last executing test programs:

1m6.736698958s ago: executing program 3 (id=611):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
getrlimit(0x4, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e40)=ANY=[@ANYBLOB="1b0000000000000000000000000004000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000406dc6c2f2b0671ad07c5277f6403f928bb60dc3f665dfdae60bf5fcf832f0947aae176edc54d1416a6c53444b830f24e955568e6159ebec9da2397df89dafbbdc8848df6cecef20f79cfb518fbc5cca55a4b29d8afb83bb6d221013ac26b2e712ba7ae6d26f329b9046ca48d048b3730b47a67381c5d9bb0995d10bd6c36680", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400"/28], 0x50)
socket$xdp(0x2c, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file5\x00')

1m6.40580868s ago: executing program 3 (id=616):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff74, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000005000000020000000700000002"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x20075, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
unshare(0x2c020400)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x54}}, 0x0)
unshare(0x40020000)
mlockall(0x2)
r3 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
r4 = shmat(r3, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace(0x8, r5)
shmdt(r4)

58.748897348s ago: executing program 3 (id=659):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000280)=r1, 0x4)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)

58.225833992s ago: executing program 3 (id=662):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000001000000bd79000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pause()
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r3, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)

57.198118769s ago: executing program 3 (id=670):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[], 0x2c}}, 0x40040)

56.437201735s ago: executing program 3 (id=675):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000000206030000000000fffff000000000000900020073797a32000000000500040000000000050005000200000012000300686173683a6e65742c706f7274000000"], 0x58}}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x18)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x555)
semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x0, 0x1000}], 0x1, 0x0)
unshare(0x2c000000)

56.133887948s ago: executing program 32 (id=675):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000000206030000000000fffff000000000000900020073797a32000000000500040000000000050005000200000012000300686173683a6e65742c706f7274000000"], 0x58}}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x18)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x555)
semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x0, 0x1000}], 0x1, 0x0)
unshare(0x2c000000)

13.039419772s ago: executing program 0 (id=873):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
getrlimit(0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file5\x00')

12.852724773s ago: executing program 0 (id=875):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)

12.605642505s ago: executing program 0 (id=878):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff74, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000005000000020000000700000002"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x20075, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
unshare(0x2c020400)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x54}}, 0x0)
unshare(0x40020000)
mlockall(0x2)
r3 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
r4 = shmat(r3, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x8, r5)
shmdt(r4)

5.554316168s ago: executing program 0 (id=917):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000280)=r1, 0x4)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)

5.25657463s ago: executing program 0 (id=919):
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x0, 0x0, @buffer={0x2, 0x51, &(0x7f00000000c0)=""/81}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a", 0xfffffec7}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1", 0x1c}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001900599c6d0eab070004000523"], 0xfe33)

5.150460381s ago: executing program 0 (id=920):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001080), 0x1, 0x4e2, &(0x7f0000000b80)="$eJzs3c9vG1kdAPDvTOImm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7ZkLhRFDuOYmdpQiXS/wGJSpzgT+CAxAGpJ+7c4MalHJAKVKAGiYPRjCdpSOMkbRMb7M9HGs28eeP5vldr3nO/SfwCGFlXI2IvIq5ExMcRMVOcT4ot3u9u2XWPH91Z3n90ZzmJTuejvyV5fXYujrwm83Jxz8mI+N63I36YPB23tbO7vlSv17aKcqXd2Ky0dnZvrDWWVmurtY1qdWF+Ye7dm+9UL6yvbzR+9fBbax98/7e/+eKD3+9948dZs6aLuqP9uEjdrpcO42TGI+KDywg2AGNFf64MuiE8lzQiPhURb+bP/0yM5e/m+ZzwWAMA/wc6nZnozBwtAwDDLs1zYElaLnIB05Gm5XI3h/d6TKX1Zqt9/VZze2OlmyubjVJ6a61emytyhbNRSrLyfH78pFw9Vr4ZEa9FxE8nXsrL5eXz5xkAgIv18rH5/58T3fkfABhyk2ddsNifdgAA/XPm/A8ADB3zPwCMHvM/AIwe8z8AjB7zPwCMnmL+Hxt0OwCAvvjuhx9mW2e/+P7rlU92ttebn9xYqbXWy43t5fJyc2uzvNpsrtZr5eVm46z71ZvNzfm3Y/t2pV1rtSutnd3FRnN7o72Yf6/3Yq3Ul14BAKd57Y37f0wiYu+9l/ItjqzlYK6G4ZYOugHAwMj5w+jyLdwwuvwfHzhrLc+evyJ87zmCdX7yHC8CLtq1z8n/w6iS/4fRJf8Po0v+H0ZXp5P0WvM/PbwEABgqcvxAX3/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAENiOt+StFysBT4daVouR7wSEbNRSm6t1WtzEfFqRPxhojSRlecH3WgA4AWlf0mK9b+uzbw1fbz2SvKviXwfET/6+Uc/u73Ubm/NZ+f/fni+fa84Xx1E+wGAsxzM0wfz+IHHj+4sH2z9bM/Db3YXF83i7hdbt2Y8xvP9ZJQiYuofSVHuyj6vjF1A/L27EfHZk/qf5LmR2WLl0+Pxs9iv9DV++l/x07yuu8/+LT79DDHPWusVRsX9bPx5/6TnL42r+X7yxMWPJ/MR6sUdjH/7T41/6eH4N9Zj/Lt63hhv/+47PevuRnx+/KT4yWH8pEf8t84Z/09f+NKbveo6v4i4FifHPxqr0m5sVlo7uzfWGkurtdXaRrW6ML8w9+7Nd6qVPEddOchUP+2v711/9bT+T/WIP3lG/796aq87EwdHv/z3xz/48inxv/6Vk9//10+Jn82JXzs1/hNLU7/uuXx3Fn+l2/+7z/r+Xz9n/Ad/3l0556UAQB+0dnbXl+r12taFHpTigm945CC5pDY7GPKD7PP4i97nM0XK7H+gO5d9MOiRCbhsTx76QbcEAAAAAAAAAAAAAADo5dL/nCgddA8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZv8JAAD//wqryik=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x8, &(0x7f00000005c0)={[{@errors_remount}, {}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000140)={0x0, 0x6, 0xfffffffffffffffd, 0x400, 0x8, 0x3, 0x28ab, 0x0, 0x4})

4.702180365s ago: executing program 2 (id=924):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newsa={0xf0, 0x10, 0x713, 0x70bd25, 0x0, {{@in6=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@multicast2, 0x0, 0x32}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, {}, {0xfffffffffffffffd, 0xac6}, {}, 0x0, 0x0, 0x2, 0x1}}, 0xf0}}, 0x0)

4.407461296s ago: executing program 2 (id=926):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44000000, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x2102026, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00'}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@block_validity}, {@grpjquota}, {@nobarrier}, {@noquota}, {@abort}, {@nodiscard}, {@nodiscard}]}, 0x64, 0x50d, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZj06Y3ueqDXvB69V5Ji3Y3aWwbfKgVRJ8Kan2vMdmEkE02ZDdtE4qm+AEEERV80hdfBD+AIAVffBShoM+KiiLa6oMP2rns7iRN091k226zafb3g8mcc2Zm/+dsmNk5M4eZAAbWOxFxLSIep2l6PiLGsvJcNsV2a2qs9+jh3bnGlESa3vhnEklWtvNZSTY/k212KiK+9uWIbybPxq1tbi3PVirl9Sxfqq+slWqbWxeWVmYXy4vl1enpqcszV2YuzUz2pJ1nI+LqF//6g+/+7EtXf/WZ23+6+fdz32pUazRbvrcdzyl/0MJW0wvN72LvBusvGOw4yjdbmBlpt8bQMyX3XnGdAABor3GO/8GI+GREnI+xGDr4dBYAAAB4DaWfH43/JRFpe8MdygEAAIDXSK45BjbJFbOxAKORyxWLrTG8H47TuUq1Vv/0QnVjdb41VnY8CrmFpUp5MhsrPB6FpJGfaqaf5C/uy09HxJsR8f2xkWa+OFetzPf74gcAAAAMiDP7+v//GWv1/wEAAIATZrzfFQAAAABeOf1/AAAAOPn0/wEAAOBE+8r1640p3Xn/9fytzY3l6q0L8+XacnFlY644V11fKy5Wq4vNZ/atHPZ5lWp17bOxunGnVC/X6qXa5tbNlerGav3m0lOvwAYAAACO0Jsfv/+HJCK2PzfSnBqGu9u0y9WA4yq/m0qyeZvd+o9vtOZ/OaJKAUdiqN8VAPom3+8KAH1T6HcFgL5LDlnecfDOb7P5J3pbHwAAoPcmPtr5/n/uwC23D14MHHt2Yhhc7v/D4Gre/+92JK+TBThRCs4AYOC99P3/Q6Xpc1UIAADoudHmlOSK2eW90cjlisWIs83XAhSShaVKeTIi3oiI348VPtDITzW3TA7tMwAAAAAAAAAAAAAAAAAAAAAAAAAALWmaRAoAAACcaBG5vyW/bj3Lf2LsvdH91weGk/+ORfaK0Ns/vvHDO7P1+vpUo/xfu+X1H2XlF/txBQMAAAAGwnO9wH+nn77TjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXnr08O7cznSUcf/xhYgYbxc/H6ea81NRiIjT/04iv2e7JCKGehB/pPHnI+3iJ41q7YZsF3+kB/G37x0YP8azb2F//OGIONOD+DDI7jeOP9fa7X+5eKc5b7//5SOeyr+ozse/2D3+DXU4/pztMsZbD35R6hj/XsRb+fbHn534SYf473YZ/xtf39rqtCz9ScRE29+f5KlYpfrKWqm2uXVhaWV2sbxYXp2enro8c2Xm0sxkaWGpUs7+to3xvY/98vFB7T/dIf74Ie1/r8v2///BnYcfaiUL7eKfe7dN/N/8NFvj2fi57LfvU1m6sXxiJ73dSu/19s9/9/ZB7Z/v0P7D/v/numz/+a9+589drgoAHIHa5tbybKVSXj+xiUYv/RhUQ+IYJr7d0w9M0zRt7FMv8TlJHIevpZno95EJAADotScn/f2uCQAAAAAAAAAAAAAAAAAAAAyuo3ic2P6Y27uppBeP0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6In3AwAA///d8Nla")

4.392954367s ago: executing program 4 (id=927):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@jqfmt_vfsv1}, {}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
chdir(&(0x7f0000000340)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r0, 0xfffffffffffffffd, 0xbb)

3.96730298s ago: executing program 4 (id=930):
r0 = socket(0x10, 0x803, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x4c, 0x2c, 0xd2b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x20, 0x2, [@TCA_U32_CLASSID={0x8, 0x1, {0xffff, 0xa}}, @TCA_U32_INDEV={0x14, 0x8, 'netdevsim0\x00'}]}}]}, 0x4c}}, 0x24040084)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r3}, 0x10)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095000000000000007eef25e2a7039ce32bb273e5d68adc45612830b0f088bdce4bff051046b6eb0913bc2c629236a12e1cdfd2eff3a258ac7ddb93c84cb3521fb89e28070579e8853e97a90e30c93124"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001480)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50)
socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0xa, 0x300)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

3.589348813s ago: executing program 2 (id=932):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getdents(r1, 0xfffffffffffffffd, 0x58)

3.201034206s ago: executing program 2 (id=935):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)

2.760759799s ago: executing program 1 (id=936):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newsa={0xf0, 0x10, 0x713, 0x70bd25, 0x0, {{@in6=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@multicast2, 0x0, 0x32}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, {}, {0xfffffffffffffffd, 0xac6}, {}, 0x0, 0x0, 0x2, 0x1}}, 0xf0}}, 0x0)

2.759540079s ago: executing program 5 (id=937):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000140)=@dstopts={0xff}, 0x8)

2.527563331s ago: executing program 4 (id=938):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
inotify_init1(0x80800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r0, 0x0, 0x7}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000000)={0x1, 0x0, 0x9})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2.475947781s ago: executing program 1 (id=939):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
getrlimit(0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file5\x00')

2.397218472s ago: executing program 5 (id=940):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00'})
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x7}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000010000000800000008"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r5, &(0x7f0000000440)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @private2}, 0x1c, 0x0, 0x0, &(0x7f0000000500)=[@pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @local}}}}], 0x28}}], 0x1, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010007000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32250000000900010073797a3000000000080005400000001f"], 0xec}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000580)={r6}, 0xc)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='cachefiles_ondemand_copen\x00', r7}, 0x18)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{0xffffffffffffffff, <r8=>0xffffffffffffffff}, &(0x7f0000000400), 0x0}, 0x20)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180040008003950"], 0x15)
r9 = dup(r8)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x7, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000000000000b702000000000000850000008600000095", @ANYRES32=r10, @ANYBLOB="18d3007300", @ANYRES32], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r11}, 0x18)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000058000000160a0101000b000000000000010000000900020073797a32000000000900010073797a30000000002c000380180003801400010076657468305f746f5f687372000000000800024000"], 0xf8}, 0x1, 0x0, 0x0, 0xc000}, 0x40)
r13 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r13, 0x8910, &(0x7f0000000000)={'ip6gretap0\x00', @ifru_mtu=0x6})
ioctl$sock_netdev_private(r13, 0x8914, &(0x7f0000000000))

2.274247013s ago: executing program 4 (id=941):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r2, 0x26, &(0x7f00000000c0)={0x2, 0x2, 0xb, 0x80000002})

2.261293723s ago: executing program 1 (id=942):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000280)=r1, 0x4)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)

2.161109084s ago: executing program 2 (id=943):
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x0, 0x0, @buffer={0x2, 0x51, &(0x7f00000000c0)=""/81}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a", 0xfffffec7}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e120800", 0x2a}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001900599c6d0eab070004000523"], 0xfe33)

2.021745225s ago: executing program 5 (id=944):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='net/tcp\x00')
sendmsg$nl_route(r5, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c00000058001f0e19bdd02e4eb0df25000800", @ANYBLOB, @ANYBLOB='\x00'], 0x3c}, 0x1, 0x0, 0x0, 0x4040005}, 0x0)
r6 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$binfmt_misc(r6, &(0x7f0000000180)="e502", 0x2)

1.988174965s ago: executing program 1 (id=945):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = add_key$keyring(&(0x7f0000000300), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000380)='asymmetric\x00', 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000002c0)={@local, @multicast1}, &(0x7f00000003c0)=0xc)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x1200)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x14, 0x1, 0x3, 0x101}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)

1.917205876s ago: executing program 4 (id=946):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000840)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x4}, @func_proto={0x0, 0x0, 0x0, 0xd, 0x4}, @ptr={0x0, 0x0, 0x0, 0x4}, @func={0x4, 0x0, 0x0, 0x8, 0x3}]}, {0x0, [0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)

1.794122526s ago: executing program 2 (id=947):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x7, &(0x7f0000000240))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x12, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
getpgrp(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x126)
pwrite64(r6, 0x0, 0x0, 0xfecc)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20)
io_uring_enter(0xffffffffffffffff, 0x194, 0x62f9, 0x40, &(0x7f0000000000)={[0x1]}, 0x8)
socket$can_j1939(0x1d, 0x2, 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000001c0)='bcache_alloc\x00', r5, 0x0, 0x10000}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close(0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB='`\x00\x00\b', @ANYRES16=r4, @ANYBLOB="010025bd7000000000000100000008000100", @ANYRES32=r3, @ANYBLOB="4400028032000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000100000008000600", @ANYRES32=0x0, @ANYBLOB], 0x60}, 0x1, 0xf000, 0x0, 0x3000000}, 0x10)

1.459067809s ago: executing program 4 (id=948):
r0 = socket(0x10, 0x803, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x4c, 0x2c, 0xd2b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x20, 0x2, [@TCA_U32_CLASSID={0x8, 0x1, {0xffff, 0xa}}, @TCA_U32_INDEV={0x14, 0x8, 'netdevsim0\x00'}]}}]}, 0x4c}}, 0x24040084)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r3}, 0x10)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095000000000000007eef25e2a7039ce32bb273e5d68adc45612830b0f088bdce4bff051046b6eb0913bc2c629236a12e1cdfd2eff3a258ac7ddb93c84cb3521fb89e28070579e8853e97a90e30c93124"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001480)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50)
socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0xa, 0x300)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

713.444655ms ago: executing program 5 (id=949):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newsa={0xf0, 0x10, 0x713, 0x70bd25, 0x0, {{@in6=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@multicast2, 0x0, 0x32}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, {}, {0xfffffffffffffffd, 0xac6}, {}, 0x0, 0x0, 0x2, 0x1}}, 0xf0}}, 0x0)

483.435376ms ago: executing program 5 (id=950):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)

289.239118ms ago: executing program 1 (id=951):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000016c0)=@newqdisc={0x468, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x43c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xff}, 0x0, 0x1}}, @TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x0, 0x1ff, 0x0, 0xfffffc80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3f, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x2, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x400000, 0x7, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xb484, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7fffffff, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xf20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x100, 0x0, 0x4, 0xfffffffd, 0x0, 0x0, 0x3ff, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffd]}, @TCA_TBF_RATE64={0xc, 0x4, 0x7b66349e05b59aa}]}}]}, 0x468}}, 0x0)

203.278548ms ago: executing program 5 (id=952):
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(0xffffffffffffffff, 0x4008941a, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x108, 0x0, 0x0, 0x0, 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB='b 0:* '], 0xa)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
sync()
rename(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='./file0/file0\x00')

0s ago: executing program 1 (id=953):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
getrlimit(0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file5\x00')

kernel console output (not intermixed with test programs):

] device veth0_macvtap entered promiscuous mode
[   76.926245][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   76.936893][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   76.948504][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   76.961662][ T4253] device veth1_macvtap entered promiscuous mode
[   76.997753][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.007394][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.018394][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   77.029980][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   77.047194][ T4263] device veth1_vlan entered promiscuous mode
[   77.079849][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.100353][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.115692][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.128352][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.140683][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.151560][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.161551][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.173782][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.186364][ T4253] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.201282][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.212245][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.222910][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.233870][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.243916][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.254740][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.267063][ T4253] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.274472][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   77.284234][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   77.296072][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   77.305429][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   77.314120][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   77.335564][ T4253] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.344313][ T4253] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.355211][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.361133][ T4253] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.363212][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.375295][ T4253] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.418571][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   77.430860][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   77.440317][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   77.482444][ T4263] device veth0_macvtap entered promiscuous mode
[   77.519520][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.537140][ T4263] device veth1_macvtap entered promiscuous mode
[   77.552180][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.554992][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.577006][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.587133][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   77.595483][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   77.603708][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   77.613959][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   77.625340][ T4263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.636397][ T4263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.646731][ T4263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.657885][ T4263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.667981][ T4263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.678562][ T4263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.690010][ T4263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.700791][ T4263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.712452][ T4263] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.722467][ T4263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.733276][ T4263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.746039][ T4263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.757438][ T4263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.768801][ T4263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.779949][ T4263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.789956][ T4263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.800484][ T4263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.813111][ T4263] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.834935][ T4263] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.843694][ T4263] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.857277][ T4263] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.874887][ T4263] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.937202][ T1302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   77.961588][ T1302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   77.995534][ T1302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   78.007674][ T1302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   78.018194][ T4330] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3'.
[   78.096831][ T1302] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.111800][ T1302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.186777][ T1302] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.212117][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.219842][ T1302] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.254802][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   78.324141][ T1302] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.345371][ T1302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.363306][ T4337] process 'syz.2.7' launched './file1' with NULL argv: empty string added
[   78.377628][ T4335] loop3: detected capacity change from 0 to 512
[   78.389106][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.405131][ T4265] Bluetooth: hci2: command 0x0419 tx timeout
[   78.405224][ T4257] Bluetooth: hci1: command 0x0419 tx timeout
[   78.411208][ T4265] Bluetooth: hci4: command 0x0419 tx timeout
[   78.417281][ T4262] Bluetooth: hci0: command 0x0419 tx timeout
[   78.417318][ T4262] Bluetooth: hci3: command 0x0419 tx timeout
[   78.461672][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.520624][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.531044][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.553457][ T4328] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   78.577876][ T4335] capability: warning: `syz.3.6' uses deprecated v2 capabilities in a way that may be insecure
[   78.590282][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.629915][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   78.638468][ T4339] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5'.
[   78.670612][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.706878][ T4339] IPVS: Error joining to the multicast group
[   78.983723][ T4349] Zero length message leads to an empty skb
[   79.178711][ T4349] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.261881][ T4364] loop1: detected capacity change from 0 to 512
[   79.286711][ T4358] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   79.359668][ T4364] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   79.407492][ T4349] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.434793][ T4364] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   79.458090][ T4364] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.13: invalid indirect mapped block 2683928664 (level 1)
[   79.519044][ T4364] EXT4-fs (loop1): Remounting filesystem read-only
[   79.542076][ T4364] EXT4-fs (loop1): 1 truncate cleaned up
[   79.558081][ T4364] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   79.594788][ T4349] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.718946][ T4253] EXT4-fs (loop1): unmounting filesystem.
[   79.761963][ T4349] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.875527][ T4378] netlink: 62967 bytes leftover after parsing attributes in process `syz.4.17'.
[   80.072711][ T4387] netlink: 14 bytes leftover after parsing attributes in process `syz.1.18'.
[   80.073438][ T4381] loop4: detected capacity change from 0 to 2048
[   80.152292][ T4381] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   80.207962][ T4381] EXT4-fs error (device loop4): ext4_read_inline_dir:1593: inode #12: block 9: comm syz.4.17: path /4/file0/file0: bad entry in directory: rec_len % 4 != 0 - offset=24, inode=13, rec_len=21, size=80 fake=0
[   80.240457][ T4381] EXT4-fs (loop4): Remounting filesystem read-only
[   80.349304][ T4387] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   80.373239][ T4387] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   80.395388][ T4387] bond0 (unregistering): Released all slaves
[   80.430041][ T4349] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.562038][ T4390] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.610981][ T4349] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.651080][ T4349] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.710573][ T4390] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.746698][ T4349] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.033692][ T4259] EXT4-fs (loop4): unmounting filesystem.
[   81.049238][ T4390] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.075174][ T4408] loop1: detected capacity change from 0 to 512
[   81.274224][   T27] audit: type=1326 audit(1741982887.655:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[   81.333852][   T27] audit: type=1326 audit(1741982887.715:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[   81.356882][ T4408] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   81.367303][ T4408] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   81.435975][ T4420] netlink: 40 bytes leftover after parsing attributes in process `syz.2.24'.
[   81.497903][   T27] audit: type=1326 audit(1741982887.745:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[   82.149289][   T27] audit: type=1326 audit(1741982888.485:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[   82.202840][ T4253] EXT4-fs (loop1): unmounting filesystem.
[   82.221757][   T27] audit: type=1326 audit(1741982888.485:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[   82.261475][   T27] audit: type=1326 audit(1741982888.485:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[   82.298326][ T4427] loop2: detected capacity change from 0 to 512
[   82.306947][ T4390] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.334442][   T27] audit: type=1326 audit(1741982888.485:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[   82.356285][ T4427] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   82.371441][ T4426] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.27'.
[   82.397215][ T4424] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.27'.
[   82.437870][ T4427] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[   82.460960][   T27] audit: type=1326 audit(1741982888.485:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[   82.483490][ T4427] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.29: invalid indirect mapped block 2683928664 (level 1)
[   82.498989][   T27] audit: type=1326 audit(1741982888.485:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[   82.520930][ T4427] EXT4-fs (loop2): Remounting filesystem read-only
[   82.528470][ T4427] EXT4-fs (loop2): 1 truncate cleaned up
[   82.534362][ T4427] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   82.562748][   T27] audit: type=1326 audit(1741982888.485:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[   82.646462][ T4390] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.722811][ T4390] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.792738][ T4390] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.808254][ T4252] EXT4-fs (loop2): unmounting filesystem.
[   82.834108][ T4390] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.044147][ T4441] loop2: detected capacity change from 0 to 1764
[   83.481042][ T4451] loop3: detected capacity change from 0 to 2048
[   84.330032][ T4451] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   84.640250][ T4260] EXT4-fs (loop3): unmounting filesystem.
[   84.669097][ T4471] loop4: detected capacity change from 0 to 512
[   84.683359][ T4473] netlink: 16 bytes leftover after parsing attributes in process `syz.2.46'.
[   84.735403][ T4471] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   84.791165][ T4471] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   84.814353][ T4471] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.45: invalid indirect mapped block 2683928664 (level 1)
[   84.872900][ T4471] EXT4-fs (loop4): Remounting filesystem read-only
[   84.895523][ T4471] EXT4-fs (loop4): 1 truncate cleaned up
[   84.911597][ T4471] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   85.465775][ T4487] loop1: detected capacity change from 0 to 512
[   85.634083][ T4259] EXT4-fs (loop4): unmounting filesystem.
[   85.651356][ T4456] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   86.648268][   T26] cfg80211: failed to load regulatory.db
[   86.898623][ T4505] loop4: detected capacity change from 0 to 2048
[   87.011720][ T4505] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   87.042436][   T27] kauditd_printk_skb: 46 callbacks suppressed
[   87.042454][   T27] audit: type=1800 audit(1741982893.425:58): pid=4505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.58" name="bus" dev="loop4" ino=18 res=0 errno=0
[   87.143946][ T4259] EXT4-fs (loop4): unmounting filesystem.
[   87.160530][ T4501] loop2: detected capacity change from 0 to 8192
[   87.169034][ T4501] =======================================================
[   87.169034][ T4501] WARNING: The mand mount option has been deprecated and
[   87.169034][ T4501]          and is ignored by this kernel. Remove the mand
[   87.169034][ T4501]          option from the mount to silence this warning.
[   87.169034][ T4501] =======================================================
[   87.321099][ T4519] netlink: 'syz.0.62': attribute type 29 has an invalid length.
[   87.346563][ T4519] netlink: 'syz.0.62': attribute type 29 has an invalid length.
[   87.371254][ T4519] netlink: 'syz.0.62': attribute type 29 has an invalid length.
[   87.411771][ T4519] netlink: 'syz.0.62': attribute type 29 has an invalid length.
[   87.881165][ T4533] netlink: 40 bytes leftover after parsing attributes in process `syz.4.63'.
[   88.457194][ T4538] loop1: detected capacity change from 0 to 512
[   88.518716][ T4539] loop0: detected capacity change from 0 to 512
[   88.640955][ T4538] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.68: inode #1: comm syz.1.68: iget: illegal inode #
[   88.747556][ T4538] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.68: error while reading EA inode 1 err=-117
[   88.795364][ T4538] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   88.836016][ T4538] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.68: inode #1: comm syz.1.68: iget: illegal inode #
[   88.861103][ T4538] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.68: error while reading EA inode 1 err=-117
[   88.884065][ T4538] EXT4-fs (loop1): 1 orphan inode deleted
[   88.893735][ T4538] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   89.697529][ T4456] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   89.840513][ T4552] loop2: detected capacity change from 0 to 1024
[   89.864205][ T4552] EXT4-fs: inline encryption not supported
[   89.924027][ T4552] EXT4-fs error (device loop2): ext4_map_blocks:744: inode #3: block 1: comm syz.2.70: lblock 1 mapped to illegal pblock 1 (length 1)
[   89.927713][ T4253] EXT4-fs (loop1): unmounting filesystem.
[   89.952324][ T4552] Quota error (device loop2): write_blk: dquota write failed
[   89.965360][ T4552] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[   89.970472][ T4561] netlink: 'syz.3.73': attribute type 1 has an invalid length.
[   90.002678][ T4552] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.70: Failed to acquire dquot type 0
[   90.053999][ T4552] EXT4-fs error (device loop2): ext4_free_blocks:6210: comm syz.2.70: Freeing blocks not in datazone - block = 0, count = 4096
[   90.143800][ T4552] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.70: Invalid inode bitmap blk 0 in block_group 0
[   90.174851][ T4550] EXT4-fs error (device loop2): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:13: lblock 1 mapped to illegal pblock 1 (length 1)
[   90.226007][ T4552] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem
[   90.236389][ T4550] Quota error (device loop2): remove_tree: Can't read quota data block 1
[   90.250937][ T4565] loop1: detected capacity change from 0 to 2048
[   90.263263][ T4550] EXT4-fs error (device loop2): ext4_release_dquot:6818: comm kworker/u4:13: Failed to release dquot type 0
[   90.275857][ T4552] EXT4-fs (loop2): 1 orphan inode deleted
[   90.281651][ T4552] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   90.342476][ T4565] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   90.417840][ T4573] netlink: 'syz.4.77': attribute type 29 has an invalid length.
[   90.426149][ T4573] netlink: 'syz.4.77': attribute type 29 has an invalid length.
[   90.436618][ T4573] netlink: 'syz.4.77': attribute type 29 has an invalid length.
[   90.461061][   T27] audit: type=1800 audit(1741982896.845:59): pid=4565 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.74" name="bus" dev="loop1" ino=18 res=0 errno=0
[   90.496402][ T4252] EXT4-fs (loop2): unmounting filesystem.
[   90.535729][ T4573] netlink: 'syz.4.77': attribute type 29 has an invalid length.
[   90.537908][ T4575] atomic_op ffff88807e185198 conn xmit_atomic 0000000000000000
[   90.656901][ T4253] EXT4-fs (loop1): unmounting filesystem.
[   90.832407][ T4584] loop2: detected capacity change from 0 to 128
[   90.903489][ T4584] EXT4-fs (loop2): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[   90.942064][ T4591] netlink: 96 bytes leftover after parsing attributes in process `syz.0.84'.
[   92.712916][ T4601] netlink: 'syz.1.87': attribute type 1 has an invalid length.
[   92.820127][ T4605] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   93.152855][ T4579] xt_CT: You must specify a L4 protocol and not use inversions on it
[   93.747833][   T27] audit: type=1326 audit(1741982900.115:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4613 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7477d8d169 code=0x7ffc0000
[   93.785378][ T4617] netlink: 'syz.2.93': attribute type 29 has an invalid length.
[   93.796600][ T4615] netlink: 20 bytes leftover after parsing attributes in process `syz.3.94'.
[   93.815960][   T27] audit: type=1326 audit(1741982900.175:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4613 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7477d8d169 code=0x7ffc0000
[   93.824928][ T4615] netlink: 20 bytes leftover after parsing attributes in process `syz.3.94'.
[   93.839121][   T27] audit: type=1326 audit(1741982900.185:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4613 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7477d8d169 code=0x7ffc0000
[   93.870039][   T27] audit: type=1326 audit(1741982900.185:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4613 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7477d8d169 code=0x7ffc0000
[   93.892410][   T27] audit: type=1326 audit(1741982900.185:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4613 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7477d8d169 code=0x7ffc0000
[   93.943048][ T4622] netlink: 40 bytes leftover after parsing attributes in process `syz.0.92'.
[   93.985317][   T27] audit: type=1326 audit(1741982900.185:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4613 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f7477d8d169 code=0x7ffc0000
[   94.614859][ T4629] netlink: 4 bytes leftover after parsing attributes in process `syz.4.96'.
[   94.709040][ T4617] netlink: 'syz.2.93': attribute type 29 has an invalid length.
[   94.767900][   T27] audit: type=1326 audit(1741982901.145:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4613 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7477d8d169 code=0x7ffc0000
[   94.798072][ T4621] netlink: 'syz.2.93': attribute type 29 has an invalid length.
[   94.925126][   T27] audit: type=1326 audit(1741982901.145:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4613 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7477d8d169 code=0x7ffc0000
[   95.208887][ T4642] loop3: detected capacity change from 0 to 2048
[   95.216327][ T4644] loop4: detected capacity change from 0 to 1024
[   95.240080][ T4644] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   95.287852][ T4644] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce028, mo2=0000]
[   95.303870][ T4642] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   95.349459][ T4644] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 2: comm syz.4.99: lblock 2 mapped to illegal pblock 2 (length 1)
[   95.456285][ T4644] EXT4-fs (loop4): Remounting filesystem read-only
[   95.484636][ T4644] Quota error (device loop4): qtree_write_dquot: dquota write failed
[   95.494932][ T4644] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 48: comm syz.4.99: lblock 0 mapped to illegal pblock 48 (length 1)
[   95.525085][ T4644] EXT4-fs (loop4): Remounting filesystem read-only
[   95.531667][ T4644] Quota error (device loop4): v2_write_file_info: Can't write info structure
[   95.544179][ T4260] EXT4-fs (loop3): unmounting filesystem.
[   95.559377][ T4644] EXT4-fs error (device loop4): ext4_acquire_dquot:6795: comm syz.4.99: Failed to acquire dquot type 0
[   95.616077][ T4656] loop1: detected capacity change from 0 to 128
[   95.734614][ T4644] EXT4-fs (loop4): Remounting filesystem read-only
[   95.741727][ T4644] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5885: Corrupt filesystem
[   95.773366][ T4644] EXT4-fs (loop4): Remounting filesystem read-only
[   95.792410][ T4644] EXT4-fs error (device loop4): ext4_evict_inode:279: inode #11: comm syz.4.99: mark_inode_dirty error
[   95.834829][ T4644] EXT4-fs (loop4): Remounting filesystem read-only
[   95.844829][ T4644] EXT4-fs warning (device loop4): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[   95.874789][ T4644] EXT4-fs (loop4): 1 orphan inode deleted
[   95.892451][ T4644] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   95.901636][ T4499] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:9: lblock 1 mapped to illegal pblock 1 (length 1)
[   95.956880][ T4499] EXT4-fs (loop4): Remounting filesystem read-only
[   95.963476][ T4499] EXT4-fs error (device loop4): ext4_release_dquot:6818: comm kworker/u4:9: Failed to release dquot type 0
[   96.034145][ T4499] EXT4-fs (loop4): Remounting filesystem read-only
[   96.528959][ T4662] xt_CT: You must specify a L4 protocol and not use inversions on it
[   96.658659][ T4259] EXT4-fs (loop4): unmounting filesystem.
[   96.745025][ T4259] EXT4-fs error (device loop4): __ext4_get_inode_loc:4506: comm syz-executor: Invalid inode table block 1 in block_group 0
[   96.860659][ T4259] EXT4-fs (loop4): Remounting filesystem read-only
[   96.874563][ T4259] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5885: Corrupt filesystem
[   96.910985][ T4259] EXT4-fs (loop4): Remounting filesystem read-only
[   96.934673][ T4259] EXT4-fs error (device loop4): ext4_quota_off:7084: inode #3: comm syz-executor: mark_inode_dirty error
[   96.969265][ T4259] EXT4-fs (loop4): Remounting filesystem read-only
[   97.102935][ T4674] netlink: 4 bytes leftover after parsing attributes in process `syz.0.109'.
[   97.178943][ T4676] netlink: 'syz.4.108': attribute type 1 has an invalid length.
[   97.196252][ T4676] netlink: 16066 bytes leftover after parsing attributes in process `syz.4.108'.
[   97.256118][ T4679] xt_hashlimit: max too large, truncated to 1048576
[   97.310046][ T4679] Cannot find set identified by id 0 to match
[   97.475056][ T4685] netlink: 'syz.3.111': attribute type 29 has an invalid length.
[   97.546716][ T4685] netlink: 'syz.3.111': attribute type 29 has an invalid length.
[   97.608979][ T4688] netlink: 'syz.3.111': attribute type 29 has an invalid length.
[   97.660378][ T4686] netlink: 'syz.3.111': attribute type 29 has an invalid length.
[   97.713346][ T4685] netlink: 'syz.3.111': attribute type 29 has an invalid length.
[   98.167967][ T4709] netlink: 'syz.0.122': attribute type 1 has an invalid length.
[   98.176132][ T4713] netlink: 4 bytes leftover after parsing attributes in process `syz.2.123'.
[   98.189955][ T4709] netlink: 16066 bytes leftover after parsing attributes in process `syz.0.122'.
[   98.296808][ T4717] loop4: detected capacity change from 0 to 128
[   98.313677][ T4717] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[   98.795813][ T4726] loop0: detected capacity change from 0 to 128
[   98.895625][ T4712] xt_CT: You must specify a L4 protocol and not use inversions on it
[   99.508375][ T4742] loop3: detected capacity change from 0 to 736
[   99.617548][ T4740] syz.4.133[4740] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   99.617669][ T4740] syz.4.133[4740] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   99.660180][   T27] kauditd_printk_skb: 2 callbacks suppressed
[   99.660197][   T27] audit: type=1326 audit(1741982906.045:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4735 comm="syz.4.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[   99.708371][ T4742] rock: directory entry would overflow storage
[   99.729555][ T4742] rock: sig=0x5850, size=36, remaining=14
[   99.761296][   T27] audit: type=1326 audit(1741982906.045:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4735 comm="syz.4.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[   99.853747][ T4742] xt_CT: No such helper "pptp"
[  100.113656][ T4749] netlink: 4 bytes leftover after parsing attributes in process `syz.3.136'.
[  100.234952][ T4752] netlink: 'syz.1.137': attribute type 1 has an invalid length.
[  100.252643][ T4752] netlink: 'syz.1.137': attribute type 4 has an invalid length.
[  100.270743][ T4752] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.137'.
[  100.382044][   T27] audit: type=1326 audit(1741982906.765:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440538d169 code=0x7ffc0000
[  100.450876][   T27] audit: type=1326 audit(1741982906.795:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440538d169 code=0x7ffc0000
[  100.535447][   T27] audit: type=1326 audit(1741982906.795:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f440538d169 code=0x7ffc0000
[  100.614761][   T27] audit: type=1326 audit(1741982906.795:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440538d169 code=0x7ffc0000
[  100.660186][ T4761] tipc: Started in network mode
[  100.677705][ T4761] tipc: Node identity 4, cluster identity 4711
[  100.687841][ T4761] tipc: Node number set to 4
[  100.694975][   T27] audit: type=1326 audit(1741982906.805:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f440538d169 code=0x7ffc0000
[  100.752723][ T4765] loop2: detected capacity change from 0 to 128
[  100.780819][ T4765] FAT-fs (loop2): count of clusters too big (3221241867)
[  100.797281][   T27] audit: type=1326 audit(1741982906.805:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440538d169 code=0x7ffc0000
[  100.830128][ T4765] FAT-fs (loop2): Can't find a valid FAT filesystem
[  101.099676][ T4773] xt_hashlimit: max too large, truncated to 1048576
[  101.121607][ T4770] loop3: detected capacity change from 0 to 1024
[  101.145262][ T4770] EXT4-fs: Ignoring removed bh option
[  101.180252][ T4770] EXT4-fs: inline encryption not supported
[  101.192831][ T4778] netlink: 4 bytes leftover after parsing attributes in process `syz.4.149'.
[  101.216926][ T4770] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  101.351367][ T4770] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 2: comm syz.3.145: lblock 2 mapped to illegal pblock 2 (length 1)
[  101.398191][ T4770] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  101.410640][ T4770] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 48: comm syz.3.145: lblock 0 mapped to illegal pblock 48 (length 1)
[  101.438700][ T4770] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  101.447895][ T4770] EXT4-fs error (device loop3): ext4_acquire_dquot:6795: comm syz.3.145: Failed to acquire dquot type 0
[  101.466383][ T4770] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5885: Corrupt filesystem
[  101.476507][ T4770] EXT4-fs error (device loop3): ext4_evict_inode:279: inode #11: comm syz.3.145: mark_inode_dirty error
[  101.500227][ T4770] EXT4-fs warning (device loop3): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  101.516166][ T4770] EXT4-fs (loop3): 1 orphan inode deleted
[  101.522652][ T4770] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  101.537688][   T11] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  101.567488][   T11] EXT4-fs error (device loop3): ext4_release_dquot:6818: comm kworker/u4:1: Failed to release dquot type 0
[  101.758240][ T4783] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.837965][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  101.843937][ T4260] EXT4-fs error (device loop3): __ext4_get_inode_loc:4506: comm syz-executor: Invalid inode table block 1 in block_group 0
[  101.882587][ T4260] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5885: Corrupt filesystem
[  101.900832][ T4785] netlink: 16 bytes leftover after parsing attributes in process `syz.4.151'.
[  101.912149][ T4260] EXT4-fs error (device loop3): ext4_quota_off:7084: inode #3: comm syz-executor: mark_inode_dirty error
[  102.136783][ T4783] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.367205][ T4783] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.421494][ T4807] loop2: detected capacity change from 0 to 128
[  102.490343][ T4783] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.701417][ T4813] IPv6: NLM_F_CREATE should be specified when creating new route
[  102.739975][ T4783] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.763496][ T4783] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.801007][ T4783] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.857734][ T4783] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.889022][ T4816] netlink: 4 bytes leftover after parsing attributes in process `syz.0.162'.
[  103.333075][ T4825] loop3: detected capacity change from 0 to 2048
[  103.417768][ T4825] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  103.630790][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  103.863496][ T4841] device bond0 entered promiscuous mode
[  103.870551][ T4841] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.446491][ T4841] bond0 (unregistering): Released all slaves
[  104.491681][ T4853] netlink: 4 bytes leftover after parsing attributes in process `syz.3.177'.
[  104.498306][ T4854] netlink: 'syz.2.176': attribute type 29 has an invalid length.
[  104.509384][ T4854] netlink: 'syz.2.176': attribute type 29 has an invalid length.
[  104.526480][ T4854] netlink: 'syz.2.176': attribute type 29 has an invalid length.
[  104.579705][ T4855] netlink: 'syz.2.176': attribute type 29 has an invalid length.
[  104.620298][ T4854] netlink: 'syz.2.176': attribute type 29 has an invalid length.
[  104.756396][ T4857] block device autoloading is deprecated and will be removed.
[  104.773511][ T4857] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  105.109451][ T4867] loop4: detected capacity change from 0 to 2048
[  105.120695][ T4873] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.183'.
[  105.154290][ T4868] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.183'.
[  105.178765][ T4867] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  105.311163][   T27] kauditd_printk_skb: 13 callbacks suppressed
[  105.311180][   T27] audit: type=1326 audit(1741982911.695:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4876 comm="syz.1.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  105.399507][   T27] audit: type=1326 audit(1741982911.695:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4876 comm="syz.1.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  105.448554][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  105.463361][   T27] audit: type=1326 audit(1741982911.735:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4876 comm="syz.1.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  105.556111][   T27] audit: type=1326 audit(1741982911.735:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4876 comm="syz.1.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  105.641542][ T4884] netlink: 'syz.1.191': attribute type 29 has an invalid length.
[  105.664948][ T4884] netlink: 'syz.1.191': attribute type 29 has an invalid length.
[  105.677316][ T4885] netlink: 4 bytes leftover after parsing attributes in process `syz.4.190'.
[  105.704672][   T27] audit: type=1326 audit(1741982911.735:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4876 comm="syz.1.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  105.730873][ T4884] netlink: 'syz.1.191': attribute type 29 has an invalid length.
[  105.783989][ T4887] netlink: 'syz.1.191': attribute type 29 has an invalid length.
[  105.827863][ T4890] loop0: detected capacity change from 0 to 512
[  105.849939][ T4884] netlink: 'syz.1.191': attribute type 29 has an invalid length.
[  105.867517][ T4890] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.192: casefold flag without casefold feature
[  105.892453][ T4890] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.192: couldn't read orphan inode 15 (err -117)
[  105.907230][ T4890] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  106.132531][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  106.199709][   T27] audit: type=1326 audit(1741982912.575:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.1.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  106.264837][ T4903] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.199'.
[  106.279667][ T4902] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.199'.
[  106.304834][   T27] audit: type=1326 audit(1741982912.585:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.1.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  106.412504][   T27] audit: type=1326 audit(1741982912.585:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.1.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  106.440326][  T126] kernel write not supported for file /102/attr/exec (pid: 126 comm: kworker/1:2)
[  106.473028][   T27] audit: type=1326 audit(1741982912.585:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.1.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  106.571902][   T27] audit: type=1326 audit(1741982912.585:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.1.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  106.885354][ T4918] netlink: 4 bytes leftover after parsing attributes in process `syz.3.205'.
[  107.462272][ T4930] netlink: 24 bytes leftover after parsing attributes in process `syz.3.209'.
[  107.490628][ T4935] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.210'.
[  108.319601][ T4953] __nla_validate_parse: 2 callbacks suppressed
[  108.319620][ T4953] netlink: 4 bytes leftover after parsing attributes in process `syz.3.219'.
[  108.518120][ T4958] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.147152][ T4971] xt_CT: No such helper "pptp"
[  109.167856][ T4958] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.248208][ T4973] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.227'.
[  109.271420][ T4969] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.227'.
[  109.316410][ T4958] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.493933][ T4958] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.574927][ T4981] netlink: 24 bytes leftover after parsing attributes in process `syz.3.228'.
[  109.594104][ T4981] netlink: 21 bytes leftover after parsing attributes in process `syz.3.228'.
[  109.614365][ T4981] netlink: 21 bytes leftover after parsing attributes in process `syz.3.228'.
[  109.661227][ T4985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.232'.
[  109.751302][ T4958] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.811776][ T4958] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.871521][ T4958] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.915141][ T4958] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.944089][ T4992] loop3: detected capacity change from 0 to 128
[  110.013976][ T4992] FAT-fs (loop3): bogus sectors per cluster 0
[  110.074768][ T4992] FAT-fs (loop3): Can't find a valid FAT filesystem
[  110.242159][ T4997] netlink: 40 bytes leftover after parsing attributes in process `syz.2.234'.
[  111.104528][    C1] sched: RT throttling activated
[  111.426339][   T27] kauditd_printk_skb: 24 callbacks suppressed
[  111.426355][   T27] audit: type=1326 audit(1741982917.815:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5002 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  111.441437][   T27] audit: type=1326 audit(1741982917.825:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5002 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  111.441869][   T27] audit: type=1326 audit(1741982917.825:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5002 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  111.442056][   T27] audit: type=1326 audit(1741982917.825:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5002 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  111.447824][   T27] audit: type=1326 audit(1741982917.835:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5002 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  111.448110][   T27] audit: type=1326 audit(1741982917.835:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5002 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  111.448397][   T27] audit: type=1326 audit(1741982917.835:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5002 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  111.448595][   T27] audit: type=1326 audit(1741982917.835:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5002 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  111.448902][   T27] audit: type=1326 audit(1741982917.835:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5002 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  111.449323][   T27] audit: type=1326 audit(1741982917.835:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5002 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  111.468730][ T5004] netlink: 12 bytes leftover after parsing attributes in process `syz.0.237'.
[  111.468774][ T5004] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.468809][ T5004] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.476536][ T5004] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  111.476568][ T5004] batman_adv: batadv0: Removing interface: batadv_slave_1
[  111.567215][    C0] vkms_vblank_simulate: vblank timer overrun
[  111.666677][    C0] vkms_vblank_simulate: vblank timer overrun
[  111.668814][ T5015] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.241'.
[  111.835672][    C0] vkms_vblank_simulate: vblank timer overrun
[  112.430813][ T5028] loop3: detected capacity change from 0 to 512
[  112.538046][ T5028] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.246: inline data xattr refers to an external xattr inode
[  112.564027][ T5028] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.246: couldn't read orphan inode 12 (err -117)
[  112.599523][ T5028] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  112.673473][ T5035] device batadv0 entered promiscuous mode
[  112.681111][ T5035] device gretap0 entered promiscuous mode
[  112.696246][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  114.740805][ T5050] __nla_validate_parse: 4 callbacks suppressed
[  114.740827][ T5050] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.253'.
[  115.239062][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  116.216591][ T5064] loop3: detected capacity change from 0 to 1024
[  116.245942][ T5064] EXT4-fs: Ignoring removed orlov option
[  116.272692][ T5066] loop2: detected capacity change from 0 to 1024
[  116.283228][ T5064] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  116.303590][ T5064] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  116.393560][ T5064] EXT4-fs (loop3): invalid journal inode
[  116.404845][ T5064] EXT4-fs (loop3): can't get journal size
[  116.413557][ T5064] EXT4-fs error (device loop3): ext4_protect_reserved_inode:182: inode #3: comm syz.3.259: blocks 2-2 from inode overlap system zone
[  116.429871][ T5064] EXT4-fs (loop3): failed to initialize system zone (-117)
[  116.438055][ T5064] EXT4-fs (loop3): mount failed
[  116.457867][ T5066] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  116.703848][ T5071] validate_nla: 15 callbacks suppressed
[  116.703871][ T5071] netlink: 'syz.1.261': attribute type 1 has an invalid length.
[  116.744746][ T5071] netlink: 'syz.1.261': attribute type 4 has an invalid length.
[  116.752815][ T5071] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.261'.
[  117.005405][ T5076] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  117.022478][ T5076] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 51 with max blocks 1 with error 28
[  117.035244][ T5076] EXT4-fs (loop2): This should not happen!! Data will be lost
[  117.035244][ T5076] 
[  117.045095][ T5076] EXT4-fs (loop2): Total free blocks count 0
[  117.051170][ T5076] EXT4-fs (loop2): Free/Dirty block details
[  117.057308][ T5076] EXT4-fs (loop2): free_blocks=68451041280
[  117.063308][ T5076] EXT4-fs (loop2): dirty_blocks=32
[  117.068533][ T5076] EXT4-fs (loop2): Block reservation details
[  117.074613][ T5076] EXT4-fs (loop2): i_reserved_data_blocks=2
[  117.148319][ T5076] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 52 with error 28
[  117.759469][ T5078] netlink: 'syz.1.262': attribute type 29 has an invalid length.
[  117.768053][ T5078] netlink: 'syz.1.262': attribute type 29 has an invalid length.
[  117.777536][ T5078] netlink: 'syz.1.262': attribute type 29 has an invalid length.
[  117.786518][ T5078] netlink: 'syz.1.262': attribute type 29 has an invalid length.
[  117.797344][ T5078] netlink: 'syz.1.262': attribute type 29 has an invalid length.
[  117.890052][ T5080] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.264'.
[  118.008874][ T5082] loop2: detected capacity change from 0 to 1024
[  118.030458][ T5082] EXT4-fs: Ignoring removed bh option
[  118.043564][ T5086] loop4: detected capacity change from 0 to 512
[  118.063925][ T5086] journal_path: Lookup failure for './bus'
[  118.091672][ T5086] EXT4-fs: error: could not find journal device path
[  118.100732][ T5082] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  118.360000][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  119.653907][ T5103] netlink: 'syz.3.272': attribute type 1 has an invalid length.
[  119.682346][ T5103] netlink: 'syz.3.272': attribute type 4 has an invalid length.
[  119.729793][ T5103] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.272'.
[  119.969509][ T5107] netlink: 'syz.3.274': attribute type 29 has an invalid length.
[  120.116151][ T5109] loop4: detected capacity change from 0 to 1024
[  120.315605][ T5109] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  120.866582][ T5121] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  120.882515][ T5121] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 51 with max blocks 1 with error 28
[  120.894999][ T5121] EXT4-fs (loop4): This should not happen!! Data will be lost
[  120.894999][ T5121] 
[  120.904790][ T5121] EXT4-fs (loop4): Total free blocks count 0
[  120.910843][ T5121] EXT4-fs (loop4): Free/Dirty block details
[  120.916915][ T5121] EXT4-fs (loop4): free_blocks=68451041280
[  120.922839][ T5121] EXT4-fs (loop4): dirty_blocks=32
[  120.928084][ T5121] EXT4-fs (loop4): Block reservation details
[  120.934147][ T5121] EXT4-fs (loop4): i_reserved_data_blocks=2
[  120.979987][ T5121] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 52 with error 28
[  121.473467][ T5123] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.277'.
[  121.705024][ T5125] loop2: detected capacity change from 0 to 512
[  121.728948][ T5130] loop0: detected capacity change from 0 to 128
[  121.789474][ T5125] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz.2.278: inline data xattr refers to an external xattr inode
[  121.879752][ T5125] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.278: couldn't read orphan inode 12 (err -117)
[  121.914182][ T5130] syz.0.281: attempt to access beyond end of device
[  121.914182][ T5130] loop0: rw=2049, sector=145, nr_sectors = 48 limit=128
[  121.932467][ T5125] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  121.997061][   T27] kauditd_printk_skb: 18 callbacks suppressed
[  121.997078][   T27] audit: type=1326 audit(1741982928.385:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5126 comm="syz.0.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  122.074631][   T27] audit: type=1326 audit(1741982928.385:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5126 comm="syz.0.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  122.147248][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  122.177690][   T27] audit: type=1326 audit(1741982928.385:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5126 comm="syz.0.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  122.273989][   T27] audit: type=1326 audit(1741982928.385:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5126 comm="syz.0.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  122.334589][   T27] audit: type=1326 audit(1741982928.385:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5126 comm="syz.0.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  122.341431][ T5144] validate_nla: 4 callbacks suppressed
[  122.341451][ T5144] netlink: 'syz.2.286': attribute type 29 has an invalid length.
[  122.415085][ T5144] netlink: 'syz.2.286': attribute type 29 has an invalid length.
[  122.434624][   T27] audit: type=1326 audit(1741982928.385:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5126 comm="syz.0.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  122.466412][ T5148] netlink: 'syz.2.286': attribute type 29 has an invalid length.
[  122.518979][   T27] audit: type=1326 audit(1741982928.385:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5126 comm="syz.0.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  122.541456][ T5144] netlink: 'syz.2.286': attribute type 29 has an invalid length.
[  122.600565][ T5144] netlink: 'syz.2.286': attribute type 29 has an invalid length.
[  122.604586][   T27] audit: type=1326 audit(1741982928.385:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5126 comm="syz.0.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  122.960666][ T5158] device geneve2 entered promiscuous mode
[  124.094297][ T5161] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.290'.
[  124.115688][ T5156] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.290'.
[  126.101093][ T5172] 8021q: adding VLAN 0 to HW filter on device bond1
[  126.392906][   T27] audit: type=1326 audit(1741982932.775:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5188 comm="syz.2.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440538d169 code=0x7ffc0000
[  126.450246][   T27] audit: type=1326 audit(1741982932.775:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5188 comm="syz.2.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440538d169 code=0x7ffc0000
[  126.701936][ T5200] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.305'.
[  126.735714][ T5195] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.305'.
[  127.007630][   T27] kauditd_printk_skb: 3 callbacks suppressed
[  127.007646][   T27] audit: type=1326 audit(1741982933.395:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5204 comm="syz.0.308" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x0
[  127.557921][ T5229] loop3: detected capacity change from 0 to 164
[  127.631416][ T5229] syz.3.313: attempt to access beyond end of device
[  127.631416][ T5229] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  127.656482][ T5229] syz.3.313: attempt to access beyond end of device
[  127.656482][ T5229] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  128.040830][ T5244] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.319'.
[  128.066104][ T5243] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.319'.
[  128.214865][ T5248] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  128.221823][ T5248] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  128.282478][ T5248] vhci_hcd vhci_hcd.0: Device attached
[  128.300925][ T5251] vhci_hcd: connection closed
[  128.304160][ T4550] vhci_hcd: stop threads
[  128.320638][ T4550] vhci_hcd: release socket
[  128.335575][ T4550] vhci_hcd: disconnect device
[  128.406450][ T5259] netlink: 28 bytes leftover after parsing attributes in process `syz.3.325'.
[  128.489159][ T5256] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  128.531776][ T5264] netlink: 'syz.0.326': attribute type 1 has an invalid length.
[  128.553374][ T5264] netlink: 16066 bytes leftover after parsing attributes in process `syz.0.326'.
[  128.740356][ T5268] delete_channel: no stack
[  128.755789][ T5268] delete_channel: no stack
[  128.841232][   T27] audit: type=1326 audit(1741982935.225:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5265 comm="syz.1.327" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x0
[  128.993747][ T5280] syz.3.328 uses obsolete (PF_INET,SOCK_PACKET)
[  129.008405][ T5278] netlink: 'syz.2.331': attribute type 10 has an invalid length.
[  129.042566][ T5278] netlink: 2 bytes leftover after parsing attributes in process `syz.2.331'.
[  129.077948][ T5278] device team0 entered promiscuous mode
[  129.098421][ T5278] device team_slave_0 entered promiscuous mode
[  129.119557][ T5278] device team_slave_1 entered promiscuous mode
[  129.139531][ T5278] bridge0: port 3(team0) entered blocking state
[  129.158862][ T5278] bridge0: port 3(team0) entered disabled state
[  129.188552][ T5278] bridge0: port 3(team0) entered blocking state
[  129.195405][ T5278] bridge0: port 3(team0) entered forwarding state
[  129.274869][ T5282] netlink: 16 bytes leftover after parsing attributes in process `syz.0.332'.
[  129.405709][ T5286] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.333'.
[  129.446282][ T5284] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.333'.
[  130.118205][ T5307] netlink: 'syz.3.340': attribute type 1 has an invalid length.
[  130.846796][ T5333] xt_addrtype: ipv6 BLACKHOLE matching not supported
[  131.880253][   T27] audit: type=1326 audit(1741982938.265:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  131.923250][   T27] audit: type=1326 audit(1741982938.285:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  131.975051][   T27] audit: type=1326 audit(1741982938.285:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  132.065569][   T27] audit: type=1326 audit(1741982938.285:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  132.065617][   T27] audit: type=1326 audit(1741982938.295:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  132.065666][   T27] audit: type=1326 audit(1741982938.295:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  132.065704][   T27] audit: type=1326 audit(1741982938.295:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  132.065741][   T27] audit: type=1326 audit(1741982938.295:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  132.065778][   T27] audit: type=1326 audit(1741982938.305:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  132.065816][   T27] audit: type=1326 audit(1741982938.305:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  132.065853][   T27] audit: type=1326 audit(1741982938.305:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  132.065889][   T27] audit: type=1326 audit(1741982938.305:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  132.065926][   T27] audit: type=1326 audit(1741982938.305:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5364 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  132.632048][ T5391] loop0: detected capacity change from 0 to 512
[  132.726915][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  132.726991][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  132.815142][ T5391] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  132.815503][ T5391] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  132.820547][ T5398] __nla_validate_parse: 7 callbacks suppressed
[  132.820565][ T5398] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.377'.
[  133.144959][ T5397] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.377'.
[  133.343043][ T5410] netlink: 32 bytes leftover after parsing attributes in process `syz.1.380'.
[  133.599954][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  134.094344][ T5428] loop2: detected capacity change from 0 to 512
[  134.152841][ T5428] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  134.179551][ T5428] EXT4-fs (loop2): orphan cleanup on readonly fs
[  134.255747][ T5428] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #16: comm syz.2.389: casefold flag without casefold feature
[  134.321164][ T5428] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.389: couldn't read orphan inode 16 (err -117)
[  134.363682][ T5428] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  134.386573][ T5432] loop0: detected capacity change from 0 to 256
[  134.417240][ T5428] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  134.431268][ T5432] FAT-fs (loop0): Unrecognized mount option "ÿÿÿÿÿÿÿ" or missing value
[  134.512217][ T4456] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  134.573394][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  134.818674][ T5439] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.391'.
[  134.838992][ T5435] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.391'.
[  135.350469][ T5454] netlink: 'syz.0.399': attribute type 29 has an invalid length.
[  135.408903][ T5454] netlink: 'syz.0.399': attribute type 29 has an invalid length.
[  135.438475][ T5457] netlink: 'syz.0.399': attribute type 29 has an invalid length.
[  135.448249][ T5454] netlink: 'syz.0.399': attribute type 29 has an invalid length.
[  135.476162][ T5454] netlink: 'syz.0.399': attribute type 29 has an invalid length.
[  135.647673][ T5461] vxcan1: tx drop: invalid da for name 0x0000000000000002
[  135.662324][ T5463] loop0: detected capacity change from 0 to 256
[  135.733136][ T5463] FAT-fs (loop0): Unrecognized mount option "ÿÿÿÿÿÿÿ" or missing value
[  135.922878][ T5467] netlink: 92 bytes leftover after parsing attributes in process `syz.1.405'.
[  136.751899][ T5486] netlink: 'syz.4.414': attribute type 29 has an invalid length.
[  136.784959][ T5486] netlink: 'syz.4.414': attribute type 29 has an invalid length.
[  136.824365][ T5489] 8021q: adding VLAN 0 to HW filter on device batadv1
[  136.894133][ T5486] netlink: 'syz.4.414': attribute type 29 has an invalid length.
[  136.908268][ T5492] netlink: 'syz.4.414': attribute type 29 has an invalid length.
[  136.968112][ T5486] netlink: 'syz.4.414': attribute type 29 has an invalid length.
[  137.240078][   T27] kauditd_printk_skb: 6 callbacks suppressed
[  137.240094][   T27] audit: type=1326 audit(1741982943.625:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5499 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  137.256043][ T5504] netlink: 28 bytes leftover after parsing attributes in process `syz.2.422'.
[  137.313532][   T27] audit: type=1326 audit(1741982943.625:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5499 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  137.341915][   T27] audit: type=1326 audit(1741982943.655:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5499 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  137.488727][   T27] audit: type=1326 audit(1741982943.655:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5499 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  137.564630][   T27] audit: type=1326 audit(1741982943.655:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5499 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  137.664724][   T27] audit: type=1326 audit(1741982943.665:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5499 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  137.749141][   T27] audit: type=1326 audit(1741982943.665:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5499 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  137.833573][   T27] audit: type=1326 audit(1741982943.665:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5499 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  137.913415][   T27] audit: type=1326 audit(1741982943.665:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5499 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  137.994648][   T27] audit: type=1326 audit(1741982943.665:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5499 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f164a58d169 code=0x7ffc0000
[  138.591819][ T5544] netlink: 28 bytes leftover after parsing attributes in process `syz.0.440'.
[  138.784629][ T5552] xt_hashlimit: max too large, truncated to 1048576
[  138.865296][ T5555] bridge0: port 3(vlan2) entered blocking state
[  138.871308][ T5552] loop4: detected capacity change from 0 to 512
[  138.879816][ T5555] bridge0: port 3(vlan2) entered disabled state
[  138.941291][ T5552] EXT4-fs error (device loop4): ext4_acquire_dquot:6795: comm syz.4.443: Failed to acquire dquot type 1
[  138.969447][ T5552] EXT4-fs (loop4): 1 truncate cleaned up
[  138.980326][ T5552] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  138.980524][ T5557] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  138.998674][ T5552] ext4 filesystem being mounted at /83/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.633517][ T5579] netlink: 4 bytes leftover after parsing attributes in process `syz.1.453'.
[  139.647453][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  140.708164][ T5613] netlink: 4 bytes leftover after parsing attributes in process `syz.0.467'.
[  140.912549][ T5620] xt_hashlimit: max too large, truncated to 1048576
[  141.015475][ T5622] loop2: detected capacity change from 0 to 512
[  141.044185][ T5627] validate_nla: 15 callbacks suppressed
[  141.044206][ T5627] netlink: 'syz.4.472': attribute type 29 has an invalid length.
[  141.094215][ T5622] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.468: Failed to acquire dquot type 1
[  141.156541][ T5627] netlink: 'syz.4.472': attribute type 29 has an invalid length.
[  141.172170][ T5622] EXT4-fs (loop2): 1 truncate cleaned up
[  141.190160][ T5622] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  141.200160][ T5632] netlink: 'syz.4.472': attribute type 29 has an invalid length.
[  141.208827][ T5622] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.239118][ T5627] netlink: 'syz.4.472': attribute type 29 has an invalid length.
[  141.249060][ T5627] netlink: 'syz.4.472': attribute type 29 has an invalid length.
[  141.376987][ T5637] loop4: detected capacity change from 0 to 256
[  141.397198][ T5637] FAT-fs (loop4): Unrecognized mount option "ÿÿÿÿÿÿÿ" or missing value
[  141.605714][ T5641] netlink: 'syz.4.477': attribute type 1 has an invalid length.
[  141.662047][ T5641] 8021q: adding VLAN 0 to HW filter on device bond2
[  141.737818][ T5562] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[  141.789108][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  142.070169][ T5653] netlink: 4 bytes leftover after parsing attributes in process `syz.4.480'.
[  142.331588][ T5662] netlink: 'syz.4.485': attribute type 29 has an invalid length.
[  142.378614][ T5662] netlink: 'syz.4.485': attribute type 29 has an invalid length.
[  142.416202][ T5665] netlink: 'syz.4.485': attribute type 29 has an invalid length.
[  142.432382][ T5667] loop3: detected capacity change from 0 to 256
[  142.456458][ T5668] netlink: 'syz.4.485': attribute type 29 has an invalid length.
[  142.467871][ T5667] FAT-fs (loop3): Unrecognized mount option "ÿÿÿÿÿÿÿ" or missing value
[  142.841364][ T5680] 8021q: adding VLAN 0 to HW filter on device bond3
[  142.870577][ T5672] bond0: (slave bond_slave_0): Slave does not support ipsec offload
[  142.920541][ T5687] xt_hashlimit: max too large, truncated to 1048576
[  142.956227][ T5693] netlink: 4 bytes leftover after parsing attributes in process `syz.1.495'.
[  143.039654][ T5687] loop3: detected capacity change from 0 to 512
[  143.138428][ T5687] __quota_error: 36 callbacks suppressed
[  143.138447][ T5687] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  143.274386][ T5687] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  143.330639][ T5687] EXT4-fs error (device loop3): ext4_acquire_dquot:6795: comm syz.3.493: Failed to acquire dquot type 1
[  143.407059][ T5687] EXT4-fs (loop3): 1 truncate cleaned up
[  143.415771][ T5687] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  143.464927][ T5687] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.764028][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  144.166885][ T5723] netlink: 40 bytes leftover after parsing attributes in process `syz.1.505'.
[  144.962927][ T5727] 8021q: adding VLAN 0 to HW filter on device bond2
[  145.142689][ T5739] netlink: 4 bytes leftover after parsing attributes in process `syz.3.510'.
[  145.391432][ T5745] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.452206][ T5751] 8021q: adding VLAN 0 to HW filter on device bond4
[  145.598498][ T5745] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.641364][ T5758] xt_hashlimit: max too large, truncated to 1048576
[  145.782371][ T5758] loop0: detected capacity change from 0 to 512
[  145.905995][ T5758] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  145.908259][ T5745] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.925382][ T5758] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  145.996565][ T5773] netlink: 40 bytes leftover after parsing attributes in process `syz.4.521'.
[  146.034328][ T5758] EXT4-fs error (device loop0): ext4_acquire_dquot:6795: comm syz.0.517: Failed to acquire dquot type 1
[  146.721171][ T5758] EXT4-fs (loop0): 1 truncate cleaned up
[  146.734744][ T5758] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  146.784721][ T5758] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.851707][ T5777] validate_nla: 14 callbacks suppressed
[  146.851729][ T5777] netlink: 'syz.4.525': attribute type 29 has an invalid length.
[  146.956347][ T5745] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.030941][ T5777] netlink: 'syz.4.525': attribute type 29 has an invalid length.
[  147.039454][ T5778] netlink: 'syz.4.525': attribute type 29 has an invalid length.
[  147.053486][ T5781] netlink: 'syz.4.525': attribute type 29 has an invalid length.
[  147.065112][ T5777] netlink: 'syz.4.525': attribute type 29 has an invalid length.
[  147.165390][ T5782] netlink: 8 bytes leftover after parsing attributes in process `syz.1.524'.
[  147.945451][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  148.029389][ T5745] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.056715][ T5745] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.090411][ T5745] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.121575][ T5745] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.131370][ T5785] netlink: 4 bytes leftover after parsing attributes in process `syz.1.528'.
[  148.358050][ T5792] netlink: 'syz.2.531': attribute type 1 has an invalid length.
[  148.391920][ T5792] 8021q: adding VLAN 0 to HW filter on device bond1
[  148.530663][ T5800] bond0: (slave bond_slave_0): Slave does not support ipsec offload
[  148.666475][ T5809] Illegal XDP return value 4294967294 on prog  (id 186) dev N/A, expect packet loss!
[  148.816705][ T5813] netlink: 'syz.2.539': attribute type 29 has an invalid length.
[  148.834234][ T5813] netlink: 'syz.2.539': attribute type 29 has an invalid length.
[  148.843811][ T5813] netlink: 'syz.2.539': attribute type 29 has an invalid length.
[  148.852547][ T5813] netlink: 'syz.2.539': attribute type 29 has an invalid length.
[  149.481619][ T5824] 8021q: adding VLAN 0 to HW filter on device bond1
[  149.748541][ T5838] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.848666][ T5838] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.055083][ T5838] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.069132][ T5854] bond0: (slave bond_slave_0): Slave does not support ipsec offload
[  150.161990][ T5838] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.333392][ T5838] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.388647][ T5838] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.541117][ T5868] 8021q: adding VLAN 0 to HW filter on device bond2
[  150.553476][ T5838] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  151.300524][ T5838] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.934429][ T5895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.574'.
[  151.997123][ T5897] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.575'.
[  152.013794][ T5896] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.575'.
[  152.114050][ T5900] netlink: 8 bytes leftover after parsing attributes in process `syz.0.577'.
[  152.133740][ T5900] netlink: 8 bytes leftover after parsing attributes in process `syz.0.577'.
[  152.174640][ T5900] netlink: 8 bytes leftover after parsing attributes in process `syz.0.577'.
[  152.279380][ T5907] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.413239][ T5911] loop2: detected capacity change from 0 to 512
[  152.428342][ T5907] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.469633][ T5916] validate_nla: 13 callbacks suppressed
[  152.469652][ T5916] netlink: 'syz.0.583': attribute type 29 has an invalid length.
[  152.503642][ T5907] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.527023][ T5911] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  152.536734][ T5916] netlink: 'syz.0.583': attribute type 29 has an invalid length.
[  152.545512][ T5919] netlink: 'syz.0.583': attribute type 29 has an invalid length.
[  152.554270][ T5919] netlink: 'syz.0.583': attribute type 29 has an invalid length.
[  152.565120][ T5911] EXT4-fs (loop2): orphan cleanup on readonly fs
[  152.587890][ T5916] netlink: 'syz.0.583': attribute type 29 has an invalid length.
[  152.602409][ T5911] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #16: comm syz.2.582: casefold flag without casefold feature
[  152.621361][ T5907] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.644068][ T5911] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.582: couldn't read orphan inode 16 (err -117)
[  152.656748][ T5920] device syzkaller1 entered promiscuous mode
[  152.721367][ T5911] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  152.759017][ T5911] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  152.889637][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  152.949933][ T5907] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.003785][ T5907] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.042451][ T5907] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.056243][ T5933] netlink: 8 bytes leftover after parsing attributes in process `syz.2.590'.
[  153.080654][ T5907] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.205038][ T5937] netlink: 32 bytes leftover after parsing attributes in process `syz.1.593'.
[  153.223590][ T5937] netlink: 8 bytes leftover after parsing attributes in process `syz.1.593'.
[  154.331688][ T5949] netlink: 'syz.3.598': attribute type 29 has an invalid length.
[  154.368669][ T5949] netlink: 'syz.3.598': attribute type 29 has an invalid length.
[  154.385439][   T27] audit: type=1326 audit(1741982960.775:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5955 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  154.402420][ T5958] netlink: 'syz.3.598': attribute type 29 has an invalid length.
[  154.428698][ T5949] netlink: 'syz.3.598': attribute type 29 has an invalid length.
[  154.455857][ T5949] netlink: 'syz.3.598': attribute type 29 has an invalid length.
[  154.505215][   T27] audit: type=1326 audit(1741982960.775:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5955 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  154.569165][   T27] audit: type=1326 audit(1741982960.795:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5955 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  154.666478][   T27] audit: type=1326 audit(1741982960.795:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5955 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  154.705554][ T5967] netlink: 8 bytes leftover after parsing attributes in process `syz.4.606'.
[  154.731617][   T27] audit: type=1326 audit(1741982960.795:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5955 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  154.819523][   T27] audit: type=1326 audit(1741982960.805:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5955 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  154.860288][ T5972] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  154.911606][   T27] audit: type=1326 audit(1741982960.805:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5955 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  154.981319][   T27] audit: type=1326 audit(1741982960.805:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5955 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  155.016731][   T27] audit: type=1326 audit(1741982960.815:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5955 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  155.104679][   T27] audit: type=1326 audit(1741982960.815:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5955 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  155.293307][ T5982] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.069509][ T6025] 8021q: adding VLAN 0 to HW filter on device bond1
[  157.185387][ T6033] loop0: detected capacity change from 0 to 512
[  157.226472][ T6033] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  157.245994][ T6033] EXT4-fs (loop0): orphan cleanup on readonly fs
[  157.257397][ T6036] __nla_validate_parse: 1 callbacks suppressed
[  157.257415][ T6036] netlink: 15942 bytes leftover after parsing attributes in process `syz.4.632'.
[  157.261032][ T6033] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #16: comm syz.0.634: casefold flag without casefold feature
[  157.300558][ T6033] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.634: couldn't read orphan inode 16 (err -117)
[  157.328586][ T6033] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  157.358372][ T6033] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  157.477078][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  157.561975][ T6043] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  157.622431][ T6045] loop0: detected capacity change from 0 to 1024
[  157.650110][ T6045] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  157.675454][ T6045] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce028, mo2=0000]
[  157.737778][ T6045] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #3: block 2: comm syz.0.638: lblock 2 mapped to illegal pblock 2 (length 1)
[  157.767506][ T6045] EXT4-fs (loop0): Remounting filesystem read-only
[  157.774107][ T6045] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #3: block 48: comm syz.0.638: lblock 0 mapped to illegal pblock 48 (length 1)
[  157.785579][ T6041] loop4: detected capacity change from 0 to 8192
[  157.912571][ T6045] EXT4-fs (loop0): Remounting filesystem read-only
[  157.924797][ T6045] EXT4-fs error (device loop0): ext4_acquire_dquot:6795: comm syz.0.638: Failed to acquire dquot type 0
[  157.960117][ T6045] EXT4-fs (loop0): Remounting filesystem read-only
[  157.991572][ T6045] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5885: Corrupt filesystem
[  158.014798][ T6045] EXT4-fs (loop0): Remounting filesystem read-only
[  158.021375][ T6045] EXT4-fs error (device loop0): ext4_evict_inode:279: inode #11: comm syz.0.638: mark_inode_dirty error
[  158.022447][ T6052] loop2: detected capacity change from 0 to 1024
[  158.071189][ T6045] EXT4-fs (loop0): Remounting filesystem read-only
[  158.095345][ T6052] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  158.108483][ T6045] EXT4-fs warning (device loop0): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  158.119424][ T6045] EXT4-fs (loop0): 1 orphan inode deleted
[  158.125697][ T6045] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  158.304714][ T4421] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  158.373536][ T4421] EXT4-fs (loop0): Remounting filesystem read-only
[  158.394991][ T4421] EXT4-fs error (device loop0): ext4_release_dquot:6818: comm kworker/u4:7: Failed to release dquot type 0
[  158.452968][ T4421] EXT4-fs (loop0): Remounting filesystem read-only
[  158.465122][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  158.474955][ T4263] EXT4-fs error (device loop0): __ext4_get_inode_loc:4506: comm syz-executor: Invalid inode table block 1 in block_group 0
[  158.525040][ T4263] EXT4-fs (loop0): Remounting filesystem read-only
[  158.533288][ T4263] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5885: Corrupt filesystem
[  158.577991][ T4263] EXT4-fs (loop0): Remounting filesystem read-only
[  158.594735][ T4263] EXT4-fs error (device loop0): ext4_quota_off:7084: inode #3: comm syz-executor: mark_inode_dirty error
[  158.636155][ T4263] EXT4-fs (loop0): Remounting filesystem read-only
[  159.033406][ T6066] validate_nla: 8 callbacks suppressed
[  159.033427][ T6066] netlink: 'syz.0.645': attribute type 1 has an invalid length.
[  159.195637][ T6066] 8021q: adding VLAN 0 to HW filter on device bond3
[  159.431070][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  160.149485][ T6075] netlink: 'syz.2.646': attribute type 1 has an invalid length.
[  160.267508][ T6075] netlink: 15942 bytes leftover after parsing attributes in process `syz.2.646'.
[  160.387060][ T6079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.648'.
[  162.556768][ T6099] netlink: 'syz.0.655': attribute type 29 has an invalid length.
[  162.597790][ T6099] netlink: 'syz.0.655': attribute type 29 has an invalid length.
[  162.670515][ T6099] netlink: 'syz.0.655': attribute type 29 has an invalid length.
[  162.709386][ T6103] netlink: 'syz.2.657': attribute type 1 has an invalid length.
[  162.754758][ T6103] 8021q: adding VLAN 0 to HW filter on device bond3
[  162.771871][ T6099] netlink: 'syz.0.655': attribute type 29 has an invalid length.
[  162.885953][ T6107] netlink: 'syz.0.655': attribute type 29 has an invalid length.
[  163.440517][ T6115] netlink: 'syz.2.660': attribute type 1 has an invalid length.
[  163.470141][ T6113] netlink: 4 bytes leftover after parsing attributes in process `syz.0.661'.
[  163.472462][ T6115] netlink: 15942 bytes leftover after parsing attributes in process `syz.2.660'.
[  163.574438][ T6118] loop3: detected capacity change from 0 to 512
[  163.601760][ T6118] EXT4-fs (loop3): orphan cleanup on readonly fs
[  163.616315][ T6118] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.662: bg 0: block 248: padding at end of block bitmap is not set
[  163.641515][ T6118] __quota_error: 12 callbacks suppressed
[  163.641536][ T6118] Quota error (device loop3): write_blk: dquota write failed
[  163.656198][ T6118] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  163.666370][ T6118] EXT4-fs error (device loop3): ext4_acquire_dquot:6795: comm syz.3.662: Failed to acquire dquot type 1
[  163.710386][ T6118] EXT4-fs (loop3): 1 truncate cleaned up
[  163.721598][ T6118] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  164.023135][ T6132] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  164.035013][ T6133] loop4: detected capacity change from 0 to 1024
[  164.107687][ T6133] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  164.364854][ T6118] syz.3.662 (6118) used greatest stack depth: 19352 bytes left
[  164.392668][ T4260] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 12
[  164.431037][ T4260] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 12
[  164.930158][ T6141] netlink: 'syz.2.671': attribute type 1 has an invalid length.
[  164.965708][ T6141] 8021q: adding VLAN 0 to HW filter on device bond4
[  165.109076][ T6146] netlink: 'syz.0.673': attribute type 29 has an invalid length.
[  165.158951][ T6146] netlink: 'syz.0.673': attribute type 29 has an invalid length.
[  165.180154][ T6149] netlink: 'syz.0.673': attribute type 29 has an invalid length.
[  165.215777][ T6150] netlink: 'syz.0.673': attribute type 29 has an invalid length.
[  165.255781][   T11] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.303201][ T6146] netlink: 'syz.0.673': attribute type 29 has an invalid length.
[  165.316980][ T6152] netlink: 'syz.2.676': attribute type 1 has an invalid length.
[  165.327072][ T6152] netlink: 15942 bytes leftover after parsing attributes in process `syz.2.676'.
[  165.351967][   T11] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.431229][   T11] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.507434][   T11] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.596429][ T6165] netlink: 8 bytes leftover after parsing attributes in process `syz.2.680'.
[  166.850561][ T6169] loop0: detected capacity change from 0 to 512
[  167.003087][ T6169] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #2: comm syz.0.681: corrupted xattr block 255
[  167.022182][   T27] audit: type=1326 audit(1741982973.405:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  167.025927][ T6169] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  167.053785][ T6169] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  167.063541][ T6169] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #2: comm syz.0.681: corrupted xattr block 255
[  167.074364][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  167.104954][   T27] audit: type=1326 audit(1741982973.455:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  167.129193][   T27] audit: type=1326 audit(1741982973.455:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  167.192281][   T27] audit: type=1326 audit(1741982973.455:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  167.293480][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  167.327084][   T27] audit: type=1326 audit(1741982973.475:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  167.378852][ T4254] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  167.388226][ T4254] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  167.397892][ T4254] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  167.405976][   T27] audit: type=1326 audit(1741982973.475:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  167.429892][   T27] audit: type=1326 audit(1741982973.475:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  167.452968][   T27] audit: type=1326 audit(1741982973.475:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fafc158d169 code=0x7ffc0000
[  167.475675][ T4254] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  167.485910][ T4257] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  167.493268][ T4257] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  167.621635][ T6192] netlink: 'syz.0.687': attribute type 29 has an invalid length.
[  167.754058][ T6192] netlink: 'syz.0.687': attribute type 29 has an invalid length.
[  167.785628][ T6193] netlink: 'syz.0.687': attribute type 29 has an invalid length.
[  168.922193][ T6208] loop0: detected capacity change from 0 to 2048
[  169.034113][ T6208] Alternate GPT is invalid, using primary GPT.
[  169.065058][ T6208]  loop0: p1 p2 p3
[  169.417518][ T6219] netlink: 8 bytes leftover after parsing attributes in process `syz.2.692'.
[  169.504058][ T6181] chnl_net:caif_netlink_parms(): no params data found
[  169.525664][ T4257] Bluetooth: hci3: command 0x0409 tx timeout
[  170.389692][ T6231] udevd[6231]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  170.644914][ T6235] loop0: detected capacity change from 0 to 1024
[  170.727281][ T6235] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  171.191962][ T6181] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.219009][ T6181] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.245817][ T6181] device bridge_slave_0 entered promiscuous mode
[  171.275651][   T11] device hsr_slave_0 left promiscuous mode
[  171.299216][   T11] device hsr_slave_1 left promiscuous mode
[  171.333296][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.355573][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.370348][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.384700][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.614977][ T4257] Bluetooth: hci3: command 0x041b tx timeout
[  171.927483][   T11] device bridge_slave_1 left promiscuous mode
[  171.938368][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.030075][   T11] device bridge_slave_0 left promiscuous mode
[  172.039258][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.132613][   T11] device veth1_macvtap left promiscuous mode
[  172.161705][   T11] device veth0_macvtap left promiscuous mode
[  172.184965][   T11] device veth1_vlan left promiscuous mode
[  172.196258][   T11] device veth0_vlan left promiscuous mode
[  173.219307][   T11] bond1 (unregistering): Released all slaves
[  173.552877][   T11] team0 (unregistering): Port device team_slave_1 removed
[  173.590014][   T11] team0 (unregistering): Port device team_slave_0 removed
[  173.631769][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  173.669862][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  173.687262][ T4257] Bluetooth: hci3: command 0x040f tx timeout
[  174.059615][   T11] bond0 (unregistering): Released all slaves
[  174.130798][ T6181] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.138095][ T6181] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.147733][ T6181] device bridge_slave_1 entered promiscuous mode
[  174.170592][ T6278] netlink: 8 bytes leftover after parsing attributes in process `syz.4.705'.
[  174.381606][ T6181] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  174.412317][ T6181] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  174.531113][ T6181] team0: Port device team_slave_0 added
[  174.549432][ T6181] team0: Port device team_slave_1 added
[  174.731599][ T6181] batman_adv: batadv0: Adding interface: batadv_slave_0
[  174.741454][ T6181] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.807504][ T6181] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  174.857749][ T6181] batman_adv: batadv0: Adding interface: batadv_slave_1
[  174.872928][ T6181] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.962815][ T6181] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.234698][ T6308] netlink: 40 bytes leftover after parsing attributes in process `syz.2.714'.
[  175.764734][ T4257] Bluetooth: hci3: command 0x0419 tx timeout
[  176.038987][ T6181] device hsr_slave_0 entered promiscuous mode
[  176.061241][ T6181] device hsr_slave_1 entered promiscuous mode
[  177.347211][ T6336] loop4: detected capacity change from 0 to 2048
[  177.585161][ T6336] Alternate GPT is invalid, using primary GPT.
[  177.669804][ T6336]  loop4: p1 p2 p3
[  177.734826][ T6337] netlink: 8 bytes leftover after parsing attributes in process `syz.2.719'.
[  178.363041][ T6231] udevd[6231]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  178.610055][ T6181] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  178.679747][ T6181] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  178.740893][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  178.745624][ T6181] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  178.804914][ T6181] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  179.237387][ T6363] netlink: 40 bytes leftover after parsing attributes in process `syz.0.725'.
[  180.261391][ T6181] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.345328][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  180.364125][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  180.387747][ T6181] 8021q: adding VLAN 0 to HW filter on device team0
[  180.531742][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  180.555068][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  180.585701][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.592841][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  180.618966][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  180.645115][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  180.741805][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.749036][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  180.801354][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  180.831106][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  180.892968][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  181.723339][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  181.736078][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  181.763359][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  181.792740][ T6181] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  181.807364][ T6181] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  181.822135][ T6381] netlink: 8 bytes leftover after parsing attributes in process `syz.0.731'.
[  181.837908][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  181.849551][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  181.859666][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  181.892718][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  181.908309][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  181.918866][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  181.980304][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  182.202993][ T6395] loop4: detected capacity change from 0 to 1024
[  182.367750][ T6395] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  182.835475][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  182.842969][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  183.002789][ T6420] netlink: 40 bytes leftover after parsing attributes in process `syz.2.739'.
[  183.062765][ T6181] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.174790][ T6438] validate_nla: 2 callbacks suppressed
[  184.174808][ T6438] netlink: 'syz.1.743': attribute type 1 has an invalid length.
[  184.340008][ T6438] 8021q: adding VLAN 0 to HW filter on device bond2
[  184.370967][ T6442] netlink: 8 bytes leftover after parsing attributes in process `syz.1.743'.
[  184.407578][ T6442] netlink: 24 bytes leftover after parsing attributes in process `syz.1.743'.
[  184.637866][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  184.705947][ T6454] netlink: 60 bytes leftover after parsing attributes in process `syz.2.748'.
[  184.898282][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  184.921571][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  185.048251][ T6454] netlink: 60 bytes leftover after parsing attributes in process `syz.2.748'.
[  185.068719][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  185.084144][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  185.164303][ T6467] netlink: 40 bytes leftover after parsing attributes in process `syz.0.751'.
[  185.928490][ T6181] device veth0_vlan entered promiscuous mode
[  185.938988][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  185.980920][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  186.030729][ T6181] device veth1_vlan entered promiscuous mode
[  186.170013][ T6482] usb usb1: usbfs: process 6482 (syz.0.756) did not claim interface 0 before use
[  186.175733][ T5122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  186.187728][ T4300] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  186.226664][ T5122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  186.302961][ T6181] device veth0_macvtap entered promiscuous mode
[  186.331656][ T6181] device veth1_macvtap entered promiscuous mode
[  186.394893][ T4300] usb 2-1: Using ep0 maxpacket: 32
[  186.480178][ T4300] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  186.524387][ T4300] usb 2-1: config 0 has no interfaces?
[  186.561556][ T4300] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  186.629406][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  186.631417][ T4300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.723280][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.867995][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  186.969121][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.019142][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.156069][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.282923][ T6181] batman_adv: batadv0: Interface activated: batadv_slave_0
[  187.319944][ T5122] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  187.361910][ T5122] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  187.377506][ T5122] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  187.408690][ T5122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  187.422477][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.440913][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.451734][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.467297][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.479317][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.493684][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.507096][ T6181] batman_adv: batadv0: Interface activated: batadv_slave_1
[  187.522616][ T5122] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  187.535671][ T5122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  187.576629][ T6181] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.583445][ T4300] usb 2-1: config 0 descriptor??
[  187.629378][ T6181] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.668731][ T6181] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.685910][ T6181] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.719135][ T6502] netlink: 'syz.2.760': attribute type 1 has an invalid length.
[  187.817187][ T6502] 8021q: adding VLAN 0 to HW filter on device bond5
[  187.850868][ T6505] netlink: 8 bytes leftover after parsing attributes in process `syz.2.760'.
[  187.879512][ T6505] netlink: 24 bytes leftover after parsing attributes in process `syz.2.760'.
[  187.934881][ T4327] usb 2-1: USB disconnect, device number 2
[  188.343419][ T6517] netlink: 40 bytes leftover after parsing attributes in process `syz.0.764'.
[  189.024868][ T4598] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.064306][ T4598] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.178506][ T5122] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  189.187851][ T6521] netlink: 24 bytes leftover after parsing attributes in process `syz.1.767'.
[  189.221822][ T5122] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.265204][ T5122] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.306111][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  189.653020][ T6536] netlink: 4 bytes leftover after parsing attributes in process `syz.2.771'.
[  191.309095][ T6560] netlink: 40 bytes leftover after parsing attributes in process `syz.0.775'.
[  193.413890][ T6573] netlink: 24 bytes leftover after parsing attributes in process `syz.4.780'.
[  194.174221][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  195.011588][ T6608] netlink: 40 bytes leftover after parsing attributes in process `syz.5.787'.
[  195.874731][ T6615] netlink: 24 bytes leftover after parsing attributes in process `syz.2.793'.
[  196.252655][ T6633] netlink: 8 bytes leftover after parsing attributes in process `syz.5.795'.
[  196.277571][ T4254] Bluetooth: hci4: command 0x0406 tx timeout
[  196.278497][ T4257] Bluetooth: hci2: command 0x0406 tx timeout
[  196.290986][ T4265] Bluetooth: hci0: command 0x0406 tx timeout
[  196.298060][ T4265] Bluetooth: hci1: command 0x0406 tx timeout
[  197.322239][ T6648] netlink: 4 bytes leftover after parsing attributes in process `syz.5.804'.
[  197.966802][ T6661] netlink: 40 bytes leftover after parsing attributes in process `syz.0.805'.
[  198.809712][ T6665] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  198.828174][ T6665] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  198.862945][ T6665] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  199.091732][ T6676] loop4: detected capacity change from 0 to 1024
[  199.156388][ T6676] EXT4-fs: Ignoring removed nomblk_io_submit option
[  199.189774][ T6676] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  199.241946][ T6676] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  199.300526][ T6676] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  199.321848][ T6676] System zones: 0-1, 3-36
[  199.442392][ T6676] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  199.458798][ T6692] netlink: 96 bytes leftover after parsing attributes in process `syz.1.822'.
[  199.469765][ T6692] netlink: 'syz.1.822': attribute type 5 has an invalid length.
[  199.481960][ T6692] netlink: 44 bytes leftover after parsing attributes in process `syz.1.822'.
[  199.646557][   T27] kauditd_printk_skb: 28 callbacks suppressed
[  199.646579][   T27] audit: type=1800 audit(1741983005.975:282): pid=6676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.814" name="bus" dev="loop4" ino=18 res=0 errno=0
[  199.772058][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  199.778091][   T27] audit: type=1800 audit(1741983005.975:283): pid=6676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.814" name="bus" dev="loop4" ino=18 res=0 errno=0
[  199.878194][ T6700] netlink: 40 bytes leftover after parsing attributes in process `syz.5.821'.
[  201.193802][ T6724] netlink: 60 bytes leftover after parsing attributes in process `syz.4.830'.
[  201.240687][ T6726] loop0: detected capacity change from 0 to 1024
[  201.285448][ T6726] EXT4-fs: Ignoring removed nobh option
[  201.334962][ T6726] EXT4-fs: inline encryption not supported
[  201.374531][ T6726] EXT4-fs: Ignoring removed bh option
[  201.428045][ T6726] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  201.558719][ T6726] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  201.765491][ T6743] loop4: detected capacity change from 0 to 512
[  201.825511][ T6743] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  201.860169][ T6743] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.910759][ T6743] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  201.989472][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  202.034129][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  202.389369][   T27] audit: type=1326 audit(1741983008.775:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.5.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6e0b8d169 code=0x7ffc0000
[  202.484740][ T6762] netlink: 40 bytes leftover after parsing attributes in process `syz.1.838'.
[  202.803011][   T27] audit: type=1326 audit(1741983008.775:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.5.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6e0b8d169 code=0x7ffc0000
[  203.084159][   T27] audit: type=1326 audit(1741983008.775:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.5.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6e0b8d169 code=0x7ffc0000
[  203.154787][   T27] audit: type=1326 audit(1741983008.775:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.5.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6e0b8d169 code=0x7ffc0000
[  203.218265][ T6757] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.837'.
[  203.244674][ T6760] netlink: 'syz.5.841': attribute type 21 has an invalid length.
[  203.265937][ T6760] netlink: 'syz.5.841': attribute type 1 has an invalid length.
[  203.324555][   T27] audit: type=1326 audit(1741983008.775:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.5.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6e0b8d169 code=0x7ffc0000
[  203.363345][ T6760] netlink: 144 bytes leftover after parsing attributes in process `syz.5.841'.
[  203.429333][   T27] audit: type=1326 audit(1741983008.775:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.5.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6e0b8d169 code=0x7ffc0000
[  203.524798][   T27] audit: type=1326 audit(1741983008.775:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.5.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6e0b8d169 code=0x7ffc0000
[  203.549629][   T27] audit: type=1326 audit(1741983008.775:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.5.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6e0b8d169 code=0x7ffc0000
[  204.282516][ T6788] device geneve2 entered promiscuous mode
[  204.295664][ T4298] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  204.494667][ T4298] usb 6-1: Using ep0 maxpacket: 16
[  204.503065][ T6790] netlink: 12 bytes leftover after parsing attributes in process `syz.4.854'.
[  204.510107][ T4298] usb 6-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  204.541601][ T4298] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.564570][ T4298] usb 6-1: Product: syz
[  204.568794][ T4298] usb 6-1: Manufacturer: syz
[  204.573419][ T4298] usb 6-1: SerialNumber: syz
[  204.597917][ T4298] usb 6-1: config 0 descriptor??
[  204.610512][ T4298] ssu100 6-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  204.802170][ T6794] loop4: detected capacity change from 0 to 512
[  204.809684][ T6794] journal_path: Lookup failure for './bus'
[  204.811166][ T4298] ssu100: probe of 6-1:0.0 failed with error -32
[  204.815598][ T6794] EXT4-fs: error: could not find journal device path
[  204.929764][ T6796] netlink: 40 bytes leftover after parsing attributes in process `syz.0.855'.
[  205.412556][ T6798] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.856'.
[  205.677596][ T4298] usb 6-1: USB disconnect, device number 2
[  205.704547][ T4456] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  207.289199][ T6837] loop2: detected capacity change from 0 to 512
[  207.303869][ T6839] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.868'.
[  207.396507][ T6837] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  207.435390][ T6837] ext4 filesystem being mounted at /187/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  207.663789][ T6847] netlink: 'syz.5.870': attribute type 1 has an invalid length.
[  207.770568][ T6847] netlink: 8 bytes leftover after parsing attributes in process `syz.5.870'.
[  207.819147][ T6849] netlink: 40 bytes leftover after parsing attributes in process `syz.0.869'.
[  208.529458][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  208.773874][ T6858] netlink: 12 bytes leftover after parsing attributes in process `syz.2.871'.
[  208.899728][   T27] kauditd_printk_skb: 16 callbacks suppressed
[  208.899746][   T27] audit: type=1326 audit(1741983015.285:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6862 comm="syz.4.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  208.954108][ T6858] loop2: detected capacity change from 0 to 512
[  208.971814][   T27] audit: type=1326 audit(1741983015.285:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6862 comm="syz.4.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  208.998998][ T6863] netlink: 'syz.4.876': attribute type 21 has an invalid length.
[  209.011297][ T6858] journal_path: Lookup failure for './bus'
[  209.017216][ T6863] netlink: 'syz.4.876': attribute type 1 has an invalid length.
[  209.017238][ T6863] netlink: 144 bytes leftover after parsing attributes in process `syz.4.876'.
[  209.067876][   T27] audit: type=1326 audit(1741983015.315:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6862 comm="syz.4.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  209.115414][ T6858] EXT4-fs: error: could not find journal device path
[  209.131079][   T27] audit: type=1326 audit(1741983015.315:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6862 comm="syz.4.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  209.236090][   T27] audit: type=1326 audit(1741983015.315:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6862 comm="syz.4.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  209.290714][   T27] audit: type=1326 audit(1741983015.315:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6862 comm="syz.4.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  209.313671][   T27] audit: type=1326 audit(1741983015.315:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6862 comm="syz.4.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  209.402611][   T27] audit: type=1326 audit(1741983015.315:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6862 comm="syz.4.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  209.514573][   T27] audit: type=1326 audit(1741983015.325:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6862 comm="syz.4.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  209.881916][   T27] audit: type=1326 audit(1741983015.325:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6862 comm="syz.4.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76e58d169 code=0x7ffc0000
[  210.344204][ T6883] loop5: detected capacity change from 0 to 512
[  210.442716][ T6883] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  210.498810][ T6883] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.885648][ T6901] netlink: 40 bytes leftover after parsing attributes in process `syz.4.884'.
[  211.754301][ T6181] EXT4-fs (loop5): unmounting filesystem.
[  212.209647][ T6923] netlink: 12 bytes leftover after parsing attributes in process `syz.5.893'.
[  212.345321][ T6928] loop5: detected capacity change from 0 to 512
[  212.387251][ T6928] journal_path: Lookup failure for './bus'
[  212.393152][ T6928] EXT4-fs: error: could not find journal device path
[  213.606263][ T6954] netlink: 40 bytes leftover after parsing attributes in process `syz.4.901'.
[  214.498031][ T6962] loop2: detected capacity change from 0 to 512
[  214.526199][ T6966] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.906'.
[  214.590857][ T6962] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  214.710765][ T6962] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  214.926133][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  215.200224][ T6983] loop4: detected capacity change from 0 to 512
[  215.216431][ T6983] EXT4-fs: inline encryption not supported
[  215.374246][ T6983] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  215.397618][ T6983] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.436757][ T6983] EXT4-fs error (device loop4): ext4_do_update_inode:5224: inode #2: comm syz.4.912: corrupted inode contents
[  215.464595][ T6983] EXT4-fs error (device loop4): ext4_dirty_inode:6089: inode #2: comm syz.4.912: mark_inode_dirty error
[  215.506785][ T6983] EXT4-fs error (device loop4): ext4_do_update_inode:5224: inode #2: comm syz.4.912: corrupted inode contents
[  215.619490][ T6995] EXT4-fs error (device loop4): ext4_do_update_inode:5224: inode #2: comm syz.4.912: corrupted inode contents
[  215.663681][ T6995] EXT4-fs error (device loop4): ext4_dirty_inode:6089: inode #2: comm syz.4.912: mark_inode_dirty error
[  215.691778][ T6995] EXT4-fs error (device loop4): ext4_do_update_inode:5224: inode #2: comm syz.4.912: corrupted inode contents
[  215.728037][ T6995] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.912: mark_inode_dirty error
[  215.752152][ T6995] EXT4-fs error (device loop4): ext4_do_update_inode:5224: inode #2: comm syz.4.912: corrupted inode contents
[  215.790141][ T6995] EXT4-fs error (device loop4): ext4_dirty_inode:6089: inode #2: comm syz.4.912: mark_inode_dirty error
[  216.124048][ T7008] loop2: detected capacity change from 0 to 512
[  216.239485][ T7008] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  216.264680][ T7008] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  216.267077][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  216.320995][ T7008] EXT4-fs (loop2): 1 truncate cleaned up
[  216.339130][ T7008] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  216.402582][ T7016] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.919'.
[  216.554894][ T7021] loop5: detected capacity change from 0 to 512
[  216.567078][ T7022] loop0: detected capacity change from 0 to 512
[  216.631843][ T7022] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  216.642271][ T7021] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  216.675907][ T7022] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  216.906294][ T6181] EXT4-fs (loop5): unmounting filesystem.
[  216.939660][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  217.343329][ T7047] loop4: detected capacity change from 0 to 1024
[  217.384439][ T7046] loop2: detected capacity change from 0 to 512
[  217.389446][ T7047] EXT4-fs: Ignoring removed orlov option
[  217.408661][ T7046] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  217.468308][ T7046] EXT4-fs (loop2): orphan cleanup on readonly fs
[  217.502213][ T7046] __quota_error: 49 callbacks suppressed
[  217.502232][ T7046] Quota error (device loop2): do_check_range: Getting block 196613 out of range 1-5
[  217.532156][ T7046] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  217.563151][ T7046] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.926: Failed to acquire dquot type 1
[  217.564667][ T7047] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  217.672654][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  217.789814][ T7046] EXT4-fs (loop2): 1 truncate cleaned up
[  217.809128][ T7046] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  217.958343][ T7066] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.931'.
[  217.980101][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  218.512586][ T7081] serio: Serial port ptm0
[  219.316397][ T7101] netlink: 12 bytes leftover after parsing attributes in process `syz.5.940'.
[  219.348172][ T7101] netlink: 8 bytes leftover after parsing attributes in process `syz.5.940'.
[  219.600847][ T7109] netlink: 16162 bytes leftover after parsing attributes in process `syz.2.943'.
[  219.919967][ T7114] lo speed is unknown, defaulting to 1000
[  219.956295][ T7114] lo speed is unknown, defaulting to 1000
[  219.996683][ T7114] lo speed is unknown, defaulting to 1000
[  220.034649][ T7122] netlink: 40 bytes leftover after parsing attributes in process `syz.5.944'.
[  220.695578][ T7114] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  220.813011][ T7114] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  220.993048][ T7114] lo speed is unknown, defaulting to 1000
[  221.037879][ T7114] lo speed is unknown, defaulting to 1000
[  221.068489][ T7114] lo speed is unknown, defaulting to 1000
[  221.107807][ T7114] lo speed is unknown, defaulting to 1000
[  221.148221][ T7114] lo speed is unknown, defaulting to 1000
[  221.583598][ T7144] loop5: detected capacity change from 0 to 512
[  221.680291][ T7144] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  221.694769][ T7027] ------------[ cut here ]------------
[  221.700709][ T7027] kernel BUG at fs/buffer.c:2666!
[  221.722951][ T7027] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  221.729086][ T7027] CPU: 0 PID: 7027 Comm: kmmpd-loop0 Not tainted 6.1.131-syzkaller #0
[  221.737280][ T7027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  221.747369][ T7027] RIP: 0010:submit_bh_wbc+0x4c0/0x4e0
[  221.752885][ T7027] Code: 02 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c be fe ff ff 48 89 ef e8 e1 3f e0 ff e9 b1 fe ff ff e8 a7 de 88 ff 0f 0b e8 a0 de 88 ff <0f> 0b e8 99 de 88 ff 0f 0b e8 92 de 88 ff 0f 0b e8 8b de 88 ff 0f
[  221.772571][ T7027] RSP: 0018:ffffc90003737c40 EFLAGS: 00010293
[  221.778679][ T7027] RAX: ffffffff8201cb20 RBX: 0000000000000000 RCX: ffff8880798fd940
[  221.786673][ T7027] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  221.794836][ T7027] RBP: ffffc90003737d50 R08: ffffffff8201c6fd R09: ffffed100e95ad7a
[  221.802835][ T7027] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1100e95ad79
[  221.810843][ T7027] R13: ffff888074ad6bc8 R14: 0000000000000000 R15: 0000000000003801
[  221.818849][ T7027] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  221.827811][ T7027] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  221.834430][ T7027] CR2: 000055557dcb5808 CR3: 0000000073ed1000 CR4: 00000000003506f0
[  221.842445][ T7027] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  221.850452][ T7027] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  221.858460][ T7027] Call Trace:
[  221.861768][ T7027]  <TASK>
[  221.864721][ T7027]  ? __die_body+0x5e/0xa0
[  221.869092][ T7027]  ? die+0x83/0xb0
[  221.872840][ T7027]  ? do_trap+0x11e/0x350
[  221.877094][ T7027]  ? submit_bh_wbc+0x4c0/0x4e0
[  221.881864][ T7027]  ? submit_bh_wbc+0x4c0/0x4e0
[  221.886636][ T7027]  ? do_error_trap+0x13d/0x1e0
[  221.891414][ T7027]  ? submit_bh_wbc+0x4c0/0x4e0
[  221.896182][ T7027]  ? do_int3+0x30/0x30
[  221.900254][ T7027]  ? report_bug+0x3e0/0x500
[  221.904765][ T7027]  ? rcu_is_watching+0x11/0xb0
[  221.909531][ T7027]  ? handle_invalid_op+0x2c/0x40
[  221.914477][ T7027]  ? submit_bh_wbc+0x4c0/0x4e0
[  221.919257][ T7027]  ? exc_invalid_op+0x2f/0x40
[  221.923933][ T7027]  ? asm_exc_invalid_op+0x16/0x20
[  221.928994][ T7027]  ? submit_bh_wbc+0x9d/0x4e0
[  221.933763][ T7027]  ? submit_bh_wbc+0x4c0/0x4e0
[  221.938537][ T7027]  ? submit_bh_wbc+0x4c0/0x4e0
[  221.943320][ T7027]  write_mmp_block_thawed+0x3b6/0x5a0
[  221.948703][ T7027]  ? read_mmp_block+0x7e0/0x7e0
[  221.953558][ T7027]  ? update_process_times+0x1b0/0x1b0
[  221.958938][ T7027]  ? kmmpd+0x40c/0xa70
[  221.963039][ T7027]  write_mmp_block+0x13f/0x390
[  221.967815][ T7027]  kmmpd+0x40c/0xa70
[  221.971760][ T7027]  ? write_mmp_block_thawed+0x5a0/0x5a0
[  221.977445][ T7027]  ? __kthread_parkme+0x168/0x1c0
[  221.982510][ T7027]  kthread+0x28d/0x320
[  221.986603][ T7027]  ? write_mmp_block_thawed+0x5a0/0x5a0
[  221.992153][ T7027]  ? kthread_blkcg+0xd0/0xd0
[  221.996758][ T7027]  ret_from_fork+0x1f/0x30
[  222.001210][ T7027]  </TASK>
[  222.004247][ T7027] Modules linked in:
[  222.119656][ T7144] EXT4-fs (loop5): 1 truncate cleaned up
[  222.136983][ T7144] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  222.253935][ T7027] ---[ end trace 0000000000000000 ]---
[  222.262280][ T7027] RIP: 0010:submit_bh_wbc+0x4c0/0x4e0
[  222.270091][ T7027] Code: 02 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c be fe ff ff 48 89 ef e8 e1 3f e0 ff e9 b1 fe ff ff e8 a7 de 88 ff 0f 0b e8 a0 de 88 ff <0f> 0b e8 99 de 88 ff 0f 0b e8 92 de 88 ff 0f 0b e8 8b de 88 ff 0f
[  222.307179][ T7027] RSP: 0018:ffffc90003737c40 EFLAGS: 00010293
[  222.316978][ T7027] RAX: ffffffff8201cb20 RBX: 0000000000000000 RCX: ffff8880798fd940
[  222.332537][ T7027] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  222.352067][ T7027] RBP: ffffc90003737d50 R08: ffffffff8201c6fd R09: ffffed100e95ad7a
[  222.365962][ T7027] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1100e95ad79
[  222.384379][ T7027] R13: ffff888074ad6bc8 R14: 0000000000000000 R15: 0000000000003801
[  222.414570][ T7027] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  222.435899][ T7027] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  222.443433][ T6181] EXT4-fs (loop5): unmounting filesystem.
[  222.450963][ T7027] CR2: 0000001b2c520220 CR3: 000000004b919000 CR4: 00000000003506e0
[  222.472628][ T7027] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  222.497501][ T7027] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  222.515041][ T7027] Kernel panic - not syncing: Fatal exception
[  222.521403][ T7027] Kernel Offset: disabled
[  222.525751][ T7027] Rebooting in 86400 seconds..