @ra={0x94, 0x4, 0x1}, @generic={0x7, 0x4, "ee10"}, @timestamp_addr={0x44, 0xc, 0x3c, 0x1, 0x8, [{@remote, 0x5}]}, @end, @timestamp_prespec={0x44, 0x54, 0xdd, 0x3, 0xa, [{@multicast2, 0x5}, {@local, 0xb}, {@multicast2, 0xe6c}, {@multicast1, 0x800}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0xfe10}, {@empty, 0x1}, {@private=0xa010100, 0x5}, {@broadcast, 0x200}, {@dev={0xac, 0x14, 0x14, 0x28}, 0x4}, {@remote, 0x6}]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001d00070f000000200300000007000000", @ANYRES32, @ANYBLOB="5a006708060005"], 0x24}}, 0x0)
connect$inet(r2, &(0x7f0000000540)={0x2, 0x4e60, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)

247.319239ms ago: executing program 2 (id=276):
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r2, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="5c00000015006b0300224ed86e6c1d000a117ea6e070d6064e22000300000000250002000f00000017d34460bc24eab556a705251e6182949a00003d3b48dfd8cdbf9767b4fa51f62a64c9f4060046d88037e786a6d0a5d700000017", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

211.237501ms ago: executing program 2 (id=277):
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='workqueue_queue_work\x00', r0, 0x0, 0xd4}, 0x18)
socket$netlink(0x10, 0x3, 0xa)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
r3 = fcntl$dupfd(r1, 0x406, r1)
ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f00000000c0)={&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000940)=""/4096, 0x1000})
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

0s ago: executing program 2 (id=278):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000200)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==")

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.206' (ED25519) to the list of known hosts.
[   57.572237][ T5768] cgroup: Unknown subsys name 'net'
[   57.681754][ T5768] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   59.121414][ T5768] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   60.669383][ T5789] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   60.678899][ T5789] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   60.680019][ T5791] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   60.688301][ T5789] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   60.701810][ T5789] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   60.711004][ T5789] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   60.718519][ T5789] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   60.723101][ T5792] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   60.726160][ T5789] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   60.740979][ T5793] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   60.741869][ T5789] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   60.751151][ T5793] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   60.756823][ T5789] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   60.763883][ T5794] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   60.770364][ T5101] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   60.786060][ T5101] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   60.788148][ T5794] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   60.794373][ T5101] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   60.809130][ T5101] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   60.813153][ T5794] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   60.816413][ T5789] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   60.823863][ T5794] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   60.830598][ T5101] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   60.845306][ T5789] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   61.338419][ T5779] chnl_net:caif_netlink_parms(): no params data found
[   61.355597][ T5781] chnl_net:caif_netlink_parms(): no params data found
[   61.424104][ T5778] chnl_net:caif_netlink_parms(): no params data found
[   61.464243][ T5780] chnl_net:caif_netlink_parms(): no params data found
[   61.561380][ T5779] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.569397][ T5779] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.577117][ T5779] bridge_slave_0: entered allmulticast mode
[   61.583893][ T5779] bridge_slave_0: entered promiscuous mode
[   61.610949][ T5779] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.618538][ T5779] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.625950][ T5779] bridge_slave_1: entered allmulticast mode
[   61.632622][ T5779] bridge_slave_1: entered promiscuous mode
[   61.639865][ T5781] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.647221][ T5781] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.654470][ T5781] bridge_slave_0: entered allmulticast mode
[   61.661375][ T5781] bridge_slave_0: entered promiscuous mode
[   61.693955][ T5781] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.701325][ T5781] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.708759][ T5781] bridge_slave_1: entered allmulticast mode
[   61.715492][ T5781] bridge_slave_1: entered promiscuous mode
[   61.781968][ T5778] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.789373][ T5778] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.797289][ T5778] bridge_slave_0: entered allmulticast mode
[   61.803960][ T5778] bridge_slave_0: entered promiscuous mode
[   61.813611][ T5779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.825740][ T5779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.843749][ T5780] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.851480][ T5780] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.859264][ T5780] bridge_slave_0: entered allmulticast mode
[   61.866115][ T5780] bridge_slave_0: entered promiscuous mode
[   61.873727][ T5778] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.881127][ T5778] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.888874][ T5778] bridge_slave_1: entered allmulticast mode
[   61.896312][ T5778] bridge_slave_1: entered promiscuous mode
[   61.913335][ T5781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.925642][ T5781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.935012][ T5780] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.942115][ T5780] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.950085][ T5780] bridge_slave_1: entered allmulticast mode
[   61.957478][ T5780] bridge_slave_1: entered promiscuous mode
[   62.032829][ T5778] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.046043][ T5779] team0: Port device team_slave_0 added
[   62.054184][ T5778] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.075906][ T5780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.109812][ T5779] team0: Port device team_slave_1 added
[   62.118373][ T5781] team0: Port device team_slave_0 added
[   62.138270][ T5780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.161421][ T5778] team0: Port device team_slave_0 added
[   62.170107][ T5778] team0: Port device team_slave_1 added
[   62.177202][ T5781] team0: Port device team_slave_1 added
[   62.197076][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.204044][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.230302][ T5779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.284847][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.291912][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.318331][ T5779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.333115][ T5780] team0: Port device team_slave_0 added
[   62.342202][ T5780] team0: Port device team_slave_1 added
[   62.388797][ T5778] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.396140][ T5778] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.422435][ T5778] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.436112][ T5778] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.443073][ T5778] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.469084][ T5778] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.481356][ T5781] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.488401][ T5781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.514723][ T5781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.527175][ T5781] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.534153][ T5781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.560207][ T5781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.613848][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.621604][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.647589][ T5780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.683628][ T5779] hsr_slave_0: entered promiscuous mode
[   62.690575][ T5779] hsr_slave_1: entered promiscuous mode
[   62.712029][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.719149][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.745343][ T5780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.766079][ T5778] hsr_slave_0: entered promiscuous mode
[   62.772306][ T5778] hsr_slave_1: entered promiscuous mode
[   62.778702][ T5778] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   62.787143][ T5778] Cannot create hsr debugfs directory
[   62.818100][ T5781] hsr_slave_0: entered promiscuous mode
[   62.824299][ T5781] hsr_slave_1: entered promiscuous mode
[   62.833036][ T5781] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   62.840662][ T5781] Cannot create hsr debugfs directory
[   62.870167][ T5101] Bluetooth: hci2: command tx timeout
[   62.874775][ T5782] Bluetooth: hci0: command tx timeout
[   62.948925][ T5782] Bluetooth: hci1: command tx timeout
[   62.948941][ T5101] Bluetooth: hci3: command tx timeout
[   62.962742][ T5780] hsr_slave_0: entered promiscuous mode
[   62.969855][ T5780] hsr_slave_1: entered promiscuous mode
[   62.976574][ T5780] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   62.984149][ T5780] Cannot create hsr debugfs directory
[   63.271706][ T5779] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.303510][ T5779] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.313937][ T5779] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.341217][ T5779] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.407689][ T5781] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   63.419144][ T5781] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   63.428996][ T5781] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   63.440559][ T5781] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   63.512121][ T5778] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   63.551584][ T5778] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   63.562246][ T5778] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   63.603722][ T5778] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   63.643379][ T5780] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   63.660456][ T5780] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   63.698043][ T5780] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   63.709034][ T5780] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   63.769165][ T5779] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.825174][ T5779] 8021q: adding VLAN 0 to HW filter on device team0
[   63.840822][ T5781] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.883473][ T5781] 8021q: adding VLAN 0 to HW filter on device team0
[   63.903798][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.911240][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.924546][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.931696][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.946576][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.953722][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.979369][ T5778] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.995947][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.003125][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.055805][ T5780] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.070002][ T5778] 8021q: adding VLAN 0 to HW filter on device team0
[   64.090089][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.097266][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.126155][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.133282][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.182472][ T5780] 8021q: adding VLAN 0 to HW filter on device team0
[   64.201651][ T5781] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   64.247536][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.254714][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.276675][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.283831][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.652319][ T5779] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.671137][ T5781] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.823152][ T5779] veth0_vlan: entered promiscuous mode
[   64.840741][ T5781] veth0_vlan: entered promiscuous mode
[   64.851358][ T5778] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.868734][ T5780] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.883740][ T5779] veth1_vlan: entered promiscuous mode
[   64.898556][ T5781] veth1_vlan: entered promiscuous mode
[   64.949174][ T5782] Bluetooth: hci0: command tx timeout
[   64.949185][ T5101] Bluetooth: hci2: command tx timeout
[   64.985145][ T5779] veth0_macvtap: entered promiscuous mode
[   65.015661][ T5779] veth1_macvtap: entered promiscuous mode
[   65.022524][ T5780] veth0_vlan: entered promiscuous mode
[   65.028246][ T5101] Bluetooth: hci1: command tx timeout
[   65.035069][ T5101] Bluetooth: hci3: command tx timeout
[   65.054256][ T5778] veth0_vlan: entered promiscuous mode
[   65.066403][ T5781] veth0_macvtap: entered promiscuous mode
[   65.079347][ T5780] veth1_vlan: entered promiscuous mode
[   65.097024][ T5781] veth1_macvtap: entered promiscuous mode
[   65.107555][ T5778] veth1_vlan: entered promiscuous mode
[   65.122467][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.152328][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.167627][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.180536][ T5781] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.196475][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.212191][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.222773][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.235446][ T5781] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.247181][ T5781] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.256281][ T5781] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.265605][ T5781] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.274339][ T5781] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.308481][ T5779] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.317666][ T5779] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.327477][ T5779] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.337146][ T5779] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.351563][ T5780] veth0_macvtap: entered promiscuous mode
[   65.375285][ T5780] veth1_macvtap: entered promiscuous mode
[   65.439998][ T5778] veth0_macvtap: entered promiscuous mode
[   65.452074][ T5778] veth1_macvtap: entered promiscuous mode
[   65.485371][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.503369][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.510407][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.517896][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.531610][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.542391][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.555348][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.576964][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.589338][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.599598][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.611026][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.622355][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.632422][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.643213][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.653328][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.663985][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.674573][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.685376][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.696667][ T5778] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.717558][ T5780] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.726389][ T5780] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.735520][ T5780] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.744224][ T5780] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.779140][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.790055][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.800381][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.811038][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.821132][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.833962][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.846384][ T5778] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.885076][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.892946][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.899469][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.922016][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.924127][ T5778] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.942614][ T5778] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.951785][ T5778] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.960878][ T5778] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.042335][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.075155][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.143036][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.161051][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.241980][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.251204][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.286442][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.300451][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.330574][ T5866] syz.2.3[5866]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   66.389485][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.398856][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.420831][ T5866] loop2: detected capacity change from 0 to 1024
[   66.461365][ T5866] EXT4-fs: inline encryption not supported
[   66.478205][ T5866] EXT4-fs: Ignoring removed orlov option
[   66.557655][ T5866] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800c119, mo2=0002]
[   66.596215][ T5866] System zones: 0-1, 3-12
[   66.618334][ T5866] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.671179][   T27] audit: type=1326 audit(1763895851.633:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5865 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8118f749 code=0x7ffc0000
[   66.782315][   T27] audit: type=1326 audit(1763895851.633:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5865 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8118f749 code=0x7ffc0000
[   66.853867][ T5875] unsupported nla_type 52263
[   66.857320][   T27] audit: type=1326 audit(1763895851.633:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5865 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d8118f749 code=0x7ffc0000
[   66.984009][   T27] audit: type=1326 audit(1763895851.633:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5865 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8118f749 code=0x7ffc0000
[   66.989829][ T5879] loop0: detected capacity change from 0 to 512
[   67.042510][ T5101] Bluetooth: hci2: command tx timeout
[   67.044174][ T5782] Bluetooth: hci0: command tx timeout
[   67.093827][ T5879] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   67.105928][   T27] audit: type=1326 audit(1763895851.633:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5865 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7f2d8118f749 code=0x7ffc0000
[   67.105969][   T27] audit: type=1326 audit(1763895851.633:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5865 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8118f749 code=0x7ffc0000
[   67.105999][   T27] audit: type=1326 audit(1763895851.633:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5865 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2d8118f749 code=0x7ffc0000
[   67.106026][   T27] audit: type=1326 audit(1763895851.633:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5865 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2d8118f783 code=0x7ffc0000
[   67.106058][   T27] audit: type=1326 audit(1763895851.653:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5865 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2d8118e1ff code=0x7ffc0000
[   67.106087][   T27] audit: type=1326 audit(1763895851.703:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5865 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2d8118f7d7 code=0x7ffc0000
[   67.106602][ T5782] Bluetooth: hci3: command tx timeout
[   67.106638][ T5782] Bluetooth: hci1: command tx timeout
[   67.288422][ T5879] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[   67.314426][ T5887] syz.1.8[5887] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.314985][ T5887] syz.1.8[5887] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.315443][ T5879] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.6: Corrupt directory, running e2fsck is recommended
[   67.374453][ T5887] loop1: detected capacity change from 0 to 512
[   67.379636][ T5879] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   67.392321][ T5879] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2249: inode #15: comm syz.0.6: corrupted in-inode xattr: invalid ea_ino
[   67.408111][ T5879] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.6: couldn't read orphan inode 15 (err -117)
[   67.426333][ T5887] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   67.440753][ T5879] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.503237][ T5879] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   67.540718][ T5879] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[   67.553663][ T5879] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.6: Corrupt directory, running e2fsck is recommended
[   67.565776][ T5887] EXT4-fs (loop1): 1 orphan inode deleted
[   67.580870][ T5887] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.600404][   T11] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u4:0: Failed to release dquot type 1
[   67.622761][ T5879] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   67.629207][ T5887] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.636385][ T5879] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[   67.656708][ T5879] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.6: Corrupt directory, running e2fsck is recommended
[   67.675240][ T5879] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   67.710774][ T5879] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[   67.734429][ T5879] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.6: Corrupt directory, running e2fsck is recommended
[   67.740925][ T5879] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   67.741155][ T5879] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 3: comm syz.0.6: path /2/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   67.746671][ T5879] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 64: comm syz.0.6: path /2/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   67.889871][ T5779] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.977682][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.983671][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.161376][ T5900] syz.0.13 uses obsolete (PF_INET,SOCK_PACKET)
[   68.539051][ T5909] netlink: 'syz.2.12': attribute type 4 has an invalid length.
[   68.547232][ T5909] netlink: 17 bytes leftover after parsing attributes in process `syz.2.12'.
[   69.106446][ T5101] Bluetooth: hci2: command tx timeout
[   69.111982][ T5782] Bluetooth: hci0: command tx timeout
[   69.185370][ T5782] Bluetooth: hci3: command tx timeout
[   69.192468][ T5101] Bluetooth: hci1: command tx timeout
[   69.576464][ T5921] syz.3.19[5921] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.576667][ T5921] syz.3.19[5921] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.688459][ T5921] loop3: detected capacity change from 0 to 512
[   69.909203][ T5914] loop0: detected capacity change from 0 to 8192
[   69.919564][ T5921] EXT4-fs (loop3): 1 orphan inode deleted
[   69.970791][ T5921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.004251][ T5914]  loop0: p1 p2 p4 < >
[   70.045522][ T5914] loop0: partition table partially beyond EOD, truncated
[   70.091390][ T5921] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.114584][ T5914] loop0: p1 start 16777216 is beyond EOD, truncated
[   70.121241][ T5914] loop0: p2 size 515840 extends beyond EOD, truncated
[   70.164534][    C0] sched: RT throttling activated
[   70.171266][   T59] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u4:4: Failed to release dquot type 1
[   70.282510][ T5914] loop0: p4 start 16777216 is beyond EOD, truncated
[   70.368111][ T5931] loop1: detected capacity change from 0 to 1024
[   70.369068][ T5931] EXT4-fs: inline encryption not supported
[   70.398455][ T5931] EXT4-fs: Ignoring removed orlov option
[   70.460642][ T5931] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800c119, mo2=0002]
[   70.460760][ T5931] System zones: 0-1, 3-12
[   70.462402][ T5931] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.577456][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   70.749890][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.620369][ T5960] loop3: detected capacity change from 0 to 8192
[   71.670439][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.689113][ T5960]  loop3: p1 p2 p4 < >
[   71.698394][ T5960] loop3: partition table partially beyond EOD, truncated
[   71.752539][ T5963] netlink: 'syz.0.32': attribute type 4 has an invalid length.
[   71.760237][ T5963] netlink: 17 bytes leftover after parsing attributes in process `syz.0.32'.
[   71.935182][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[   71.959656][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[   72.314882][ T5960] loop3: p1 start 16777216 is beyond EOD, truncated
[   72.321540][ T5960] loop3: p2 size 515840 extends beyond EOD, truncated
[   72.462341][ T5960] loop3: p4 start 16777216 is beyond EOD, truncated
[   72.588838][ T5969] syz.1.34[5969] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.589039][ T5969] syz.1.34[5969] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.726124][ T5969] loop1: detected capacity change from 0 to 512
[   72.916147][ T5969] EXT4-fs (loop1): 1 orphan inode deleted
[   72.971643][ T5969] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.044164][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   73.086613][ T5969] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.156170][   T49] __quota_error: 66 callbacks suppressed
[   73.156184][   T49] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   73.229062][   T27] audit: type=1800 audit(1763895858.213:76): pid=5969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.34" name="bus" dev="loop1" ino=18 res=0 errno=0
[   73.254581][   T49] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u4:3: Failed to release dquot type 1
[   73.576983][ T5985] netlink: 36 bytes leftover after parsing attributes in process `syz.0.40'.
[   73.596608][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.618666][ T5987] loop2: detected capacity change from 0 to 1024
[   73.639430][ T5987] =======================================================
[   73.639430][ T5987] WARNING: The mand mount option has been deprecated and
[   73.639430][ T5987]          and is ignored by this kernel. Remove the mand
[   73.639430][ T5987]          option from the mount to silence this warning.
[   73.639430][ T5987] =======================================================
[   73.703833][ T5985] netlink: 36 bytes leftover after parsing attributes in process `syz.0.40'.
[   73.727447][ T5987] EXT4-fs: Ignoring removed nobh option
[   73.766548][ T5993] Driver unsupported XDP return value 0 on prog  (id 22) dev N/A, expect packet loss!
[   73.776783][ T5987] EXT4-fs: Ignoring removed bh option
[   73.801269][ T5987] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   73.867504][ T5987] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.923434][ T5985] netlink: 36 bytes leftover after parsing attributes in process `syz.0.40'.
[   74.052045][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.220098][ T6001] loop1: detected capacity change from 0 to 8192
[   74.304229][ T6001]  loop1: p1 p2 p4 < >
[   74.315730][ T6001] loop1: partition table partially beyond EOD, truncated
[   74.349320][ T6001] loop1: p1 start 16777216 is beyond EOD, truncated
[   74.360002][ T6001] loop1: p2 size 515840 extends beyond EOD, truncated
[   74.391071][ T6001] loop1: p4 start 16777216 is beyond EOD, truncated
[   74.656374][ T6018] syz.1.51[6018] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   74.656575][ T6018] syz.1.51[6018] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   74.754996][ T6019] netlink: 'syz.0.49': attribute type 4 has an invalid length.
[   74.773824][ T6019] netlink: 17 bytes leftover after parsing attributes in process `syz.0.49'.
[   75.346308][ T6018] loop1: detected capacity change from 0 to 512
[   75.472924][ T6018] EXT4-fs (loop1): 1 orphan inode deleted
[   75.524151][ T6018] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.566891][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   75.608930][ T6018] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.705946][   T27] audit: type=1800 audit(1763895860.683:77): pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.51" name="bus" dev="loop1" ino=16 res=0 errno=0
[   76.085334][ T6029] netlink: 64 bytes leftover after parsing attributes in process `syz.3.53'.
[   76.170970][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.629552][ T6038] loop1: detected capacity change from 0 to 1024
[   76.659248][ T6038] EXT4-fs: Ignoring removed orlov option
[   76.727554][ T6038] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.804795][   T27] audit: type=1800 audit(1763895861.793:78): pid=6038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.54" name="bus" dev="loop1" ino=18 res=0 errno=0
[   76.835913][   T27] audit: type=1804 audit(1763895861.813:79): pid=6038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.54" name="/newroot/12/bus/bus" dev="loop1" ino=18 res=1 errno=0
[   77.075276][ T6054] syz.0.62[6054] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.075503][ T6054] syz.0.62[6054] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.101845][ T6043] loop3: detected capacity change from 0 to 8192
[   77.165837][ T6054] loop0: detected capacity change from 0 to 512
[   77.192990][ T6043]  loop3: p1 p2 p4 < >
[   77.205767][ T6043] loop3: partition table partially beyond EOD, truncated
[   77.213217][ T6043] loop3: p1 start 16777216 is beyond EOD, truncated
[   77.240392][ T6043] loop3: p2 size 515840 extends beyond EOD, truncated
[   77.283205][ T6054] EXT4-fs (loop0): 1 orphan inode deleted
[   77.304861][   T12] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   77.330030][ T6043] loop3: p4 start 16777216 is beyond EOD, truncated
[   77.346405][ T6054] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.364812][   T12] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u4:1: Failed to release dquot type 1
[   77.394962][ T6054] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.566024][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.738436][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   77.879780][   T27] audit: type=1326 audit(1763895862.803:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.1.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   77.879837][   T27] audit: type=1326 audit(1763895862.813:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.1.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   77.879874][   T27] audit: type=1326 audit(1763895862.823:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.1.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   77.879909][   T27] audit: type=1326 audit(1763895862.823:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.1.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   78.150805][ T6071] netlink: 'syz.2.66': attribute type 4 has an invalid length.
[   78.158565][ T6071] netlink: 17 bytes leftover after parsing attributes in process `syz.2.66'.
[   79.164189][ T5779] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.593130][ T6087] netlink: 76 bytes leftover after parsing attributes in process `syz.1.74'.
[   79.665289][ T6081] loop3: detected capacity change from 0 to 8192
[   79.800927][ T6081]  loop3: p1 p2 p4 < >
[   79.808656][ T6081] loop3: partition table partially beyond EOD, truncated
[   79.844221][ T6081] loop3: p1 start 16777216 is beyond EOD, truncated
[   79.881414][ T6081] loop3: p2 size 515840 extends beyond EOD, truncated
[   79.903841][ T6081] loop3: p4 start 16777216 is beyond EOD, truncated
[   80.039652][ T6093] syz.2.76[6093] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.039846][ T6093] syz.2.76[6093] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.077823][   T27] kauditd_printk_skb: 9 callbacks suppressed
[   80.077838][   T27] audit: type=1326 audit(1763895865.063:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.0.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96bc38f749 code=0x7ffc0000
[   80.164169][ T6093] loop2: detected capacity change from 0 to 512
[   80.227532][ T6100] netlink: 12 bytes leftover after parsing attributes in process `syz.1.77'.
[   80.516368][   T27] audit: type=1326 audit(1763895865.063:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.0.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96bc38f749 code=0x7ffc0000
[   80.714330][ T6093] EXT4-fs (loop2): 1 orphan inode deleted
[   80.849727][   T27] audit: type=1326 audit(1763895865.063:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.0.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f96bc38f749 code=0x7ffc0000
[   80.854153][   T49] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   80.872382][   T27] audit: type=1326 audit(1763895865.063:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.0.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96bc38f749 code=0x7ffc0000
[   80.873733][ T6093] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.957103][   T49] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u4:3: Failed to release dquot type 1
[   80.965427][ T6093] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.032987][ T5771] udevd[5771]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   81.338152][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.494948][   T27] audit: type=1326 audit(1763895866.473:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6121 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8118f749 code=0x7ffc0000
[   81.540121][ T6122] loop2: detected capacity change from 0 to 1024
[   81.562645][ T6122] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   81.572623][   T27] audit: type=1326 audit(1763895866.473:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6121 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d8118f749 code=0x7ffc0000
[   81.688367][   T27] audit: type=1326 audit(1763895866.473:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6121 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2d8118f749 code=0x7ffc0000
[   81.743858][ T6122] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.780414][   T27] audit: type=1326 audit(1763895866.473:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6121 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2d8118f783 code=0x7ffc0000
[   81.803963][   T27] audit: type=1326 audit(1763895866.513:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6121 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2d8118e1ff code=0x7ffc0000
[   81.860831][ T6122] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   81.918610][   T28] cfg80211: failed to load regulatory.db
[   81.948981][ T6132] netlink: 'syz.3.85': attribute type 4 has an invalid length.
[   81.956717][ T6132] netlink: 17 bytes leftover after parsing attributes in process `syz.3.85'.
[   82.514915][ T6134] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[   82.888643][ T6134] +}[@ (6134) used greatest stack depth: 17960 bytes left
[   82.927795][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.181377][ T6141] loop1: detected capacity change from 0 to 8192
[   83.377482][ T6141]  loop1: p1 p2 p4 < >
[   83.407269][ T6141] loop1: partition table partially beyond EOD, truncated
[   83.462126][ T6141] loop1: p1 start 16777216 is beyond EOD, truncated
[   83.514728][ T6141] loop1: p2 size 515840 extends beyond EOD, truncated
[   83.570518][ T6141] loop1: p4 start 16777216 is beyond EOD, truncated
[   83.675561][ T6151] syz.0.92[6151] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   83.675757][ T6151] syz.0.92[6151] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   83.763253][ T5773] I/O error, dev loop1, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   83.858998][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   84.651246][ T6179] netlink: 14 bytes leftover after parsing attributes in process `syz.1.101'.
[   84.780701][ T6183] netlink: 'syz.2.103': attribute type 4 has an invalid length.
[   84.788596][ T6183] netlink: 17 bytes leftover after parsing attributes in process `syz.2.103'.
[   85.647972][ T6186] loop1: detected capacity change from 0 to 2048
[   85.983874][ T6186] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #2: comm syz.1.101: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   86.016290][ T6187] loop0: detected capacity change from 0 to 8192
[   86.108229][ T6187]  loop0: p1 p2 p4 < >
[   86.125247][ T6187] loop0: partition table partially beyond EOD, truncated
[   86.164438][ T6186] EXT4-fs (loop1): get root inode failed
[   86.171917][ T6187] loop0: p1 start 16777216 is beyond EOD, truncated
[   86.202300][ T6186] EXT4-fs (loop1): mount failed
[   86.324910][ T6187] loop0: p2 size 515840 extends beyond EOD, truncated
[   86.347922][ T6187] loop0: p4 start 16777216 is beyond EOD, truncated
[   86.759263][ T6186] Zero length message leads to an empty skb
[   86.773916][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   86.816940][ T6203] loop2: detected capacity change from 0 to 4096
[   86.937837][ T6203] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.004356][ T6211] process 'syz.0.112' launched './file0' with NULL argv: empty string added
[   87.093173][   T27] kauditd_printk_skb: 42 callbacks suppressed
[   87.093192][   T27] audit: type=1800 audit(1763895872.063:144): pid=6203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.110" name="file1" dev="loop2" ino=15 res=0 errno=0
[   87.220769][ T6214] syz.3.113[6214] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   87.220988][ T6214] syz.3.113[6214] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   87.323957][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.519765][ T6217] loop0: detected capacity change from 0 to 512
[   87.521516][ T6217] EXT4-fs: Ignoring removed oldalloc option
[   87.570755][ T6217] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.570878][ T6217] ext4 filesystem being mounted at /28/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   88.034923][ T6179] syz.1.101: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[   88.055903][ T6179] CPU: 0 PID: 6179 Comm: syz.1.101 Not tainted syzkaller #0
[   88.063243][ T6179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   88.073333][ T6179] Call Trace:
[   88.076640][ T6179]  <TASK>
[   88.079608][ T6179]  dump_stack_lvl+0x16c/0x230
[   88.084375][ T6179]  ? show_regs_print_info+0x20/0x20
[   88.089603][ T6179]  ? load_image+0x3b0/0x3b0
[   88.094229][ T6179]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[   88.100675][ T6179]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[   88.107212][ T6179]  warn_alloc+0x210/0x300
[   88.111672][ T6179]  ? zone_watermark_ok_safe+0x230/0x230
[   88.117264][ T6179]  ? _raw_spin_unlock+0x28/0x40
[   88.122163][ T6179]  __vmalloc_node_range+0x662/0x1320
[   88.127515][ T6179]  ? free_vm_area+0x50/0x50
[   88.132076][ T6179]  ? _raw_spin_unlock+0x28/0x40
[   88.136963][ T6179]  ? __kasan_kmalloc+0x8f/0xa0
[   88.139315][ T6228] loop2: detected capacity change from 0 to 8192
[   88.141741][ T6179]  __vmalloc_node_range+0x568/0x1320
[   88.153408][ T6179]  ? hash_netiface_create+0x361/0xff0
[   88.158815][ T6179]  ? __asan_memset+0x22/0x40
[   88.163469][ T6179]  ? free_vm_area+0x50/0x50
[   88.168016][ T6179]  ? kvmalloc_node+0x70/0x180
[   88.172728][ T6179]  ? rcu_is_watching+0x15/0xb0
[   88.177531][ T6179]  ? kvmalloc_node+0x70/0x180
[   88.182246][ T6179]  ? trace_kmalloc+0x1f/0xa0
[   88.186877][ T6179]  kvmalloc_node+0x13f/0x180
[   88.191503][ T6179]  ? hash_netiface_create+0x361/0xff0
[   88.196912][ T6179]  hash_netiface_create+0x361/0xff0
[   88.202149][ T6179]  ? __lock_acquire+0x7c80/0x7c80
[   88.207211][ T6179]  ? __nla_parse+0x40/0x50
[   88.211670][ T6179]  ? hash_netport6_gc+0x570/0x570
[   88.216734][ T6179]  ip_set_create+0xa87/0x18e0
[   88.221461][ T6179]  ? ip_set_create+0x4b2/0x18e0
[   88.226368][ T6179]  ? ip_set_protocol+0x5d0/0x5d0
[   88.231344][ T6179]  ? trace_contention_end+0x39/0xe0
[   88.236616][ T6179]  nfnetlink_rcv_msg+0xb49/0x1130
[   88.241679][ T6179]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   88.247789][ T6179]  ? nfnetlink_rcv_msg+0x20e/0x1130
[   88.253041][ T6179]  ? nfnetlink_unbind+0x160/0x160
[   88.258126][ T6179]  ? __dev_queue_xmit+0x1a64/0x35a0
[   88.263356][ T6179]  ? __netlink_deliver_tap+0x5ab/0x830
[   88.268856][ T6179]  ? netlink_deliver_tap+0x19c/0x1b0
[   88.274178][ T6179]  ? netlink_unicast+0x72c/0x8d0
[   88.279157][ T6179]  ? netlink_sendmsg+0x8c1/0xbe0
[   88.284132][ T6179]  ? ____sys_sendmsg+0x5bf/0x950
[   88.289111][ T6179]  ? ___sys_sendmsg+0x220/0x290
[   88.294003][ T6179]  ? __se_sys_sendmsg+0x1a5/0x270
[   88.299063][ T6179]  ? do_syscall_64+0x55/0xb0
[   88.303699][ T6179]  netlink_rcv_skb+0x216/0x480
[   88.308513][ T6179]  ? nfnetlink_unbind+0x160/0x160
[   88.313580][ T6179]  ? netlink_ack+0x1110/0x1110
[   88.318395][ T6179]  ? apparmor_capable+0x137/0x1a0
[   88.323459][ T6179]  ? bpf_lsm_capable+0x9/0x10
[   88.328176][ T6179]  ? security_capable+0x89/0xb0
[   88.333076][ T6179]  nfnetlink_rcv+0x274/0x2180
[   88.337801][ T6179]  ? __local_bh_enable_ip+0x12e/0x1c0
[   88.343207][ T6179]  ? lockdep_hardirqs_on+0x98/0x150
[   88.348426][ T6179]  ? __local_bh_enable_ip+0x12e/0x1c0
[   88.353788][ T6179]  ? _local_bh_enable+0xa0/0xa0
[   88.358636][ T6179]  ? __dev_queue_xmit+0x245/0x35a0
[   88.363842][ T6179]  ? nfnetlink_net_exit_batch+0xa0/0xa0
[   88.369402][ T6179]  ? __dev_queue_xmit+0x245/0x35a0
[   88.374562][ T6179]  ? ref_tracker_free+0x634/0x7d0
[   88.379612][ T6179]  ? __copy_skb_header+0xa7/0x550
[   88.384663][ T6179]  ? refcount_inc+0x70/0x70
[   88.389153][ T6179]  ? __skb_clone+0x63/0x790
[   88.393651][ T6179]  ? __skb_clone+0x480/0x790
[   88.398244][ T6179]  ? __netlink_deliver_tap+0x7e8/0x830
[   88.403694][ T6179]  ? netlink_deliver_tap+0x2e/0x1b0
[   88.408885][ T6179]  ? __lock_acquire+0x7c80/0x7c80
[   88.413904][ T6179]  ? netlink_deliver_tap+0x2e/0x1b0
[   88.419098][ T6179]  netlink_unicast+0x751/0x8d0
[   88.423951][ T6179]  netlink_sendmsg+0x8c1/0xbe0
[   88.428723][ T6179]  ? netlink_getsockopt+0x580/0x580
[   88.433921][ T6179]  ? aa_sock_msg_perm+0x94/0x150
[   88.438863][ T6179]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   88.444166][ T6179]  ? security_socket_sendmsg+0x80/0xa0
[   88.449619][ T6179]  ? netlink_getsockopt+0x580/0x580
[   88.454836][ T6179]  ____sys_sendmsg+0x5bf/0x950
[   88.459626][ T6179]  ? __asan_memset+0x22/0x40
[   88.464207][ T6179]  ? __sys_sendmsg_sock+0x30/0x30
[   88.469235][ T6179]  ? __import_iovec+0x5f2/0x860
[   88.474083][ T6179]  ? import_iovec+0x73/0xa0
[   88.478582][ T6179]  ___sys_sendmsg+0x220/0x290
[   88.483256][ T6179]  ? __sys_sendmsg+0x270/0x270
[   88.488057][ T6179]  __se_sys_sendmsg+0x1a5/0x270
[   88.492927][ T6179]  ? __x64_sys_sendmsg+0x80/0x80
[   88.497869][ T6179]  ? lockdep_hardirqs_on+0x98/0x150
[   88.503057][ T6179]  do_syscall_64+0x55/0xb0
[   88.507466][ T6179]  ? clear_bhb_loop+0x40/0x90
[   88.512130][ T6179]  ? clear_bhb_loop+0x40/0x90
[   88.516813][ T6179]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   88.522716][ T6179] RIP: 0033:0x7f51e0b8f749
[   88.527135][ T6179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.546839][ T6179] RSP: 002b:00007f51dedd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   88.555255][ T6179] RAX: ffffffffffffffda RBX: 00007f51e0de6180 RCX: 00007f51e0b8f749
[   88.563238][ T6179] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000009
[   88.571201][ T6179] RBP: 00007f51e0c13f91 R08: 0000000000000000 R09: 0000000000000000
[   88.579192][ T6179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   88.587156][ T6179] R13: 00007f51e0de6218 R14: 00007f51e0de6180 R15: 00007fff75220038
[   88.595148][ T6179]  </TASK>
[   88.600529][ T6179] Mem-Info:
[   88.605575][ T6179] active_anon:6705 inactive_anon:0 isolated_anon:0
[   88.605575][ T6179]  active_file:1157 inactive_file:39899 isolated_file:0
[   88.605575][ T6179]  unevictable:768 dirty:39 writeback:0
[   88.605575][ T6179]  slab_reclaimable:9855 slab_unreclaimable:91468
[   88.605575][ T6179]  mapped:25339 shmem:2451 pagetables:568
[   88.605575][ T6179]  sec_pagetables:0 bounce:0
[   88.605575][ T6179]  kernel_misc_reclaimable:0
[   88.605575][ T6179]  free:1325937 free_pcp:11985 free_cma:0
[   88.651498][ T6179] Node 0 active_anon:26820kB inactive_anon:0kB active_file:4628kB inactive_file:159396kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:101356kB dirty:148kB writeback:0kB shmem:8268kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11352kB pagetables:2272kB sec_pagetables:0kB all_unreclaimable? no
[   88.674484][ T6228]  loop2: p1 p2 p4 < >
[   88.688345][ T6179] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[   88.721245][ T6179] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   88.729679][ T6228] loop2: partition table partially beyond EOD, truncated
[   88.772090][ T6228] loop2: p1 start 16777216 is beyond EOD, truncated
[   88.779024][ T6179] lowmem_reserve[]: 0 2525 2526 2526 2526
[   88.779077][ T6179] Node 0 DMA32 free:1392580kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:26568kB inactive_anon:0kB active_file:4628kB inactive_file:158064kB unevictable:1536kB writepending:148kB present:3129332kB managed:2589600kB mlocked:0kB bounce:0kB free_pcp:28232kB local_pcp:16544kB free_cma:0kB
[   88.810725][ T6228] loop2: p2 size 515840 extends beyond EOD, truncated
[   88.827216][ T6228] loop2: p4 start 16777216 is beyond EOD, truncated
[   88.829820][ T6179] lowmem_reserve[]: 0 0 1 1 1
[   88.843557][ T6179] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1332kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   88.887872][ T6179] lowmem_reserve[]: 0 0 0 0 0
[   88.892667][ T6179] Node 1 Normal free:3895808kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:8kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:21348kB local_pcp:9476kB free_cma:0kB
[   88.948238][ T6179] lowmem_reserve[]: 0 0 0 0 0
[   88.971645][ T6179] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   89.005765][ T6179] Node 0 DMA32: 2*4kB (UM) 2*8kB (UM) 2*16kB (UE) 7*32kB (UE) 6*64kB (UE) 3*128kB (UE) 1*256kB (M) 1*512kB (E) 1*1024kB (E) 2*2048kB (UE) 337*4096kB (M) = 1387288kB
[   89.064382][ T6179] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[   89.076847][ T6179] Node 1 Normal: 258*4kB (UME) 69*8kB (UME) 51*16kB (UME) 53*32kB (UME) 18*64kB (UME) 7*128kB (UME) 2*256kB (ME) 2*512kB (UE) 1*1024kB (U) 2*2048kB (UE) 948*4096kB (M) = 3895808kB
[   89.095056][ T6179] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   89.105373][ T6179] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   89.114803][ T6179] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   89.124363][ T6179] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   89.134880][ T6179] 45355 total pagecache pages
[   89.139633][ T6179] 0 pages in swap cache
[   89.143987][ T6179] Free swap  = 124996kB
[   89.168444][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   89.226574][ T6243] netlink: 'syz.3.120': attribute type 4 has an invalid length.
[   89.234335][ T6243] netlink: 17 bytes leftover after parsing attributes in process `syz.3.120'.
[   89.336944][ T6179] Total swap = 124996kB
[   89.341902][ T6179] 2097051 pages RAM
[   89.384248][ T6179] 0 pages HighMem/MovableOnly
[   89.460005][ T6179] 416137 pages reserved
[   89.533191][ T6179] 0 pages cma reserved
[   90.138417][ T6247] wireguard0: entered promiscuous mode
[   90.144062][ T6247] wireguard0: entered allmulticast mode
[   90.869244][ T6254] syz.2.126[6254] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   90.869445][ T6254] syz.2.126[6254] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   91.929291][ T6261] loop3: detected capacity change from 0 to 8192
[   92.036180][ T6261]  loop3: p1 p2 p4 < >
[   92.040327][ T6261] loop3: partition table partially beyond EOD, truncated
[   92.074830][ T6261] loop3: p1 start 16777216 is beyond EOD, truncated
[   92.081557][ T6261] loop3: p2 size 515840 extends beyond EOD, truncated
[   92.149583][ T6261] loop3: p4 start 16777216 is beyond EOD, truncated
[   92.335204][ T6210] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 217: padding at end of block bitmap is not set
[   92.379671][ T6210] EXT4-fs (loop0): Remounting filesystem read-only
[   92.439275][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   92.949293][ T6282] netlink: 'syz.3.136': attribute type 4 has an invalid length.
[   92.957210][ T6282] netlink: 17 bytes leftover after parsing attributes in process `syz.3.136'.
[   93.538474][ T6284] syz.2.138[6284] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   93.538686][ T6284] syz.2.138[6284] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.734918][   T27] audit: type=1326 audit(1763895879.613:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   94.810743][   T27] audit: type=1326 audit(1763895879.613:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   94.833202][   T27] audit: type=1326 audit(1763895879.613:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   94.855982][   T27] audit: type=1326 audit(1763895879.613:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   94.883232][   T27] audit: type=1326 audit(1763895879.613:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   94.934956][   T27] audit: type=1326 audit(1763895879.613:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   94.999164][ T6291] loop2: detected capacity change from 0 to 8192
[   95.007714][ T6294] IPv6: Can't replace route, no match found
[   95.017416][   T27] audit: type=1326 audit(1763895879.613:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   95.057387][   T27] audit: type=1326 audit(1763895879.613:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6288 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[   95.098676][ T6291]  loop2: p1 p2 p4 < >
[   95.102818][ T6291] loop2: partition table partially beyond EOD, truncated
[   95.188355][ T6291] loop2: p1 start 16777216 is beyond EOD, truncated
[   95.213783][ T6291] loop2: p2 size 515840 extends beyond EOD, truncated
[   95.249724][ T6291] loop2: p4 start 16777216 is beyond EOD, truncated
[   95.543862][   T27] audit: type=1326 audit(1763895880.523:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.147" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f51e0b8f749 code=0x0
[   95.602111][ T6309] loop3: detected capacity change from 0 to 1024
[   95.684043][ T6309] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   95.701605][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   95.712459][ T6309] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   95.784317][ T6309] JBD2: no valid journal superblock found
[   95.819860][ T6309] EXT4-fs (loop3): Could not load journal inode
[   95.978085][ T6313] syz.3.150[6313] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.978290][ T6313] syz.3.150[6313] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.116882][ T6316] loop2: detected capacity change from 0 to 512
[   96.136488][ T5779] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.224203][ T6316] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.224319][ T6316] ext4 filesystem being mounted at /42/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   96.769246][ T6329] loop0: detected capacity change from 0 to 8192
[   96.799597][ T6329]  loop0: p1 p2 p4 < >
[   96.799630][ T6329] loop0: partition table partially beyond EOD, truncated
[   96.799893][ T6329] loop0: p1 start 16777216 is beyond EOD, 
[   96.846703][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.848923][ T6329] truncated
[   96.898634][ T6329] loop0: p2 size 515840 extends beyond EOD, truncated
[   96.919692][ T6329] loop0: p4 start 16777216 is beyond EOD, truncated
[   97.173395][ T6342] loop0: detected capacity change from 0 to 512
[   97.189602][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   97.274897][ T6342] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[   97.318607][ T6342] EXT4-fs (loop0): 1 truncate cleaned up
[   97.345952][ T6342] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.511192][ T5779] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.575034][ T6350] netlink: 8 bytes leftover after parsing attributes in process `syz.2.163'.
[   97.737517][ T6354] syz.2.165 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   97.803266][ T6357] syz.3.166[6357] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   97.803471][ T6357] syz.3.166[6357] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   98.322133][ T6360] loop0: detected capacity change from 0 to 8192
[   98.367878][ T6360]  loop0: p1 p2 p4 < >
[   98.367910][ T6360] loop0: partition table partially beyond EOD, truncated
[   98.368123][ T6360] loop0: p1 start 16777216 is beyond EOD, truncated
[   98.368144][ T6360] loop0: p2 size 515840 extends beyond EOD, truncated
[   98.378309][ T6360] loop0: p4 start 16777216 is beyond EOD, truncated
[   98.506196][ T6372] loop2: detected capacity change from 0 to 1764
[   98.661513][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   99.007912][ T6379] loop3: detected capacity change from 0 to 8192
[   99.057022][ T6379]  loop3: p1 < > p2 p4 < p5 >
[   99.061761][ T6379] loop3: partition table partially beyond EOD, truncated
[   99.088795][ T6379] loop3: p1 start 134217728 is beyond EOD, truncated
[   99.096881][ T6379] loop3: p2 size 591360 extends beyond EOD, truncated
[   99.117418][ T6379] loop3: p5 size 591360 extends beyond EOD, truncated
[   99.248513][ T6392] netlink: 204 bytes leftover after parsing attributes in process `syz.1.179'.
[   99.294457][ T5773] I/O error, dev loop3, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   99.392897][ T5785] udevd[5785]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[   99.397259][ T5771] udevd[5771]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   99.425045][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   99.555293][ T6401] syz.2.183[6401] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   99.555498][ T6401] syz.2.183[6401] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   99.758556][ T6398] loop3: detected capacity change from 0 to 8192
[   99.815531][ T6398]  loop3: p1 p2 p4 < >
[   99.815560][ T6398] loop3: partition table partially beyond EOD, truncated
[   99.815746][ T6398] loop3: p1 start 16777216 is beyond EOD, truncated
[   99.815766][ T6398] loop3: p2 size 515840 extends beyond EOD, truncated
[   99.831323][ T6398] loop3: p4 start 16777216 is beyond EOD, truncated
[   99.904328][ T6409] loop0: detected capacity change from 0 to 2048
[   99.999229][ T6409] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.999333][ T6409] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.206069][ T5779] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.371329][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  100.429912][ T6425] vlan2: entered allmulticast mode
[  100.457380][ T6425] dummy0: entered allmulticast mode
[  100.909926][ T6433] loop3: detected capacity change from 0 to 8192
[  100.996500][ T6433]  loop3: p1 p2 p4 < >
[  101.002666][ T6433] loop3: partition table partially beyond EOD, truncated
[  101.024922][ T6433] loop3: p1 start 16777216 is beyond EOD, truncated
[  101.062153][ T6433] loop3: p2 size 515840 extends beyond EOD, truncated
[  101.096342][ T6433] loop3: p4 start 16777216 is beyond EOD, truncated
[  101.330963][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  101.949790][   T27] audit: type=1107 audit(1763895886.933:154): pid=6457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  102.182882][ T6477] loop1: detected capacity change from 0 to 128
[  102.205244][ T6473] loop3: detected capacity change from 0 to 8192
[  102.227557][ T6473]  loop3: p1 p2 p4 < >
[  102.231703][ T6473] loop3: partition table partially beyond EOD, truncated
[  102.263451][ T6473] loop3: p1 start 16777216 is beyond EOD, truncated
[  102.281374][ T6473] loop3: p2 size 515840 extends beyond EOD, truncated
[  102.336837][ T6473] loop3: p4 start 16777216 is beyond EOD, truncated
[  102.437637][ T6485] loop1: detected capacity change from 0 to 128
[  102.562518][ T6485] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  102.649055][ T6485] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.707370][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  102.829937][   T27] audit: type=1326 audit(1763895887.813:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.1.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[  102.896753][   T27] audit: type=1326 audit(1763895887.813:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.1.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[  102.896795][   T27] audit: type=1326 audit(1763895887.813:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.1.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[  102.896832][   T27] audit: type=1326 audit(1763895887.813:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.1.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[  102.896867][   T27] audit: type=1326 audit(1763895887.813:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.1.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[  102.896901][   T27] audit: type=1326 audit(1763895887.813:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.1.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[  102.896935][   T27] audit: type=1326 audit(1763895887.813:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.1.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[  102.896970][   T27] audit: type=1326 audit(1763895887.813:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.1.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[  102.897005][   T27] audit: type=1326 audit(1763895887.813:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.1.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e0b8f749 code=0x7ffc0000
[  102.916387][ T5778] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  103.078322][ T6504] loop1: detected capacity change from 0 to 512
[  103.115354][ T6504] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  103.115387][ T6504] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  103.115403][ T6504] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.223: Corrupt directory, running e2fsck is recommended
[  103.115600][ T6504] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  103.117098][ T6504] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2249: inode #15: comm syz.1.223: corrupted in-inode xattr: invalid ea_ino
[  103.125003][ T6504] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.223: couldn't read orphan inode 15 (err -117)
[  103.135340][ T6504] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.177316][ T6504] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  103.434091][ T6504] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  103.434118][ T6504] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.223: Corrupt directory, running e2fsck is recommended
[  103.588350][ T6504] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  103.617743][ T6504] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  103.647607][ T6504] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.223: Corrupt directory, running e2fsck is recommended
[  103.668870][ T6504] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  103.686222][ T6504] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  103.720542][ T6504] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.223: Corrupt directory, running e2fsck is recommended
[  103.764118][ T6504] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  103.782399][ T6504] EXT4-fs error (device loop1): ext4_readdir:263: inode #2: block 3: comm syz.1.223: path /50/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  103.819064][ T6504] EXT4-fs error (device loop1): ext4_readdir:263: inode #2: block 64: comm syz.1.223: path /50/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  104.029243][ T6518] loop2: detected capacity change from 0 to 8192
[  104.057291][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.092519][ T6518]  loop2: p1 p2 p4 < >
[  104.097023][ T6518] loop2: partition table partially beyond EOD, truncated
[  104.115808][ T6518] loop2: p1 start 16777216 is beyond EOD, truncated
[  104.125274][ T6518] loop2: p2 size 515840 extends beyond EOD, truncated
[  104.151568][ T6518] loop2: p4 start 16777216 is beyond EOD, truncated
[  104.552801][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  104.583830][ T5773] udevd[5773]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  105.012182][ T6558] loop3: detected capacity change from 0 to 512
[  105.031589][ T6558] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  105.031620][ T6558] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  105.031646][ T6558] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.243: Corrupt directory, running e2fsck is recommended
[  105.032071][ T6558] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  105.032343][ T6558] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2249: inode #15: comm syz.3.243: corrupted in-inode xattr: invalid ea_ino
[  105.032812][ T6558] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.243: couldn't read orphan inode 15 (err -117)
[  105.035138][ T6558] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.071895][ T6558] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  105.147023][ T6558] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  105.157875][ T6558] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.243: Corrupt directory, running e2fsck is recommended
[  105.347466][ T6558] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  105.370747][ T6558] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  105.386192][ T6558] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.243: Corrupt directory, running e2fsck is recommended
[  105.430116][ T6558] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  105.471891][ T6558] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  105.531483][ T6558] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.243: Corrupt directory, running e2fsck is recommended
[  105.566255][ T6562] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  105.624753][ T6562] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 3: comm syz.3.243: path /70/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  105.674448][ T6562] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 64: comm syz.3.243: path /70/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  105.937336][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.292692][ T6617] 9p: Unknown access argument : -22
[  107.461138][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.477716][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.508909][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.530621][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.552919][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.573280][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.592426][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.600554][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.621381][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.640697][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.650157][ T6606] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.651620][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.658793][ T6606] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.673646][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.681722][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.690260][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.699056][ T6624] loop2: detected capacity change from 0 to 1024
[  107.702987][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.726938][ T6624] EXT4-fs: Ignoring removed orlov option
[  107.750908][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.800642][ T6624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.815314][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.847938][ T5864] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  107.867109][   T27] kauditd_printk_skb: 51 callbacks suppressed
[  107.867124][   T27] audit: type=1800 audit(1763895892.843:215): pid=6624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.270" name="bus" dev="loop2" ino=18 res=0 errno=0
[  107.907953][ T5864] hid-generic 0003:0004:0000.0001: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  107.952863][   T27] audit: type=1804 audit(1763895892.863:216): pid=6624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.270" name="/newroot/72/bus/bus" dev="loop2" ino=18 res=1 errno=0
[  108.183092][ T6631] fido_id[6631]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  108.672225][ T6606] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  108.741738][ T6606] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  108.753796][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.352036][ T6606] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.361260][ T6606] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.364343][ T6654] loop2: detected capacity change from 0 to 512
[  109.370860][ T6606] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.391924][ T6606] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.427973][ T6654] 
[  109.430354][ T6654] ======================================================
[  109.437476][ T6654] WARNING: possible circular locking dependency detected
[  109.444518][ T6654] syzkaller #0 Not tainted
[  109.448937][ T6654] ------------------------------------------------------
[  109.455966][ T6654] syz.2.278/6654 is trying to acquire lock:
[  109.461870][ T6654] ffff88802180cbd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x170/0x2f0
[  109.471907][ T6654] 
[  109.471907][ T6654] but task is already holding lock:
[  109.479259][ T6654] ffff88802180a608 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b9/0xea0
[  109.488221][ T6654] 
[  109.488221][ T6654] which lock already depends on the new lock.
[  109.488221][ T6654] 
[  109.498638][ T6654] 
[  109.498638][ T6654] the existing dependency chain (in reverse order) is:
[  109.507729][ T6654] 
[  109.507729][ T6654] -> #1 (sb_internal){.+.+}-{0:0}:
[  109.515017][ T6654]        percpu_down_read+0x44/0x1a0
[  109.520389][ T6654]        ext4_evict_inode+0x2b9/0xea0
[  109.525754][ T6654]        evict+0x486/0x870
[  109.530159][ T6654]        ext4_ext_migrate+0xcfb/0xff0
[  109.535520][ T6654]        ext4_ioctl+0x1c4b/0x3820
[  109.540554][ T6654]        __se_sys_ioctl+0xfd/0x170
[  109.545679][ T6654]        do_syscall_64+0x55/0xb0
[  109.550608][ T6654]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  109.557008][ T6654] 
[  109.557008][ T6654] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  109.565423][ T6654]        __lock_acquire+0x2ddb/0x7c80
[  109.570786][ T6654]        lock_acquire+0x197/0x410
[  109.575800][ T6654]        percpu_down_read+0x44/0x1a0
[  109.581078][ T6654]        ext4_writepages+0x170/0x2f0
[  109.586360][ T6654]        do_writepages+0x3a2/0x600
[  109.591470][ T6654]        __writeback_single_inode+0x153/0xee0
[  109.597530][ T6654]        writeback_single_inode+0x211/0x720
[  109.603416][ T6654]        write_inode_now+0x161/0x1e0
[  109.608693][ T6654]        iput+0x5b2/0x920
[  109.613013][ T6654]        ext4_xattr_block_set+0x273a/0x32a0
[  109.618903][ T6654]        ext4_expand_extra_isize_ea+0x10ea/0x19e0
[  109.625321][ T6654]        __ext4_expand_extra_isize+0x306/0x400
[  109.631468][ T6654]        __ext4_mark_inode_dirty+0x45d/0x6e0
[  109.637446][ T6654]        ext4_evict_inode+0x7ed/0xea0
[  109.642812][ T6654]        evict+0x486/0x870
[  109.647224][ T6654]        ext4_orphan_cleanup+0xbd4/0x1400
[  109.652952][ T6654]        ext4_fill_super+0x5de4/0x66c0
[  109.658401][ T6654]        get_tree_bdev+0x3e4/0x510
[  109.663499][ T6654]        vfs_get_tree+0x8c/0x280
[  109.668422][ T6654]        do_new_mount+0x24b/0xa40
[  109.673432][ T6654]        __se_sys_mount+0x2da/0x3c0
[  109.678616][ T6654]        do_syscall_64+0x55/0xb0
[  109.683559][ T6654]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  109.689966][ T6654] 
[  109.689966][ T6654] other info that might help us debug this:
[  109.689966][ T6654] 
[  109.700182][ T6654]  Possible unsafe locking scenario:
[  109.700182][ T6654] 
[  109.707615][ T6654]        CPU0                    CPU1
[  109.712963][ T6654]        ----                    ----
[  109.718313][ T6654]   rlock(sb_internal);
[  109.722460][ T6654]                                lock(&sbi->s_writepages_rwsem);
[  109.730163][ T6654]                                lock(sb_internal);
[  109.736740][ T6654]   rlock(&sbi->s_writepages_rwsem);
[  109.742014][ T6654] 
[  109.742014][ T6654]  *** DEADLOCK ***
[  109.742014][ T6654] 
[  109.750143][ T6654] 3 locks held by syz.2.278/6654:
[  109.755151][ T6654]  #0: ffff88802180a0e0 (&type->s_umount_key#31){++++}-{3:3}, at: get_tree_bdev+0x344/0x510
[  109.765245][ T6654]  #1: ffff88802180a608 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b9/0xea0
[  109.774645][ T6654]  #2: ffff88805e8cd0c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[  109.784902][ T6654] 
[  109.784902][ T6654] stack backtrace:
[  109.790772][ T6654] CPU: 0 PID: 6654 Comm: syz.2.278 Not tainted syzkaller #0
[  109.798043][ T6654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  109.808172][ T6654] Call Trace:
[  109.811441][ T6654]  <TASK>
[  109.814359][ T6654]  dump_stack_lvl+0x16c/0x230
[  109.819033][ T6654]  ? load_image+0x3b0/0x3b0
[  109.823523][ T6654]  ? show_regs_print_info+0x20/0x20
[  109.828718][ T6654]  ? print_circular_bug+0x12b/0x1a0
[  109.833910][ T6654]  check_noncircular+0x2bd/0x3c0
[  109.838843][ T6654]  ? print_deadlock_bug+0x5d0/0x5d0
[  109.844039][ T6654]  ? _find_first_zero_bit+0xd3/0x100
[  109.849322][ T6654]  ? add_lock_to_list+0x191/0x280
[  109.854339][ T6654]  __lock_acquire+0x2ddb/0x7c80
[  109.859193][ T6654]  ? verify_lock_unused+0x140/0x140
[  109.864388][ T6654]  lock_acquire+0x197/0x410
[  109.868878][ T6654]  ? ext4_writepages+0x170/0x2f0
[  109.873837][ T6654]  ? __might_sleep+0xe0/0xe0
[  109.878418][ T6654]  ? mark_lock+0x94/0x320
[  109.882736][ T6654]  ? read_lock_is_recursive+0x20/0x20
[  109.888098][ T6654]  ? __lock_acquire+0x1334/0x7c80
[  109.893144][ T6654]  percpu_down_read+0x44/0x1a0
[  109.897907][ T6654]  ? ext4_writepages+0x170/0x2f0
[  109.902860][ T6654]  ext4_writepages+0x170/0x2f0
[  109.907620][ T6654]  ? ext4_read_folio+0x2f0/0x2f0
[  109.912558][ T6654]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  109.918532][ T6654]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  109.924414][ T6654]  ? lockdep_hardirqs_on+0x98/0x150
[  109.929602][ T6654]  ? ext4_read_folio+0x2f0/0x2f0
[  109.934535][ T6654]  do_writepages+0x3a2/0x600
[  109.939139][ T6654]  ? folio_clear_dirty_for_io+0xc30/0xc30
[  109.944894][ T6654]  ? writeback_single_inode+0x206/0x720
[  109.950456][ T6654]  ? __lock_acquire+0x7c80/0x7c80
[  109.955488][ T6654]  ? do_raw_spin_lock+0x121/0x2c0
[  109.960503][ T6654]  ? get_tree_bdev+0x3e4/0x510
[  109.965256][ T6654]  __writeback_single_inode+0x153/0xee0
[  109.970799][ T6654]  writeback_single_inode+0x211/0x720
[  109.976169][ T6654]  ? write_inode_now+0x1e0/0x1e0
[  109.981106][ T6654]  write_inode_now+0x161/0x1e0
[  109.985861][ T6654]  ? bdi_split_work_to_wbs+0x890/0x890
[  109.991319][ T6654]  ? do_raw_spin_unlock+0x121/0x230
[  109.996508][ T6654]  iput+0x5b2/0x920
[  110.000306][ T6654]  ext4_xattr_block_set+0x273a/0x32a0
[  110.005672][ T6654]  ? __might_sleep+0xe0/0xe0
[  110.010293][ T6654]  ? xattr_find_entry+0x12b/0x2f0
[  110.015328][ T6654]  ? ext4_xattr_block_find+0x350/0x350
[  110.020796][ T6654]  ? ext4_xattr_block_find+0x2d4/0x350
[  110.026252][ T6654]  ext4_expand_extra_isize_ea+0x10ea/0x19e0
[  110.032152][ T6654]  __ext4_expand_extra_isize+0x306/0x400
[  110.037792][ T6654]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  110.043245][ T6654]  ext4_evict_inode+0x7ed/0xea0
[  110.048092][ T6654]  ? _raw_spin_unlock+0x28/0x40
[  110.052965][ T6654]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  110.058851][ T6654]  ? do_raw_spin_unlock+0x121/0x230
[  110.064044][ T6654]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  110.069933][ T6654]  evict+0x486/0x870
[  110.073821][ T6654]  ? __lock_acquire+0x7c80/0x7c80
[  110.078837][ T6654]  ? proc_nr_inodes+0x230/0x230
[  110.083679][ T6654]  ? do_raw_spin_unlock+0x121/0x230
[  110.088868][ T6654]  ? _raw_spin_unlock+0x28/0x40
[  110.093707][ T6654]  ? iput+0x70a/0x920
[  110.097674][ T6654]  ext4_orphan_cleanup+0xbd4/0x1400
[  110.102873][ T6654]  ? ext4_orphan_del+0xba0/0xba0
[  110.107804][ T6654]  ? ext4_register_li_request+0x183/0x940
[  110.113516][ T6654]  ? errseq_check_and_advance+0x66/0x120
[  110.119138][ T6654]  ext4_fill_super+0x5de4/0x66c0
[  110.124073][ T6654]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  110.130304][ T6654]  ? __might_sleep+0xe0/0xe0
[  110.134905][ T6654]  ? read_lock_is_recursive+0x20/0x20
[  110.140283][ T6654]  ? snprintf+0xdb/0x120
[  110.144522][ T6654]  ? vscnprintf+0x80/0x80
[  110.148852][ T6654]  ? down_write+0x162/0x1f0
[  110.153351][ T6654]  ? down_read_killable+0x340/0x340
[  110.158546][ T6654]  ? setup_bdev_super+0x56b/0x660
[  110.163558][ T6654]  get_tree_bdev+0x3e4/0x510
[  110.168139][ T6654]  ? vfs_parse_fs_string+0x160/0x160
[  110.173414][ T6654]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  110.179645][ T6654]  ? setup_bdev_super+0x660/0x660
[  110.184658][ T6654]  ? apparmor_capable+0x137/0x1a0
[  110.189670][ T6654]  ? bpf_lsm_capable+0x9/0x10
[  110.194373][ T6654]  ? security_capable+0x89/0xb0
[  110.199219][ T6654]  vfs_get_tree+0x8c/0x280
[  110.203636][ T6654]  do_new_mount+0x24b/0xa40
[  110.208128][ T6654]  __se_sys_mount+0x2da/0x3c0
[  110.212793][ T6654]  ? __x64_sys_mount+0xc0/0xc0
[  110.217541][ T6654]  ? lockdep_hardirqs_on+0x98/0x150
[  110.222729][ T6654]  ? __x64_sys_mount+0x20/0xc0
[  110.227484][ T6654]  do_syscall_64+0x55/0xb0
[  110.231900][ T6654]  ? clear_bhb_loop+0x40/0x90
[  110.236567][ T6654]  ? clear_bhb_loop+0x40/0x90
[  110.241233][ T6654]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  110.247116][ T6654] RIP: 0033:0x7f2d81190eea
[  110.251528][ T6654] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.271128][ T6654] RSP: 002b:00007f2d81f82e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  110.279537][ T6654] RAX: ffffffffffffffda RBX: 00007f2d81f82ef0 RCX: 00007f2d81190eea
[  110.287501][ T6654] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f2d81f82eb0
[  110.295461][ T6654] RBP: 0000200000000180 R08: 00007f2d81f82ef0 R09: 0000000000800700
[  110.303423][ T6654] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  110.311386][ T6654] R13: 00007f2d81f82eb0 R14: 000000000000046f R15: 0000200000000200
[  110.319354][ T6654]  </TASK>
[  110.346372][ T6654] ------------[ cut here ]------------
[  110.352404][ T6654] EA inode 11 i_nlink=2
[  110.353760][ T6654] WARNING: CPU: 0 PID: 6654 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550
[  110.368333][ T6654] Modules linked in:
[  110.372238][ T6654] CPU: 0 PID: 6654 Comm: syz.2.278 Not tainted syzkaller #0
[  110.379552][ T6654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  110.389680][ T6654] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550
[  110.396309][ T6654] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 c6 3b 9a ff 49 8b 37 48 c7 c7 a0 c3 be 8a 89 da e8 c5 5d 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 6f 1d 2c 08
[  110.415957][ T6654] RSP: 0018:ffffc900054071c0 EFLAGS: 00010246
[  110.422026][ T6654] RAX: 19360a7f94589800 RBX: 0000000000000002 RCX: 0000000000080000
[  110.430051][ T6654] RDX: ffffc9000d26a000 RSI: 000000000007ffff RDI: 0000000000080000
[  110.438206][ T6654] RBP: ffffc900054072b8 R08: ffff8880b8e28c13 R09: 1ffff110171c5182
[  110.446274][ T6654] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000
[  110.454263][ T6654] R13: ffff88805e8cdea8 R14: ffff88805e8cdcb0 R15: ffff88805e8cdd00
[  110.462859][ T6654] FS:  00007f2d81f836c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  110.472043][ T6654] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  110.478688][ T6654] CR2: 00007f656bb83000 CR3: 0000000054364000 CR4: 00000000003506f0
[  110.486697][ T6654] Call Trace:
[  110.489969][ T6654]  <TASK>
[  110.492889][ T6654]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[  110.498553][ T6654]  ? ext4_xattr_inode_iget+0x3df/0x600
[  110.504028][ T6654]  ext4_xattr_set_entry+0xcda/0x1e90
[  110.509360][ T6654]  ext4_xattr_ibody_set+0x254/0x6a0
[  110.514607][ T6654]  ext4_expand_extra_isize_ea+0x113a/0x19e0
[  110.520539][ T6654]  __ext4_expand_extra_isize+0x306/0x400
[  110.526217][ T6654]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  110.531698][ T6654]  ext4_evict_inode+0x7ed/0xea0
[  110.536595][ T6654]  ? _raw_spin_unlock+0x28/0x40
[  110.541458][ T6654]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  110.547517][ T6654]  ? do_raw_spin_unlock+0x121/0x230
[  110.552738][ T6654]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  110.559136][ T6654]  evict+0x486/0x870
[  110.563042][ T6654]  ? __lock_acquire+0x7c80/0x7c80
[  110.568205][ T6654]  ? proc_nr_inodes+0x230/0x230
[  110.573084][ T6654]  ? do_raw_spin_unlock+0x121/0x230
[  110.578403][ T6654]  ? _raw_spin_unlock+0x28/0x40
[  110.583369][ T6654]  ? iput+0x70a/0x920
[  110.587399][ T6654]  ext4_orphan_cleanup+0xbd4/0x1400
[  110.592623][ T6654]  ? ext4_orphan_del+0xba0/0xba0
[  110.597607][ T6654]  ? ext4_register_li_request+0x183/0x940
[  110.603344][ T6654]  ? errseq_check_and_advance+0x66/0x120
[  110.609036][ T6654]  ext4_fill_super+0x5de4/0x66c0
[  110.613998][ T6654]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  110.620288][ T6654]  ? __might_sleep+0xe0/0xe0
[  110.625060][ T6654]  ? read_lock_is_recursive+0x20/0x20
[  110.630445][ T6654]  ? snprintf+0xdb/0x120
[  110.634745][ T6654]  ? vscnprintf+0x80/0x80
[  110.639088][ T6654]  ? down_write+0x162/0x1f0
[  110.643583][ T6654]  ? down_read_killable+0x340/0x340
[  110.648818][ T6654]  ? setup_bdev_super+0x56b/0x660
[  110.653852][ T6654]  get_tree_bdev+0x3e4/0x510
[  110.658495][ T6654]  ? vfs_parse_fs_string+0x160/0x160
[  110.664138][ T6654]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  110.670524][ T6654]  ? setup_bdev_super+0x660/0x660
[  110.675602][ T6654]  ? apparmor_capable+0x137/0x1a0
[  110.680638][ T6654]  ? bpf_lsm_capable+0x9/0x10
[  110.685383][ T6654]  ? security_capable+0x89/0xb0
[  110.690258][ T6654]  vfs_get_tree+0x8c/0x280
[  110.694736][ T6654]  do_new_mount+0x24b/0xa40
[  110.699251][ T6654]  __se_sys_mount+0x2da/0x3c0
[  110.703926][ T6654]  ? __x64_sys_mount+0xc0/0xc0
[  110.708763][ T6654]  ? lockdep_hardirqs_on+0x98/0x150
[  110.713973][ T6654]  ? __x64_sys_mount+0x20/0xc0
[  110.718783][ T6654]  do_syscall_64+0x55/0xb0
[  110.723213][ T6654]  ? clear_bhb_loop+0x40/0x90
[  110.727920][ T6654]  ? clear_bhb_loop+0x40/0x90
[  110.732606][ T6654]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  110.738528][ T6654] RIP: 0033:0x7f2d81190eea
[  110.742955][ T6654] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.763082][ T6654] RSP: 002b:00007f2d81f82e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  110.771619][ T6654] RAX: ffffffffffffffda RBX: 00007f2d81f82ef0 RCX: 00007f2d81190eea
[  110.779633][ T6654] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f2d81f82eb0
[  110.787829][ T6654] RBP: 0000200000000180 R08: 00007f2d81f82ef0 R09: 0000000000800700
[  110.795879][ T6654] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  110.803870][ T6654] R13: 00007f2d81f82eb0 R14: 000000000000046f R15: 0000200000000200
[  110.811911][ T6654]  </TASK>
[  110.814971][ T6654] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  110.822256][ T6654] CPU: 0 PID: 6654 Comm: syz.2.278 Not tainted syzkaller #0
[  110.829524][ T6654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  110.839571][ T6654] Call Trace:
[  110.842837][ T6654]  <TASK>
[  110.845755][ T6654]  dump_stack_lvl+0x16c/0x230
[  110.850427][ T6654]  ? show_regs_print_info+0x20/0x20
[  110.855966][ T6654]  ? load_image+0x3b0/0x3b0
[  110.860461][ T6654]  panic+0x2c0/0x710
[  110.864352][ T6654]  ? bpf_jit_dump+0xd0/0xd0
[  110.868864][ T6654]  __warn+0x2e0/0x470
[  110.872920][ T6654]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  110.878895][ T6654]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  110.884877][ T6654]  report_bug+0x2be/0x4f0
[  110.889216][ T6654]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  110.895213][ T6654]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  110.901217][ T6654]  ? ext4_xattr_inode_update_ref+0x4fd/0x550
[  110.907201][ T6654]  handle_bug+0xcf/0x120
[  110.911443][ T6654]  exc_invalid_op+0x1a/0x50
[  110.915947][ T6654]  asm_exc_invalid_op+0x1a/0x20
[  110.920957][ T6654] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550
[  110.927544][ T6654] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 c6 3b 9a ff 49 8b 37 48 c7 c7 a0 c3 be 8a 89 da e8 c5 5d 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 6f 1d 2c 08
[  110.947151][ T6654] RSP: 0018:ffffc900054071c0 EFLAGS: 00010246
[  110.953211][ T6654] RAX: 19360a7f94589800 RBX: 0000000000000002 RCX: 0000000000080000
[  110.961173][ T6654] RDX: ffffc9000d26a000 RSI: 000000000007ffff RDI: 0000000000080000
[  110.969161][ T6654] RBP: ffffc900054072b8 R08: ffff8880b8e28c13 R09: 1ffff110171c5182
[  110.977153][ T6654] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000
[  110.985119][ T6654] R13: ffff88805e8cdea8 R14: ffff88805e8cdcb0 R15: ffff88805e8cdd00
[  110.993107][ T6654]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[  110.998773][ T6654]  ? ext4_xattr_inode_iget+0x3df/0x600
[  111.004241][ T6654]  ext4_xattr_set_entry+0xcda/0x1e90
[  111.009526][ T6654]  ext4_xattr_ibody_set+0x254/0x6a0
[  111.014722][ T6654]  ext4_expand_extra_isize_ea+0x113a/0x19e0
[  111.020620][ T6654]  __ext4_expand_extra_isize+0x306/0x400
[  111.026252][ T6654]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  111.031707][ T6654]  ext4_evict_inode+0x7ed/0xea0
[  111.036549][ T6654]  ? _raw_spin_unlock+0x28/0x40
[  111.041392][ T6654]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  111.047277][ T6654]  ? do_raw_spin_unlock+0x121/0x230
[  111.052470][ T6654]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  111.058354][ T6654]  evict+0x486/0x870
[  111.062242][ T6654]  ? __lock_acquire+0x7c80/0x7c80
[  111.067259][ T6654]  ? proc_nr_inodes+0x230/0x230
[  111.072102][ T6654]  ? do_raw_spin_unlock+0x121/0x230
[  111.077303][ T6654]  ? _raw_spin_unlock+0x28/0x40
[  111.082144][ T6654]  ? iput+0x70a/0x920
[  111.086115][ T6654]  ext4_orphan_cleanup+0xbd4/0x1400
[  111.091372][ T6654]  ? ext4_orphan_del+0xba0/0xba0
[  111.096306][ T6654]  ? ext4_register_li_request+0x183/0x940
[  111.102020][ T6654]  ? errseq_check_and_advance+0x66/0x120
[  111.107649][ T6654]  ext4_fill_super+0x5de4/0x66c0
[  111.112586][ T6654]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  111.118815][ T6654]  ? __might_sleep+0xe0/0xe0
[  111.123394][ T6654]  ? read_lock_is_recursive+0x20/0x20
[  111.128755][ T6654]  ? snprintf+0xdb/0x120
[  111.132989][ T6654]  ? vscnprintf+0x80/0x80
[  111.137305][ T6654]  ? down_write+0x162/0x1f0
[  111.141802][ T6654]  ? down_read_killable+0x340/0x340
[  111.146994][ T6654]  ? setup_bdev_super+0x56b/0x660
[  111.152007][ T6654]  get_tree_bdev+0x3e4/0x510
[  111.156775][ T6654]  ? vfs_parse_fs_string+0x160/0x160
[  111.162068][ T6654]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  111.168312][ T6654]  ? setup_bdev_super+0x660/0x660
[  111.173334][ T6654]  ? apparmor_capable+0x137/0x1a0
[  111.178351][ T6654]  ? bpf_lsm_capable+0x9/0x10
[  111.183023][ T6654]  ? security_capable+0x89/0xb0
[  111.187870][ T6654]  vfs_get_tree+0x8c/0x280
[  111.192277][ T6654]  do_new_mount+0x24b/0xa40
[  111.196773][ T6654]  __se_sys_mount+0x2da/0x3c0
[  111.201437][ T6654]  ? __x64_sys_mount+0xc0/0xc0
[  111.206189][ T6654]  ? lockdep_hardirqs_on+0x98/0x150
[  111.211374][ T6654]  ? __x64_sys_mount+0x20/0xc0
[  111.216127][ T6654]  do_syscall_64+0x55/0xb0
[  111.220542][ T6654]  ? clear_bhb_loop+0x40/0x90
[  111.225211][ T6654]  ? clear_bhb_loop+0x40/0x90
[  111.229888][ T6654]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  111.235773][ T6654] RIP: 0033:0x7f2d81190eea
[  111.240180][ T6654] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.259782][ T6654] RSP: 002b:00007f2d81f82e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  111.268190][ T6654] RAX: ffffffffffffffda RBX: 00007f2d81f82ef0 RCX: 00007f2d81190eea
[  111.276158][ T6654] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f2d81f82eb0
[  111.284123][ T6654] RBP: 0000200000000180 R08: 00007f2d81f82ef0 R09: 0000000000800700
[  111.292093][ T6654] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  111.300056][ T6654] R13: 00007f2d81f82eb0 R14: 000000000000046f R15: 0000200000000200
[  111.308022][ T6654]  </TASK>
[  111.311267][ T6654] Kernel Offset: disabled
[  111.315576][ T6654] Rebooting in 86400 seconds..