last executing test programs:

2m8.119779622s ago: executing program 1 (id=67):
mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

2m8.053318254s ago: executing program 1 (id=69):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000180)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r4, 0x5120b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty, @multicast1}}}], 0x20}}], 0x1, 0x8000004)

2m8.024878374s ago: executing program 1 (id=71):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x200, 0x0)
ioctl$TUNSETIFF(r2, 0x400454da, &(0x7f00000001c0)={'bond_slave_0\x00'})
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454da, &(0x7f0000000140)={'bond0\x00', 0x100})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'nicvf0\x00', 0x1432})

2m7.942691715s ago: executing program 1 (id=73):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000e00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)}}], 0x1, 0x8000004)
r1 = open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

2m7.799714767s ago: executing program 1 (id=76):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x106263, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x8000000}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)

2m7.441322144s ago: executing program 1 (id=89):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8})

2m7.416963604s ago: executing program 32 (id=89):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8})

1m55.244281074s ago: executing program 3 (id=333):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r0, 0x0, 0x0, 0x1)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = io_uring_setup(0x51d2, &(0x7f0000000400)={0x0, 0x631d, 0x1000, 0x2, 0x402d7})
io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f0000002700)={0x119f, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/264, 0xf9}, {&(0x7f00000015c0)=""/4096, 0xd8da7}, {&(0x7f0000002a00)=""/88, 0x8}], 0x0}, 0x20)

1m55.174210415s ago: executing program 3 (id=336):
r0 = io_uring_setup(0x1cb2, &(0x7f00000003c0)={0x0, 0xfffffffc, 0x0, 0x1, 0x1d})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x3501)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x61, &(0x7f00000004c0)={0x0, 0x3, 0x14}, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454da, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1m55.054854127s ago: executing program 3 (id=343):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x21081e, &(0x7f00000003c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4739}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@dioread_nolock}, {@nomblk_io_submit}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x167)
r3 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7abff, 0x0, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000240)={0x3920e, r1, 0x0, 0x0, 0x9, 0x3})

1m54.328729839s ago: executing program 3 (id=353):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f00000000c0)='./file0/../file0/../file0/../file0/../file0\x00')

1m54.253795961s ago: executing program 3 (id=355):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x87f}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x40020)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000800)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x5, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {}, {0x4, 0x3}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_CT_MARK={0x8, 0x5f, 0x688ff5d5}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8004000}, 0x0)

1m54.007424445s ago: executing program 3 (id=359):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000080007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000700000e0000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002600000000c0a01080000000000000000010000000900020073797a32000000003400038030000080080003400000000224000b80200001800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30"], 0xe4}, 0x1, 0x0, 0x0, 0x4718a05f20824a9e}, 0x0)

1m53.951261745s ago: executing program 33 (id=359):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000080007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000700000e0000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002600000000c0a01080000000000000000010000000900020073797a32000000003400038030000080080003400000000224000b80200001800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30"], 0xe4}, 0x1, 0x0, 0x0, 0x4718a05f20824a9e}, 0x0)

1m53.128941499s ago: executing program 2 (id=378):
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r0, &(0x7f0000000780)=[{{&(0x7f0000000300)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4000844)

1m53.0658972s ago: executing program 2 (id=381):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x304}, "347882c6c46d0631", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000240)='n', 0x1}], 0x1}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x304}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be4bae", "bb10000000000001"}, 0x28)
readv(r0, &(0x7f0000000e40)=[{&(0x7f0000003300)=""/4095, 0xfff}], 0x1)

1m52.999635331s ago: executing program 2 (id=383):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r3}, 0x10)
r4 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

1m52.901814243s ago: executing program 2 (id=384):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f00000000c0)='./file0/../file0/../file0/../file0/../file0\x00')

1m52.850551124s ago: executing program 2 (id=385):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="001c86dd0700100000001400000060ec97000fc804f9fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)

1m52.392929171s ago: executing program 2 (id=387):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000000)='./file1\x00', 0x1c0da, &(0x7f0000000f40)=ANY=[], 0x1, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
r2 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x138)
r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x51)
write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff5295e8cd6f55ce071b304aa0a588b3b7a2efa2f167dd9c1b8b016268d37d9a30983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402c76caf85d4569a75dde2f64", 0x200)
sendfile(r2, r3, 0x0, 0xe065)

1m52.385264091s ago: executing program 34 (id=387):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000000)='./file1\x00', 0x1c0da, &(0x7f0000000f40)=ANY=[], 0x1, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
r2 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x138)
r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x51)
write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff5295e8cd6f55ce071b304aa0a588b3b7a2efa2f167dd9c1b8b016268d37d9a30983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402c76caf85d4569a75dde2f64", 0x200)
sendfile(r2, r3, 0x0, 0xe065)

1m50.396117754s ago: executing program 5 (id=415):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000180)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r4, 0x5120b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty, @multicast1}}}], 0x20}}], 0x1, 0x8000004)

1m50.305269896s ago: executing program 5 (id=417):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

1m50.247447017s ago: executing program 5 (id=419):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180011140b05000800000000000000001812", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85000000010000"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'erspan0\x00', &(0x7f00000004c0)={'tunl0\x00', 0x0, 0x47, 0x0, 0x7, 0x3, {{0x2b, 0x4, 0x3, 0x1a, 0xac, 0x65, 0x0, 0x1, 0x29, 0x0, @remote, @local, {[@lsrr={0x83, 0x7, 0x6c, [@multicast2]}, @ssrr={0x89, 0xf, 0xc1, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2]}, @timestamp_addr={0x44, 0x54, 0xe9, 0x1, 0x8, [{@multicast1}, {@empty, 0x8}, {@multicast2, 0x8}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x800}, {@dev={0xac, 0x14, 0x14, 0x3f}, 0x143}, {@dev={0xac, 0x14, 0x14, 0x13}, 0x3}, {@dev={0xac, 0x14, 0x14, 0x34}, 0x9}, {@remote, 0x7}, {@remote, 0x3}, {@remote, 0x1000}]}, @timestamp_addr={0x44, 0x2c, 0x29, 0x1, 0xd, [{@dev={0xac, 0x14, 0x14, 0x43}, 0xfffff71b}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}, {@empty, 0x3}, {@loopback, 0x46}, {@broadcast, 0x5}]}]}}}}})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)

1m50.0727725s ago: executing program 5 (id=420):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000000), 0x1, 0x4bb, &(0x7f0000000580)="$eJzs3cuLXFUaAPCvqtLP9EweMwxJBiaBDGQepKsfDOmemcUMDMzMIjBMwI1CbLsrbUx1V9NVHdNNFh3dZeFCFAVx4d6/wI1ZGQVxrXtxIRGNLagglNxbVUm/KpaxUyV9fz+o9Dn33NR3Thff4da59/YNILNOJf/kIkYi4oOIONSobt3hVOPHxt3rs8krF/X6hc9z6X5JvbVr6/8djIj1iBiMiP//O+Kp3M641dW1KzPlcmm5WS/WFpaK1dW1s5cXZuZL86XF8alz09NTY5MT03s21psvPHPz/Fv/7X/z6+fv3H7xnbeTbo002zaPYy81ht4XRzZtOxARf38UwXqg0BzPUK87wkNJPr9fRcTpNP8PRSH9NIEsqNfr9e/qA+2a1+vAvpVPj4Fz+dGIaJTz/6qPNo7hfx3D+XKlWvvzpcrK4lzjWPlw9OUvXS6XxprfFQ5HXy6pj6fl+/WJbfXJiPQY+KXCUFofna2U57o71QHbHNyW/18V8vnRpBJ/6nXXgG7wlR+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/IpP+dP5+86q373+eurq5cqVw9O5fMCQsrs6OzleWl0flKZT69Z2fhh96vXKksjf8lVq4Va6VqrVhdXbu4UFlZrF1M7+u/WOrryqiAThw5eeujXESs/3UofSX6m21yFfa3ej0Xvb4HGeiNQq8nIKBnLP1BdvmOD+zyJ3q3GGzXsLT3fQG6I9/rDgA9c+a483+QVdb/Ibus/0N2OcYHrP9D9lj/h+wa2fn8r/T5P7/Y9OyusYj4ZUR8WOgbaD3rC9gP8p/mmsf/Zw79fmR7a3/um/QUQX9EPPvahVeuzdRqy+PJ9i/uba+92tw+0Yv+A51q5WkrjwGA7Nq4e3229epm3M/+2bgIYWf8A821ycH0HOXwRm7LtQq5Pbp2Yf1GRBzbLX6u+bzzxpmP4Y3CjvhHmz9zjbdI+3sgfW56d+If3xT/d5vin/jJvxXIhlvJ/DO2W/7l05yOe/m3df4Z2aNrJ9rPf/l781+hzfx3ssMYT7/+3Cdt49+IOLFr/Fa8wTTW9vhJ3850GP/OE4/9pl1b/Y3G++wWvyUpFWsLS8Xq6trZ9O/IzZcWx6fOTU9PjU1OTBfTNepia6V6p78de//2g8Y/3CZ+u/H/o9mnP3Y4/m9/+97jpx4Q/w+nd//8j7aJnxj6EU/o/3Li4yfbtSXx59qMP78z/rvD0WqNmOwwfvXl/wx0uCsA0AXV1bUrM+VyaVlBQeEhCgM/j27seaHXMxPwqN1P+l73BAAAAAAAAAAAAOhUNy4n7vUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g+8DAAD//3bC1tg=")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair(0x1, 0x100000005, 0x0, 0x0)

1m49.779288494s ago: executing program 5 (id=421):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000540), &(0x7f0000000580)=r3}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r2, &(0x7f0000000780)}, 0x20)

1m49.486436459s ago: executing program 5 (id=423):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000580)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
sendmsg$inet(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

1m49.380260981s ago: executing program 35 (id=423):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000580)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
sendmsg$inet(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

5.563856769s ago: executing program 4 (id=2830):
r0 = socket$packet(0x11, 0x3, 0x300)
sendmsg$DEVLINK_CMD_RATE_DEL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x400c8}, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'geneve0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
bind$packet(r0, &(0x7f0000000000)={0x11, 0x3, r1, 0x1, 0x0, 0x6, @local}, 0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0xc}, {0xfff3, 0x8}}}, 0x24}}, 0x20040000)

3.113009119s ago: executing program 4 (id=2866):
socket$netlink(0x10, 0x3, 0x8000000004)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x60100, 0x30)
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x9, 0x3, 0x8, 0x4, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x5, 0x2})
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

3.07954569s ago: executing program 4 (id=2867):
openat$tun(0xffffffffffffff9c, &(0x7f0000002300), 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040), 0x2, 0x0)
rmdir(&(0x7f0000000140)='./cgroup/../file0\x00')
epoll_create1(0x0)
epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

3.025110641s ago: executing program 4 (id=2869):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000980)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
mlock(&(0x7f0000e1d000/0xe000)=nil, 0xe000)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='mm_page_free\x00', r3}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

3.024710671s ago: executing program 4 (id=2870):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x17, &(0x7f0000000100)={[{@noquota}, {@nodiscard}, {@nomblk_io_submit}, {@errors_continue}]}, 0x1, 0x625, &(0x7f0000001400)="$eJzs3c9rXNUeAPDvncnvvPeShsd7r2/xXkC0BW3SpK0UEWwRXJVSfywEN45NWmqnP2gimlppAnUjiBsXgisX1oX/gxYEV/4DLty4kkoR6UYpOnInd8ZpMjeZxMxMm/l8YDr33HNzz7nJfHvOnDnnTgA9azL9pxCxNyIuJxETDXl9kWVOrh539+drp9NHEpXKiz8lce16stx4riR7Ho2INOO3sUi+joiJ4vpyF5auni+Vy/NXsvT04oXL0wtLVw+cu1A6O392/uLsk7NHjxw+cnTmYMNPnXluq9e3p2H7xI3X3xx77+Qrn358L5n57LuTSRyrVzq9rq2eezOTMRmVTOP+9Pd6dKcL65Ji/XXyp2TtjrWebWOF2JLa368/Iv4dY1Fs+GuOxbvPd7VyQFtVkqi3UUCvScQ/9KhaP6D23r6198EDbe6VAJ1w53jEY/X474+I1fg/NpuNDcZQdWxg5G5y3zhPEhEHd6D8tIxvvjp5I31Em8bhgOaWVwazIfC17X9Sjc3xGKqmRu4W7ov/QjaMO56NH76wcTFjeRmTa9JZ+YPbvR6gdcsrEfGfZv3/zeP/1ew53f/aNsvPiX8AAAAAAABgG24dj4gnmn3+V6jP/xloMv9nNCKO7UD5m3/+V7i9A8UATdw5HvF00/m/hdoh48Us9ffqfID+5My58vzBiPhHROyP/sE0PdN40s8bfjoiDrw/8VFe+Y3z/9JHWn5tLmBWj9t9a2YDzZUWSztw6dDz7qxE/Lcvf/5P2v4nTdr/NL4vt1jGxKM3T+XlbR7/QLtUPonY17T9T+rHJBvfn2O62h+YrvUK1vvf2x98kVe++IfuSdv/kY3jfzBpvF/PwtbOPxARh5b6Knn52+3/DyQvFaNhJeJbpcXFKzMRA8mJ9ftnt1ZneJgMtX7oOxFRjYdavKTxv/+Rjcf/6v3/hjgczu7x1Yp//T76fV6e9h+6J43/uY3b//H72/+tb8zeHP8yr/xTLbX/h6tt+v5sj/E/2FirAdrtegIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAw6gQEX+LpDBV3y4UpqYiRiPinzFSKF9aWHz8zKU3Ls6ledXv/y/Uvul3bDWd1L7/f7whPbsmfSgi9kTEh8Xhanrq9KXyXLcvHgAAAAAAAAAAAAAAAAAAAB4Qo6tP69b/p34odrVqQCf0Zc/iHXpPX7crAHSN+IfeJf6hd+XH/y/3KlUdrQ7QQa22/5Xrba4I0HHb7P/7uAB2Ae//oVf1t3bYULvrAXSD9h8AAAAAAHaVPf+/9W0SEctPDVcfqYEsr/7B4HC3age0UyEvY7Cz9QA6zxxe6F2m/kDvanHyL7CLJfWtX5su9s+f/Z+0p0IAAAAAAAAAAAAAwDr79raw/h/YlXLX/wO73gbr/5st7HG7ANhFrP+H3uU2X0Cts5/3Tf/W/wMAAAAAAAAAAADAA2Do6vlSuTx/ZWGp5Y3rWzn4r2/8GHlZz9Q2VjpQjUpxZ86zXOrcr+4h3+iPiDVZlbHVl+35Uvnl6Gx9ahHTibIGOlhWzkaX/j8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADW+SMAAP//fSQouA==")
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, &(0x7f0000000180)={@id={0x2, 0x0, @auto="19a0a2478c43dedf2826fd69f35add16"}})
semop(0x0, &(0x7f00000000c0)=[{0x4}, {0x2}], 0x2)
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000001a80)=""/4096, 0x1000)

2.812248325s ago: executing program 8 (id=2873):
perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3af, 0x4}, 0x100000, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000040)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2}, 0x18)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xa, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)

2.127537616s ago: executing program 0 (id=2880):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r3, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)

2.000948787s ago: executing program 0 (id=2882):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000400000001"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000000), &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))

1.988467128s ago: executing program 0 (id=2883):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
pwrite64(r2, &(0x7f0000000080)='3', 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
remap_file_pages(&(0x7f0000422000/0x2000)=nil, 0x2000, 0x0, 0x5, 0x20000)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x40)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

1.672519903s ago: executing program 0 (id=2885):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000200)='kmem_cache_free\x00', r3}, 0x18)
r4 = openat$binfmt(0xffffffffffffff9c, r0, 0x2, 0x0)
write(r4, &(0x7f0000000180)="010101", 0x3)
close(r4)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f00000001c0), &(0x7f0000000200), 0x0)

1.615129974s ago: executing program 0 (id=2887):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x1a3)
ioctl$SNDRV_TIMER_IOCTL_PVERSION(0xffffffffffffffff, 0x400454a4, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$selinux_access(0xffffffffffffffff, 0x0, 0x56)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/anycast6\x00')
close_range(r2, 0xffffffffffffffff, 0x0)

1.579100184s ago: executing program 0 (id=2888):
r0 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r0, &(0x7f0000000140)={'full'}, 0xfffffdef)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x45885, 0x80, 0x0, 0x8}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x8, 0x0, 0xfffffdfc}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.074963813s ago: executing program 7 (id=2895):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = getpgrp(0xffffffffffffffff)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kmem_cache_free\x00', r3, 0x0, 0x800}, 0x18)
kcmp(r0, r0, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)

1.022186324s ago: executing program 7 (id=2896):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x75, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000025ad9835850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket(0x200000000000011, 0x2, 0x1)
bind$packet(r1, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0x6a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa424e1aa2e0d4080045000014"], 0x0)

979.979925ms ago: executing program 7 (id=2897):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x2, 0x0, 0x0, 0x0)

864.286556ms ago: executing program 6 (id=2898):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={r3, 0x20, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f00000009c0)=""/4096, 0x1000}}, 0x10)

687.044859ms ago: executing program 6 (id=2899):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0xa6, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000006c0)=ANY=[@ANYBLOB="020a040007000000b6f1ffff000085410500", @ANYRES16], 0x38}}, 0x8802)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0)
sendmmsg(r1, &(0x7f0000000180), 0x3ef, 0x0)

634.77059ms ago: executing program 6 (id=2900):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
open(&(0x7f0000000280)='./file0\x00', 0x40, 0x81)
umount2(&(0x7f0000000280)='./file0\x00', 0x0)

531.334872ms ago: executing program 6 (id=2901):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
io_pgetevents(r3, 0x3, 0x3, &(0x7f0000000440)=[{}, {}, {}], 0x0, 0x0)

412.276234ms ago: executing program 6 (id=2902):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8b, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x105140, 0x0)
fchmod(r3, 0x148)

347.202845ms ago: executing program 6 (id=2903):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r1 = syz_io_uring_setup(0x49b, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x7, 0x288}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x3416, 0x13100}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000000)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r4, 0x2def, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r1, 0x40f6, 0x29a7, 0x0, 0x0, 0x0)

239.682837ms ago: executing program 8 (id=2904):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r0)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd8, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="59bb22bd7000000020001100"], 0x28}}, 0x0)

184.778638ms ago: executing program 8 (id=2905):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x5ad00ea84eb3ba9a, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r2}, 0x10)
socket$can_raw(0x1d, 0x3, 0x1)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)

109.126789ms ago: executing program 8 (id=2906):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
sendmsg$inet(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000340)='_', 0x1}], 0x1}, 0x0)

96.163669ms ago: executing program 7 (id=2907):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r0, &(0x7f0000000480)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0000fa00ea8000"})
r1 = syz_open_pts(r0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
syz_open_dev$sg(0x0, 0x0, 0x0)
r4 = dup3(r1, r0, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f0000000300)={0x800, 0x400, 0x7, 0x3, 0x1b, "1fdcab858507b99f4291a39fb2a903d3107883"})

89.972959ms ago: executing program 8 (id=2908):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, 0x0)
r0 = syz_io_uring_setup(0x3ac6, &(0x7f00000001c0)={0x0, 0xfffffffd, 0x10100, 0x4, 0x37c}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="10100000000000000d01000005000000ece538e8b62831eafcd9056be7c8a4f36891e0bd363476ba635f8d61e20221d10831df051097c214cf0e5f4345fa2c1eff6b0f8eedd3687f41fdd27b53aabf690ef80b8953b86b7943136212b1ec5c95809bc5d24c84f1ea4c6a1ff8b0dfc20e9b15115ddad4e233132bb07ee1577ae158a9ec4de6171ac0a7542ea221a3d97d80e7bed34fde3c64661a751d33a6d102ec5e611cee97f445ff21d4d3b360a17a83b7594ad811751ceb59ea8b5cde9525ac5679cf2e35907c0abbb85a25c776a98af56eff37c6627d00c51fd572f6113013d16a54d005b0f833f3c9cde6b897312b7ddc1b063781f822e06890c08ad3025e80b4a550a680e58053a8c33d2e1858f971a40788f6b287baa082a334140c0091f5f2d232ecbc86218a477e468e5be1b48d7787071b5c891cc3efde21a3b0337adeaa6a41ce8fd6edf1b0a47ca0cd6d785cc2c1c3803dde4d9749a10e21d489531efca60760b4ff2061dd7800c4f23c3d1e2bcd694fcc87261a2fdfee6baaa701c7083e9675a75b8d530f09f72d8d3fed4ed848ba18d11635893b52c84a6f0fdc9711b63cba52c9e33ac701261d5459b6ff53be036549b6d0e617d125a6a758370d0671f5f956918db7c4d0afb4f7369bad2a1cf0b7bcf130464bb031b092392a72e8234c1cc1d41190dad660bd1d9283d7d4c7f7410c83f6cfbd25b438097f3e5fd4a23e56c1995179797f03c6dfc5e8be4515d9c72ef9ecbb7cd80d4e71d2ac2f31396081eb9fee4b5d633aee32775a004f7aee9f33d81f9e469a1bef0a995ca8d50c2d853bfb1ebaf301d0c649b74827ae650b6a3bec85e2e9fd45e33bdd8c29cb0692d78a73700daf8eaff8efc06f8c07b3ce384ab1d925cdc440a4b85ace1edb6202df092fe6b37c11e10f3cb3d9e0cc19d55989766aec965403244c8dabfcdcc51c2297131307048ffc88b47d07e821656fa73395dd464d79ee82b3d4f47bd29f42f44f9521efdec7b0e8b5436d496ae046d72d69bc3d35a62829954fdf87fa10330a7864465ee86c540b2e1320e8453701898027ef86ad0d7c31c009f0e5f4c35eeb870ba4caa3708656b38c3797aaadb4b372acf23c05d55d98eb8c1c628e744a6a4439b5a515a2a083f8fbc71a2e6800c3ffec640d21d05a4b1f4548c5541f809e9766cce96b2c53b220361638c4dc43af7d5edb874bb48ca3c8a837fdccff0c8b50bc402da6262c5e3b344f313153fd455e4414f2b0e4a2bcf881b5615e399f8bbe6c3c20a314539b856de845a6e37e5f6925f3d5929eb59243b792834b0de7643077681b9113f5d192c4e96ebea0465901e5aa5da812b0d112089c048e29c523a753f7babe4e3de0bff0f220493bef0e7b76b051cecc325a8fb60a76880155ed33bbbccb472dd3b568829eb7cfb4280521adee82b1b1b7c31b0baa329f81f254526461b787d32bd18a760944a3f728a8a257f2bb9bc9172daeeb9a3d099fa60a440063b70cb48a54cf8739467f7e2b075b74800056475332bd226daf3e7a85c198107c3fe4818e78dda31d1d8c4c618c218e368a0e20655c325f95ebdb03320448cfd754064e7a6b69b1677d12a5c63b853d77bd06b4759e30e764806b91d5e9e54c907255ead2d433538105dc4dd9d364de0a82bbbe035d34e215be51d468b95a87e0e6d76264ff4a8bde40e956782351b5595118d6f630ae1eeeb5755177d0cd71f259eb580ba0918194a3b75d6110d58079c57ffef2f53a8d0fcd824c1bf83e612a2c63b0dc6f0e6997d7905d5adf649da853204a522043147f7b7debd7c01835b4f311ad3a6c4122f4cc970e2926ea30aaaf307555dea57ef2dbe3e5ec783dc447d1834cb1cc711c34051d5077d373013e995d34dd20a4ae0f3356b388a46ca2d3686daa528246dd0ab3e7400406e88797294d61b24e81ce8812e0eb38e898c658dafa957618e969f73f988fb6a5b13b0bdd2a63e666f88513f5f15d0f0a743be28c5fa6386d9af70292e96b54d4d5495ab142b036f11a7c18d6245ceb713a30c875af0e7124934b1bda9a9484e617360e2b9b63052da78188ab3ff5e2c8df92e3ff7845343165fd501f097296d614e163a33d8e15032147e2f3dd57e8207c11a11cd9d39a786223d2b6b000ab841e3237bcca18431f26a0ece2e478c28b56ccb93966151be4e52d823d1bc345d9a5c2925d06c27e4c74dd2783f55d32d07ae2eb68fe6d5614cf979e3c16d3f467efee15169eb5a641837b93bc06733eab8e30cd85c731ea46a24266dfe87fb8a9515b25841a246e6d8df10faa34da94576a4a3e1ffc78323cc58b122c0a0993da408b82f4a311c2250483a701df3e99fba515f31791b5b8b6ee31cb92731d656b7ff43b38d3b2d9f59008a7400d6f2dece551883f32d0281395379aa42285e90dff71bad695156ba4842936f6ddcd99cdb5ef8a147a15cf6ede0eff9b5106306806574fe9b3ede36418c97ebbb1de5b7b23a453b98e10634956a34cbf40b62b4cff86935ddbdd31cf5b78e1248b19ba060cff190f1f2f178dab05e0d6395d9b1440b01ed10f5c46c903d3e2f78e9393124a981c7db5126210ce0981dfe0566d0751f3a76b66f06390a1df65218832cb33c91a1a78c67b24b4aa1a52231a6152a2483684eecf19522d5a22bde3cac03fd1de054e36325490af9081bda7b85e007e8714fa6f945257d8bbb766f612f682d19f885d054055de33423889c45157120dfde3ae504c6fd55c65fd652245fbc1d20e535da9e326341fd39bbb8f81117516747c7bd6a0e41faae21d4a7b905a6e82d4584bb56c0c2e540e7c69ce8594724b08c1ccb578617cc7f4f203f1f96011a5a3e9e4ae90ec5b7d5c1b5c682706b331c57e56966ac4017dc56e7a701c2c27657dc7fc436c4c02c51a76537bb90fffd13c1a2bb473245cbf0f34b020cc1b267ba624b09616448eabc753f3eb69256aa7f4ae3c590cca158457b1fd5e37c977ea19f30f813e0169c6b37496162134b6ea6501d6e5910a9b4b5597fd379bdceda96f016fea03ebfe375bdd60d9a61099e593706255f8b1a1048db705b304eb2f7b61737df8ddea67277059f37dc9065e71bfb49efbbbe79661afd5f58f388f02a03dcb69758237b6789fcbdc4ea2fea4132d33d777cd5193c210e345f06a1568e061b39b774ed321e435f44a54842435af0d574ceec62e3132d8b57d490d1e8f1860fbd95e6a30176af9c085760e5ecc9199df22b76069e1ec85035c69d754f399824ebd886693d897b55f139cf6053a27d6389e9158d7f187ee506c304953dcb5c0c72fa5c942933bcd0ed00127fc842cd2f50d6483faa9a775450ea4cac5a18d4c4868ca696f136c28a4703d1562167671ad50ea5e70d0c43f95992130db3ac2e97e10f614a8974650366d369437f12e598dd37f474ab5010b3dd4ef6c3a23e37db0ee18675bc16f0e0e96e50a72f3816e08dee4e9407b0906d57a7caf9539288bda2d6577e09c417c01f910f18a324bd7c1b9388fd464109a5cafa70ee2cf83197c6a0acc5e012343ce8afe4e6a94f0f55b2230c9a6acdc9b9cea5c4a06f6d4376a5d8c43a562736b617acfa01f2b8dfc0f4c25cd3f8d7c675ee2cb72d030dbe4f78805dd9589b4874093dd7b4c6b6715fd245e6d853dbbb4ffdaa4f665870f7f22ed0a9d862cff03581ff2c4bc9ee5768c7ca806460a882dd0ffc96238a22715b6a49d50df7705c2d1ad35ab7df6660ba3ded28f6bedd9dba2158c6a3cc7943d6df0bc376135ea3b9211523130ad77dd1532841a7067a77b01573952bab397520a23eac4d5f67c54ff293e14d7e21792b909fae37de019200b6dcdaf815d0c747d891de553072f7d9dec9cb0657f9f2962c0be6f122bf1d8793995ecde34a14d46acbd238d0cc0edfa3556b7a7c763f37bd162bb6d638eda49818fe97ee6f5637254ff1b31cd1c358f19b362a978b689d5661873da06124960f1b25fa2c069586584ce5c83b72c4844ad85c917e35e0fbc6f565771579997cd31fdf3e42dcc1ab17573328e6a73affe545fc82c149566cb11b439cfb804b581a12c1054d4fee14feae7d91db10348b3470e282fc93c07376e050731cbfc091e3b858a9e1679b4c92b44656802a239ef3f0b91a5649eccdbff499328e9243ba7c25aa50de56d3e0dbafcc6aeab35b64b027e36d6e7868d5f6ea7e46d7d6bc263a3f304b5642e60fa847369f6ea08bd9049822fc6f7cebac468e88db61846c417be1c78ea28691e3a58d46607597c2746b0cdcdde0c8d2f21c6f407d88f17fec2eaa290db8b4513e29439be7ddd719d712e8b01dcff54fe42563e40973ad4f1b00bc9489cd10390b63adef8101b82144370e23d92ee972b129e14a3c1945288f7ebbb67999afcda79c63bb458949b6821cb7f6888d422283de23f19de6b06109a5b9e66be004c00c45854599c4323662f51424c3ce2d10d2d75b827669a18622b7ebadf590aae33903d4c9a90e5533d9dfcb7d1f6052c77d92799caa323b7a21493357119b5e3c0b9e69ccfbf28ec7d5b99871644f35bfabbb5c143d136d906b51564b7d8fefd3d31fdbe875c733f3d70994f70fb1c70d23ecc14de56d0c5abd21cb4bff75a353baa80a04ac3a153d8d569ef4c2562067e50be7345ceafd57d7e80028880755e97520b8bcafd55e3162701fe7972f31dfe1ddc77b79e97fd7c0a3fde0c5ee973d2885f3c9148c6b872de4dbb2fc83cfb665074aaf02401f4fc4dd95dc071333bded7cfc1a1af81824dbe4da2622ffc8e78acdc82a917e76fe4e9b0b5fe4e7d38947d3dfe70e7faa1952a4ebd47de74892167dccc2f60ae8d8457e2b1e50ca63b3692fcd13cdf92e25d0fb048d1c2b7196aa2e694bef12a7d206e9aef9bfec220deec4c59283516d3b6f6735c6186af1baed16d1f6c88c4de6e1e87aadceb42d4abe5a28edff4d57f8c4dc43d9481140635ab3604f052597d5e79f524ed8774d039fd83317ce1f909b4eadeae59239526113bf414c933e7dcfa9b2f0ffd3293a013394d8522f00465207ffcb7d96f0702bd06faf0f947691747ba1a05b4dea153178390466ea1a7548ec58d6ea4042da3373b70edf2a98e8bcf30fac5a657315a36be25dbb24aa0283bac1aa63bccff625da4ccd79a30c77f443761de7eed7410700de59a00878984e11374b291fda37c7aebbb7d95aabcec51a0f3975a19e2053f5c45d5dc4be3c2d0f5391f43d3a3d14dd5a69f93d0311bd948cb18e16bbf929331de9bed528c929fecee03777021eb5ec02c6637933b266d1195da1b62d2b0df0726c7bbafab2a0ec060d3e7bebc5002209dcaf4790d38aa0a07a3979e2f489672f8d095d6a6971a5a30c61af3b3eba960974ed4a0989b1e48204fc80e0756e0f7d8c3d4f120643794234653f08d8d5bc8fa905759ca0a1b36e4b490d86d4434bbc4814d6c86a787e0098b00d04e7391e3976f9c3f665227aa7a4d66fe3a694eb8dbbab093fc6760392047eb085db0abf5326aa9611f1da7bcaea327b12b97b5683096d5f014dea74536db50710b722d4d859c399784058f20f181117a707504da274cc55b632eca9f5c225f96144856b30736f9dd40df0faa53fa90760f81a91c96484f15527fda27eb2e47defa383e70b388b3d4c2707b4fa1ec51f5a8b5689bbe9c4d3234d050bbcfddb88fecf317bcd35627693c3082f07146df8df9f3e3fef2d9a9875b6a485a53d9664fb899eb7d07b6c2bf53c605b54acbc5dd1492d8f6babf83eb734f9292a482d6772ab6274d17444b99d08e83bf3e003196c43972fe5700000000000000380c"], 0x1c48}, 0x0, 0xe3d08660d3c946c5})
io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0)

49.87125ms ago: executing program 7 (id=2909):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001300)=@newqdisc={0x34, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4, 0x8002}}]}, 0x34}, 0x1, 0x0, 0x0, 0x82}, 0x2000400c)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"})
r1 = syz_open_pts(r0, 0x900)
r2 = dup3(r1, r0, 0x80000)
read(r2, &(0x7f00000000c0)=""/226, 0xe2)
read$watch_queue(r2, &(0x7f0000001d40)=""/4095, 0xfdef)

42.99581ms ago: executing program 8 (id=2910):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000300)={[{@noauto_da_alloc}, {@errors_remount}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./bus\x00')
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
unlink(&(0x7f0000000100)='./file1\x00')

657.531µs ago: executing program 7 (id=2911):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x28, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
capget(&(0x7f0000000040)={0x19980330}, 0x0)

0s ago: executing program 4 (id=2912):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0xbd6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x371d, &(0x7f0000000440)={0x0, 0x0, 0x400, 0xa, 0xffffff}, &(0x7f0000000380), &(0x7f0000000400))
io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 limit=128
[  108.793213][ T7835] syz.0.1578: attempt to access beyond end of device
[  108.793213][ T7835] loop0: rw=2049, sector=305, nr_sectors = 80 limit=128
[  108.873141][ T7823] syz.0.1578: attempt to access beyond end of device
[  108.873141][ T7823] loop0: rw=2049, sector=177, nr_sectors = 24 limit=128
[  108.894782][ T7835] syz.0.1578: attempt to access beyond end of device
[  108.894782][ T7835] loop0: rw=2049, sector=393, nr_sectors = 8 limit=128
[  108.943532][ T7823] syz.0.1578: attempt to access beyond end of device
[  108.943532][ T7823] loop0: rw=2049, sector=209, nr_sectors = 8 limit=128
[  108.985614][ T7823] syz.0.1578: attempt to access beyond end of device
[  108.985614][ T7823] loop0: rw=2049, sector=225, nr_sectors = 8 limit=128
[  109.067272][ T7823] syz.0.1578: attempt to access beyond end of device
[  109.067272][ T7823] loop0: rw=2049, sector=241, nr_sectors = 8 limit=128
[  109.128356][ T7845] loop6: detected capacity change from 0 to 1024
[  109.132294][ T7823] syz.0.1578: attempt to access beyond end of device
[  109.132294][ T7823] loop0: rw=2049, sector=257, nr_sectors = 8 limit=128
[  109.201500][ T7845] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.214952][ T7823] syz.0.1578: attempt to access beyond end of device
[  109.214952][ T7823] loop0: rw=2049, sector=273, nr_sectors = 8 limit=128
[  109.301441][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.417382][ T4001] buffer_io_error: 6 callbacks suppressed
[  109.417396][ T4001] Buffer I/O error on dev loop0, logical block 305, lost async page write
[  109.428788][ T7863] loop6: detected capacity change from 0 to 512
[  109.476413][ T7863] EXT4-fs: Ignoring removed nomblk_io_submit option
[  109.531270][ T7863] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.577128][ T7863] ext4 filesystem being mounted at /251/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  109.599795][ T7874] loop0: detected capacity change from 0 to 512
[  109.651453][ T7874] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1596: bg 0: block 5: invalid block bitmap
[  109.673521][ T7874] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  109.685585][ T7874] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1596: invalid indirect mapped block 3 (level 2)
[  109.766281][ T7874] EXT4-fs (loop0): 2 truncates cleaned up
[  109.793698][ T7874] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.937208][ T7891] syz_tun: entered allmulticast mode
[  109.945237][ T7890] syz_tun: left allmulticast mode
[  109.965595][ T4317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.000033][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.143482][   T29] kauditd_printk_skb: 157 callbacks suppressed
[  110.143500][   T29] audit: type=1400 audit(1749576044.162:2907): avc:  denied  { ioctl } for  pid=7906 comm="syz.0.1611" path="socket:[20861]" dev="sockfs" ino=20861 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  110.234294][   T29] audit: type=1326 audit(1749576044.252:2908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7913 comm="syz.0.1614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  110.258675][   T29] audit: type=1326 audit(1749576044.252:2909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7913 comm="syz.0.1614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  110.282211][   T29] audit: type=1326 audit(1749576044.252:2910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7913 comm="syz.0.1614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  110.306374][   T29] audit: type=1326 audit(1749576044.252:2911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7913 comm="syz.0.1614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  110.329919][   T29] audit: type=1326 audit(1749576044.252:2912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7913 comm="syz.0.1614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  110.354102][   T29] audit: type=1400 audit(1749576044.252:2913): avc:  denied  { name_bind } for  pid=7913 comm="syz.0.1614" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  110.392889][   T29] audit: type=1326 audit(1749576044.252:2914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7913 comm="syz.0.1614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  110.417153][   T29] audit: type=1326 audit(1749576044.252:2915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7913 comm="syz.0.1614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  110.440633][   T29] audit: type=1326 audit(1749576044.252:2916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7913 comm="syz.0.1614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  110.539675][ T7929] loop4: detected capacity change from 0 to 512
[  110.548291][ T7929] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1616: bg 0: block 5: invalid block bitmap
[  110.564698][ T7929] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  110.606879][ T7934] __nla_validate_parse: 9 callbacks suppressed
[  110.606900][ T7934] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1621'.
[  110.626104][ T7929] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1616: invalid indirect mapped block 3 (level 2)
[  110.658333][ T7935] loop0: detected capacity change from 0 to 512
[  110.678363][ T7935] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.692550][ T7929] EXT4-fs (loop4): 2 truncates cleaned up
[  110.720047][ T7935] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.724782][ T7929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.800969][ T4317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.854677][ T7950] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1630'.
[  110.875027][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.896893][ T7953] wg2: entered promiscuous mode
[  110.902051][ T7953] wg2: entered allmulticast mode
[  110.941072][ T7956] sch_tbf: burst 88 is lower than device veth5 mtu (1514) !
[  110.961343][ T7951] loop0: detected capacity change from 0 to 128
[  111.176981][ T7976] netlink: 'syz.4.1639': attribute type 1 has an invalid length.
[  111.202290][ T7976] 8021q: adding VLAN 0 to HW filter on device bond2
[  111.226770][ T7981] syzkaller0: entered promiscuous mode
[  111.232334][ T7981] syzkaller0: entered allmulticast mode
[  111.239066][ T7980] netlink: 'syz.7.1640': attribute type 12 has an invalid length.
[  111.250645][ T7984] bond2 (unregistering): Released all slaves
[  111.271417][ T7983] loop6: detected capacity change from 0 to 8192
[  111.292052][ T7986] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1643'.
[  111.354674][ T7992] loop4: detected capacity change from 0 to 512
[  111.362945][ T7992] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.1647: corrupted in-inode xattr: invalid ea_ino
[  111.391636][ T7992] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1647: couldn't read orphan inode 15 (err -117)
[  111.406853][ T7992] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.422119][ T7994] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.429432][ T7994] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.473284][ T7994] wg2: left promiscuous mode
[  111.478851][ T7994] wg2: left allmulticast mode
[  111.491519][ T7994] bridge_slave_0: left allmulticast mode
[  111.497975][ T7994] bridge_slave_0: left promiscuous mode
[  111.503987][ T7994] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.518227][ T7994] bridge_slave_1: left allmulticast mode
[  111.524054][ T7994] bridge_slave_1: left promiscuous mode
[  111.530552][ T7994] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.543200][ T7999] netlink: 332 bytes leftover after parsing attributes in process `syz.0.1649'.
[  111.547285][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.570741][ T7999] netlink: 'syz.0.1649': attribute type 9 has an invalid length.
[  111.579908][ T7999] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1649'.
[  111.589998][ T7999] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1649'.
[  111.642699][ T7994] bond0: (slave bond_slave_0): Releasing backup interface
[  111.662045][ T7994] bond0: (slave bond_slave_1): Releasing backup interface
[  111.704533][ T7994] team0: Port device team_slave_0 removed
[  111.714728][ T7994] team0: Port device team_slave_1 removed
[  111.750163][ T8006] loop4: detected capacity change from 0 to 128
[  111.795194][ T7994] netdevsim netdevsim6 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  111.804674][ T7994] netdevsim netdevsim6 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  111.813132][ T7994] netdevsim netdevsim6 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  111.821548][ T7994] netdevsim netdevsim6 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  111.872839][ T7994] ip6erspan0: left promiscuous mode
[  111.881970][ T7994] bond1: (slave ip6erspan0): Releasing active interface
[  111.892293][ T8014] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1654'.
[  112.156947][ T8037] xt_CT: You must specify a L4 protocol and not use inversions on it
[  112.346868][ T8048] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1667'.
[  112.391297][ T8050] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1669'.
[  112.501370][ T8056] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1671'.
[  112.602821][ T8052] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.612606][ T8052] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.623523][ T8052] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.633917][ T8052] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.865007][ T8084] loop8: detected capacity change from 0 to 512
[  112.883498][ T8084] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  112.918641][ T8084] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  112.935011][ T8084] ext4 filesystem being mounted at /223/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.981808][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  113.162968][ T8109] loop8: detected capacity change from 0 to 512
[  113.171316][ T8109] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  113.185607][ T8109] EXT4-fs (loop8): 1 orphan inode deleted
[  113.191598][ T8109] EXT4-fs (loop8): 1 truncate cleaned up
[  113.199838][ T8109] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.465100][ T8120] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  113.603321][ T8122] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  113.611376][ T8121] tipc: Resetting bearer <eth:syzkaller0>
[  113.632857][ T8121] tipc: Disabling bearer <eth:syzkaller0>
[  114.022472][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.330094][ T8156] loop8: detected capacity change from 0 to 512
[  114.352576][ T8156] EXT4-fs error (device loop8): ext4_iget_extra_inode:5035: inode #15: comm syz.8.1719: corrupted in-inode xattr: invalid ea_ino
[  114.384874][ T8156] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.1719: couldn't read orphan inode 15 (err -117)
[  114.401247][ T8156] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.506675][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.581029][ T8161] loop6: detected capacity change from 0 to 4096
[  114.614992][ T8161] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.721341][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.000824][ T8198] netlink: 'syz.6.1727': attribute type 7 has an invalid length.
[  115.078978][ T8209] wg2: entered promiscuous mode
[  115.084264][ T8209] wg2: entered allmulticast mode
[  115.887918][ T8230] syz_tun: entered allmulticast mode
[  115.908241][ T8230] syz_tun: left allmulticast mode
[  115.972781][   T29] kauditd_printk_skb: 147 callbacks suppressed
[  115.972800][   T29] audit: type=1400 audit(1749576049.992:3064): avc:  denied  { module_load } for  pid=8235 comm="syz.7.1742" path="/300/bus" dev="tmpfs" ino=1582 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[  116.019546][ T8238] ipvlan2: entered promiscuous mode
[  116.026965][ T8238] bridge0: port 1(ipvlan2) entered blocking state
[  116.033891][ T8238] bridge0: port 1(ipvlan2) entered disabled state
[  116.043459][ T8238] ipvlan2: entered allmulticast mode
[  116.049157][ T8238] bridge0: entered allmulticast mode
[  116.055108][ T8236] Invalid ELF header magic: != ELF
[  116.063025][ T8238] ipvlan2: left allmulticast mode
[  116.069131][ T8238] bridge0: left allmulticast mode
[  116.104513][   T29] audit: type=1326 audit(1749576050.122:3065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8245 comm="syz.7.1746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  116.149075][   T29] audit: type=1326 audit(1749576050.122:3066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8245 comm="syz.7.1746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  116.174236][   T29] audit: type=1326 audit(1749576050.172:3067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8245 comm="syz.7.1746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  116.199420][   T29] audit: type=1326 audit(2000000000.000:3068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8245 comm="syz.7.1746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  116.224600][   T29] audit: type=1326 audit(2000000000.000:3069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8245 comm="syz.7.1746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  116.250736][   T29] audit: type=1326 audit(2000000000.090:3070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8245 comm="syz.7.1746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  116.274329][   T29] audit: type=1326 audit(2000000000.090:3071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8245 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  116.299304][   T29] audit: type=1326 audit(2000000000.090:3072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8245 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  116.301729][ T8253] vlan0: entered allmulticast mode
[  116.332022][ T8253] dummy0: entered allmulticast mode
[  116.621010][ T8278] __nla_validate_parse: 1 callbacks suppressed
[  116.621065][ T8278] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1758'.
[  116.841948][   T29] audit: type=1400 audit(2000000000.640:3073): avc:  denied  { append } for  pid=8288 comm="syz.6.1762" name="hwrng" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  116.911413][ T8295] vhci_hcd: invalid port number 224
[  116.964703][ T8312] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1772'.
[  116.990269][ T8317] netlink: 'syz.6.1774': attribute type 10 has an invalid length.
[  117.000766][ T8317] team0: Port device dummy0 added
[  117.009269][ T8317] netlink: 'syz.6.1774': attribute type 10 has an invalid length.
[  117.019880][ T8317] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  117.059806][ T8317] team0: Failed to send options change via netlink (err -105)
[  117.068276][ T8317] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  117.078521][ T8317] team0: Port device dummy0 removed
[  117.085983][ T8317] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  117.095877][ T8322] wg2: left promiscuous mode
[  117.100532][ T8322] wg2: left allmulticast mode
[  117.113475][ T8322] wg2: entered promiscuous mode
[  117.118461][ T8322] wg2: entered allmulticast mode
[  117.201871][ T8330] loop0: detected capacity change from 0 to 4096
[  117.215469][ T8330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.279840][ T4317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.403692][ T8366] netlink: 'syz.8.1790': attribute type 10 has an invalid length.
[  117.421019][ T8366] netlink: 'syz.8.1790': attribute type 10 has an invalid length.
[  117.868200][ T8381] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1795'.
[  118.439151][ T8392] wg2: left promiscuous mode
[  118.443860][ T8392] wg2: left allmulticast mode
[  118.475270][ T8392] wg2: entered promiscuous mode
[  118.480264][ T8392] wg2: entered allmulticast mode
[  118.510169][ T8396] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1803'.
[  118.620982][ T8411] loop0: detected capacity change from 0 to 512
[  118.641607][ T8409] 9pnet: p9_errstr2errno: server reported unknown error 1844674407
[  118.657573][ T8411] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.1807: corrupted in-inode xattr: invalid ea_ino
[  118.693690][ T8411] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1807: couldn't read orphan inode 15 (err -117)
[  118.718925][ T8411] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.082838][ T4317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.262475][ T8439] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1818'.
[  119.406690][ T8449] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1823'.
[  119.483442][ T8457] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1822'.
[  119.507435][ T8458] loop0: detected capacity change from 0 to 1024
[  119.551900][ T8465] loop4: detected capacity change from 0 to 2048
[  119.560886][ T8458] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.574729][ T8458] ext4 filesystem being mounted at /293/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.609814][ T8465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  119.698296][ T8458] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  119.801153][ T8458] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  119.816244][ T8458] EXT4-fs (loop0): This should not happen!! Data will be lost
[  119.816244][ T8458] 
[  119.860703][ T8458] EXT4-fs (loop0): Total free blocks count 0
[  119.904574][ T8458] EXT4-fs (loop0): Free/Dirty block details
[  119.911684][ T8458] EXT4-fs (loop0): free_blocks=4293918720
[  119.949363][ T8458] EXT4-fs (loop0): dirty_blocks=64
[  119.972142][ T8458] EXT4-fs (loop0): Block reservation details
[  119.995150][ T8458] EXT4-fs (loop0): i_reserved_data_blocks=4
[  120.083972][ T4317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.398702][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  120.486583][ T8488] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  120.506706][ T8488] vlan2: entered promiscuous mode
[  120.511841][ T8488] syz_tun: entered promiscuous mode
[  121.333868][ T8510] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1841'.
[  121.550541][   T29] kauditd_printk_skb: 59 callbacks suppressed
[  121.550560][   T29] audit: type=1326 audit(2000000005.390:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.0.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  121.581628][   T29] audit: type=1326 audit(2000000005.390:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.0.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  121.684889][   T29] audit: type=1326 audit(2000000005.390:3135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.0.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  121.710159][   T29] audit: type=1326 audit(2000000005.390:3136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.0.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  121.733722][   T29] audit: type=1326 audit(2000000005.390:3137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.0.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  121.758725][   T29] audit: type=1326 audit(2000000005.450:3138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.0.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  121.782180][   T29] audit: type=1326 audit(2000000005.450:3139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.0.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  121.807398][   T29] audit: type=1326 audit(2000000005.450:3140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.0.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  121.831024][   T29] audit: type=1326 audit(2000000005.450:3141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.0.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  121.856100][   T29] audit: type=1326 audit(2000000005.450:3142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.0.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73d25e929 code=0x7ffc0000
[  121.909018][ T8526] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  121.985111][ T8534] loop4: detected capacity change from 0 to 512
[  121.991180][ T8530] loop6: detected capacity change from 0 to 8192
[  121.992657][ T8534] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  122.008596][ T8534] EXT4-fs (loop4): invalid journal inode
[  122.014456][ T8534] EXT4-fs (loop4): can't get journal size
[  122.021473][ T8534] EXT4-fs (loop4): 1 truncate cleaned up
[  122.028436][ T8534] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.065348][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.178441][ T8551] 9pnet: p9_errstr2errno: server reported unknown error 1844674407
[  122.936195][ T8594] loop8: detected capacity change from 0 to 2048
[  122.987178][ T8594]  loop8: p1 < > p4
[  122.994138][ T8594] loop8: p4 size 8388608 extends beyond EOD, truncated
[  123.603584][ T8647] @: renamed from vlan0
[  124.071635][ T8666] loop8: detected capacity change from 0 to 2048
[  124.108486][ T8666] EXT4-fs: Ignoring removed bh option
[  124.153363][ T8666] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.583700][ T8680] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1910'.
[  124.877015][ T8689] mmap: syz.4.1912 (8689) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  124.990590][ T8670] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  125.006891][ T8670] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 641 with error 28
[  125.020389][ T8670] EXT4-fs (loop8): This should not happen!! Data will be lost
[  125.020389][ T8670] 
[  125.030102][ T8670] EXT4-fs (loop8): Total free blocks count 0
[  125.036215][ T8670] EXT4-fs (loop8): Free/Dirty block details
[  125.042236][ T8670] EXT4-fs (loop8): free_blocks=2415919104
[  125.049020][ T8670] EXT4-fs (loop8): dirty_blocks=8224
[  125.054552][ T8670] EXT4-fs (loop8): Block reservation details
[  125.060599][ T8670] EXT4-fs (loop8): i_reserved_data_blocks=514
[  125.204962][ T3970] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  125.542481][ T8714] netlink: 'syz.4.1922': attribute type 10 has an invalid length.
[  125.561448][ T8714] team0: Port device dummy0 added
[  125.571990][ T8714] netlink: 'syz.4.1922': attribute type 10 has an invalid length.
[  125.591773][ T8714] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  125.638679][ T8714] team0: Failed to send options change via netlink (err -105)
[  125.649217][ T8714] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  125.671221][ T8714] team0: Port device dummy0 removed
[  125.682841][ T8714] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  125.847686][ T8728] netlink: 197276 bytes leftover after parsing attributes in process `syz.4.1928'.
[  126.112931][ T8737] lo speed is unknown, defaulting to 1000
[  126.154927][ T8737] lo speed is unknown, defaulting to 1000
[  126.252427][ T8737] lo speed is unknown, defaulting to 1000
[  126.321249][ T8737] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  126.549018][ T8737] lo speed is unknown, defaulting to 1000
[  126.564452][ T8737] lo speed is unknown, defaulting to 1000
[  126.586922][ T8737] lo speed is unknown, defaulting to 1000
[  126.594729][ T8737] lo speed is unknown, defaulting to 1000
[  126.614667][ T8737] lo speed is unknown, defaulting to 1000
[  126.622578][ T8737] lo speed is unknown, defaulting to 1000
[  126.667161][   T29] kauditd_printk_skb: 207 callbacks suppressed
[  126.667179][   T29] audit: type=1326 audit(2000000010.510:3350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8753 comm="syz.4.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  126.751163][   T29] audit: type=1326 audit(2000000010.550:3351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8753 comm="syz.4.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  126.775559][   T29] audit: type=1326 audit(2000000010.550:3352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8753 comm="syz.4.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7faac037e963 code=0x7ffc0000
[  126.800410][   T29] audit: type=1326 audit(2000000010.550:3353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8753 comm="syz.4.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7faac037e963 code=0x7ffc0000
[  126.824288][   T29] audit: type=1326 audit(2000000010.550:3354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8753 comm="syz.4.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  126.848722][   T29] audit: type=1326 audit(2000000010.550:3355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8753 comm="syz.4.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  126.872816][   T29] audit: type=1326 audit(2000000010.550:3356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8753 comm="syz.4.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  126.898018][   T29] audit: type=1326 audit(2000000010.550:3357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8753 comm="syz.4.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  126.921991][   T29] audit: type=1326 audit(2000000010.560:3358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8753 comm="syz.4.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  126.945914][   T29] audit: type=1326 audit(2000000010.560:3359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8753 comm="syz.4.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  126.989356][ T8764] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.009377][ T8763] netlink: 'syz.8.1942': attribute type 11 has an invalid length.
[  127.063049][ T8768] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1944'.
[  127.099213][ T8768] bond1: entered promiscuous mode
[  127.104557][ T8768] bond1: entered allmulticast mode
[  127.111110][ T8768] 8021q: adding VLAN 0 to HW filter on device bond1
[  127.124745][ T8764] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.179244][ T8764] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.232889][ T8764] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.307445][ T8764] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.320012][ T8764] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.332633][ T8764] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.345196][ T8764] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.452166][ T8774] loop0: detected capacity change from 0 to 2048
[  127.459473][ T8774] EXT4-fs: Ignoring removed bh option
[  127.489035][ T8774] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.582603][ T8782] loop8: detected capacity change from 0 to 512
[  127.598766][ T8782] EXT4-fs error (device loop8): ext4_validate_block_bitmap:432: comm syz.8.1948: bg 0: block 5: invalid block bitmap
[  127.616025][ T8782] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  127.627769][ T8782] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #11: comm syz.8.1948: invalid indirect mapped block 3 (level 2)
[  127.720168][ T8782] EXT4-fs (loop8): 2 truncates cleaned up
[  127.733575][ T8782] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.802954][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.025130][ T8780] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  128.035060][ T8807] netlink: 'syz.4.1959': attribute type 29 has an invalid length.
[  128.043425][ T8780] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 641 with error 28
[  128.061194][ T8780] EXT4-fs (loop0): This should not happen!! Data will be lost
[  128.061194][ T8780] 
[  128.071801][ T8780] EXT4-fs (loop0): Total free blocks count 0
[  128.078067][ T8780] EXT4-fs (loop0): Free/Dirty block details
[  128.084000][ T8780] EXT4-fs (loop0): free_blocks=2415919104
[  128.089901][ T8780] EXT4-fs (loop0): dirty_blocks=8224
[  128.095234][ T8780] EXT4-fs (loop0): Block reservation details
[  128.100133][ T8807] netlink: 'syz.4.1959': attribute type 29 has an invalid length.
[  128.102313][ T8780] EXT4-fs (loop0): i_reserved_data_blocks=514
[  128.137061][ T8807] netlink: 'syz.4.1959': attribute type 29 has an invalid length.
[  128.174395][ T8807] netlink: 'syz.4.1959': attribute type 29 has an invalid length.
[  128.213652][ T8817] netlink: 'syz.8.1961': attribute type 10 has an invalid length.
[  128.231136][ T8817] netlink: 'syz.8.1961': attribute type 10 has an invalid length.
[  128.249497][   T57] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  128.263858][ T8819] ref_ctr increment failed for inode: 0x7e9 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff88810378cac0
[  128.302411][ T8818] uprobe: syz.4.1962:8818 failed to unregister, leaking uprobe
[  128.324219][ T8821] netlink: 9 bytes leftover after parsing attributes in process `syz.8.1964'.
[  128.343739][ T8821] gretap0: entered promiscuous mode
[  128.388791][ T8823] loop0: detected capacity change from 0 to 2048
[  128.406941][ T8825] loop8: detected capacity change from 0 to 1024
[  128.419323][ T8823] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.435592][ T8825] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.483557][ T8825] EXT4-fs error (device loop8): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  128.501390][ T4317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.538605][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.592825][ T8841] netlink: 197276 bytes leftover after parsing attributes in process `syz.0.1972'.
[  128.707461][ T8848] loop6: detected capacity change from 0 to 2048
[  128.729850][ T8848] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  128.883509][ T8860] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  128.899396][ T8860] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1542 with error 28
[  128.911941][ T8860] EXT4-fs (loop6): This should not happen!! Data will be lost
[  128.911941][ T8860] 
[  128.921762][ T8860] EXT4-fs (loop6): Total free blocks count 0
[  128.928469][ T8860] EXT4-fs (loop6): Free/Dirty block details
[  128.934563][ T8860] EXT4-fs (loop6): free_blocks=2415919104
[  128.940367][ T8860] EXT4-fs (loop6): dirty_blocks=1552
[  128.945738][ T8860] EXT4-fs (loop6): Block reservation details
[  128.951773][ T8860] EXT4-fs (loop6): i_reserved_data_blocks=97
[  129.133317][ T4001] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  129.235792][ T8875] loop4: detected capacity change from 0 to 512
[  129.274334][ T8873] loop6: detected capacity change from 0 to 512
[  129.329255][ T8875] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.346639][ T8873] EXT4-fs (loop6): 1 orphan inode deleted
[  129.352647][ T8883] netlink: 112 bytes leftover after parsing attributes in process `syz.7.1984'.
[  129.353043][ T8873] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.377150][ T8875] ext4 filesystem being mounted at /387/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  129.377194][ T3958] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:16: Failed to release dquot type 1
[  129.417590][ T8873] ext4 filesystem being mounted at /319/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.538491][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.616813][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.181675][ T8916] lo speed is unknown, defaulting to 1000
[  130.292745][ T8918] wg2: left promiscuous mode
[  130.298258][ T8918] wg2: left allmulticast mode
[  130.322319][ T8918] wg2: entered promiscuous mode
[  130.328267][ T8918] wg2: entered allmulticast mode
[  130.413877][ T8920] siw: device registration error -23
[  130.593161][ T8926] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2000'.
[  130.672039][ T8933] loop4: detected capacity change from 0 to 512
[  130.687788][ T8931] loop8: detected capacity change from 0 to 1024
[  130.696228][ T8929] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1997'.
[  130.705453][ T8931] EXT4-fs: Ignoring removed oldalloc option
[  130.713176][ T8931] EXT4-fs: Ignoring removed orlov option
[  130.727590][ T8931] EXT4-fs (loop8): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[  130.757769][ T8933] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.778206][ T8931] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.802383][ T8933] ext4 filesystem being mounted at /391/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  130.819629][ T8933] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2003: corrupted inode contents
[  130.820513][ T8931] EXT4-fs error (device loop8): mb_free_blocks:1948: group 0, inode 18: block 433:freeing already freed block (bit 27); block bitmap corrupt.
[  130.855939][ T8931] EXT4-fs (loop8): Remounting filesystem read-only
[  130.862958][ T8933] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.2003: mark_inode_dirty error
[  130.888866][ T8933] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2003: corrupted inode contents
[  130.954459][ T8947] netlink: 9 bytes leftover after parsing attributes in process `syz.6.2006'.
[  130.979873][ T8933] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.2003: mark_inode_dirty error
[  131.002999][ T8947] gretap0: entered promiscuous mode
[  131.024273][ T8949] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2003: corrupted inode contents
[  131.086046][ T8949] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.2003: mark_inode_dirty error
[  131.115100][ T8949] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2003: corrupted inode contents
[  131.151061][ T8933] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2003: corrupted inode contents
[  131.177071][ T8933] EXT4-fs error (device loop4): ext4_setent:3643: inode #2: comm syz.4.2003: mark_inode_dirty error
[  131.208440][ T8933] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2003: corrupted inode contents
[  131.284490][ T3318] EXT4-fs unmount: 1 callbacks suppressed
[  131.284510][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.428946][ T8970] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2015'.
[  131.485029][ T8979] netlink: 'syz.8.2030': attribute type 10 has an invalid length.
[  131.493929][ T8979] netlink: 40 bytes leftover after parsing attributes in process `syz.8.2030'.
[  131.591571][ T8989] siw: device registration error -23
[  131.648635][ T8998] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2026'.
[  131.714814][ T9000] SELinux: ebitmap: truncated map
[  131.737529][ T9000] SELinux: failed to load policy
[  131.744660][   T29] kauditd_printk_skb: 226 callbacks suppressed
[  131.744680][   T29] audit: type=1326 audit(2000000015.580:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9001 comm="syz.6.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  131.776199][   T29] audit: type=1326 audit(2000000015.580:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9001 comm="syz.6.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  131.829278][   T29] audit: type=1326 audit(2000000015.650:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9001 comm="syz.6.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  131.856368][   T29] audit: type=1326 audit(2000000015.650:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9001 comm="syz.6.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  131.880248][   T29] audit: type=1326 audit(2000000015.650:3589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9001 comm="syz.6.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  131.905300][   T29] audit: type=1326 audit(2000000015.650:3590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9001 comm="syz.6.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  131.930189][   T29] audit: type=1326 audit(2000000015.650:3591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9001 comm="syz.6.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  131.954875][   T29] audit: type=1326 audit(2000000015.650:3592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9001 comm="syz.6.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  131.979757][   T29] audit: type=1326 audit(2000000015.650:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9001 comm="syz.6.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  132.004337][   T29] audit: type=1326 audit(2000000015.650:3594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9001 comm="syz.6.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  132.031980][ T9012] loop6: detected capacity change from 0 to 128
[  132.079057][ T9012] bio_check_eod: 2 callbacks suppressed
[  132.079075][ T9012] syz.6.2043: attempt to access beyond end of device
[  132.079075][ T9012] loop6: rw=2049, sector=145, nr_sectors = 16 limit=128
[  132.090343][ T9018] loop4: detected capacity change from 0 to 256
[  132.108213][ T9018] msdos: Bad value for 'gid'
[  132.113067][ T9018] msdos: Bad value for 'gid'
[  132.118323][ T9012] syz.6.2043: attempt to access beyond end of device
[  132.118323][ T9012] loop6: rw=2049, sector=169, nr_sectors = 16 limit=128
[  132.133846][ T9021] syz.6.2043: attempt to access beyond end of device
[  132.133846][ T9021] loop6: rw=2049, sector=305, nr_sectors = 1 limit=128
[  132.145999][ T9019] siw: device registration error -23
[  132.147478][ T9021] Buffer I/O error on dev loop6, logical block 305, lost async page write
[  132.147981][ T9012] syz.6.2043: attempt to access beyond end of device
[  132.147981][ T9012] loop6: rw=2049, sector=193, nr_sectors = 8 limit=128
[  132.204605][ T9012] syz.6.2043: attempt to access beyond end of device
[  132.204605][ T9012] loop6: rw=2049, sector=209, nr_sectors = 8 limit=128
[  132.220858][ T9026] loop8: detected capacity change from 0 to 2048
[  132.228630][ T9012] syz.6.2043: attempt to access beyond end of device
[  132.228630][ T9012] loop6: rw=2049, sector=225, nr_sectors = 8 limit=128
[  132.245239][ T9026] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  132.259100][ T9012] syz.6.2043: attempt to access beyond end of device
[  132.259100][ T9012] loop6: rw=2049, sector=241, nr_sectors = 8 limit=128
[  132.293877][ T9012] syz.6.2043: attempt to access beyond end of device
[  132.293877][ T9012] loop6: rw=2049, sector=257, nr_sectors = 8 limit=128
[  132.316961][ T9012] syz.6.2043: attempt to access beyond end of device
[  132.316961][ T9012] loop6: rw=2049, sector=273, nr_sectors = 8 limit=128
[  132.331642][ T9012] syz.6.2043: attempt to access beyond end of device
[  132.331642][ T9012] loop6: rw=2049, sector=289, nr_sectors = 9 limit=128
[  132.419837][ T9032] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  132.442378][ T9032] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 558 with max blocks 266 with error 28
[  132.455424][ T9032] EXT4-fs (loop8): This should not happen!! Data will be lost
[  132.455424][ T9032] 
[  132.467025][ T9032] EXT4-fs (loop8): Total free blocks count 0
[  132.473483][ T9032] EXT4-fs (loop8): Free/Dirty block details
[  132.479477][ T9032] EXT4-fs (loop8): free_blocks=2415919104
[  132.485401][ T9032] EXT4-fs (loop8): dirty_blocks=832
[  132.490938][ T9032] EXT4-fs (loop8): Block reservation details
[  132.497816][ T9032] EXT4-fs (loop8): i_reserved_data_blocks=52
[  132.626772][   T57] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  132.646937][ T9043] loop6: detected capacity change from 0 to 2048
[  132.678070][ T9043] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.800040][ T9059] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2050'.
[  133.233341][ T9076] loop0: detected capacity change from 0 to 1024
[  133.258127][ T9076] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  133.291646][ T9076] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  133.309917][ T9076] jbd2_journal_init_inode: Cannot locate journal superblock
[  133.317415][ T9076] EXT4-fs (loop0): Could not load journal inode
[  133.509604][ T9093] loop4: detected capacity change from 0 to 1024
[  133.516964][ T9091] loop0: detected capacity change from 0 to 512
[  133.531450][ T9091] EXT4-fs (loop0): 1 orphan inode deleted
[  133.537958][ T9091] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.538402][ T9093] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.553404][ T9091] ext4 filesystem being mounted at /335/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.575506][ T4001] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:59: Failed to release dquot type 1
[  133.593896][ T3958] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  133.616906][ T3958] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  133.630334][ T3958] EXT4-fs (loop6): This should not happen!! Data will be lost
[  133.630334][ T3958] 
[  133.640218][ T3958] EXT4-fs (loop6): Total free blocks count 0
[  133.646921][ T3958] EXT4-fs (loop6): Free/Dirty block details
[  133.652968][ T3958] EXT4-fs (loop6): free_blocks=2415919504
[  133.658950][ T3958] EXT4-fs (loop6): dirty_blocks=16208
[  133.664348][ T3958] EXT4-fs (loop6): Block reservation details
[  133.670513][ T3958] EXT4-fs (loop6): i_reserved_data_blocks=1013
[  133.692469][ T4317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.715503][ T3958] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  133.731523][ T9093] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  133.791057][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.910282][ T9118] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2073'.
[  134.002527][ T9125] loop0: detected capacity change from 0 to 2048
[  134.011608][ T9129] loop8: detected capacity change from 0 to 512
[  134.030907][ T9129] EXT4-fs (loop8): 1 orphan inode deleted
[  134.039089][ T9129] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.056180][ T9129] ext4 filesystem being mounted at /310/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.056735][   T57] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  134.092431][ T9125] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  134.190049][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.218189][ T9146] loop8: detected capacity change from 0 to 512
[  134.238126][ T9146] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.253164][ T9146] ext4 filesystem being mounted at /311/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  134.284694][ T9143] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  134.288824][ T9146] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #2: comm syz.8.2084: corrupted inode contents
[  134.318615][ T9146] EXT4-fs error (device loop8): ext4_dirty_inode:6459: inode #2: comm syz.8.2084: mark_inode_dirty error
[  134.331519][ T9143] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1302 with error 28
[  134.344833][ T9143] EXT4-fs (loop0): This should not happen!! Data will be lost
[  134.344833][ T9143] 
[  134.354910][ T9143] EXT4-fs (loop0): Total free blocks count 0
[  134.361089][ T9143] EXT4-fs (loop0): Free/Dirty block details
[  134.368226][ T9143] EXT4-fs (loop0): free_blocks=2415919104
[  134.374079][ T9143] EXT4-fs (loop0): dirty_blocks=1312
[  134.379453][ T9143] EXT4-fs (loop0): Block reservation details
[  134.385537][ T9143] EXT4-fs (loop0): i_reserved_data_blocks=82
[  134.413047][ T9146] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #2: comm syz.8.2084: corrupted inode contents
[  134.427692][ T9156] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2087'.
[  134.472036][ T9146] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #2: comm syz.8.2084: mark_inode_dirty error
[  134.517114][ T9159] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #2: comm syz.8.2084: corrupted inode contents
[  134.540107][ T9154] lo speed is unknown, defaulting to 1000
[  134.549102][ T9159] EXT4-fs error (device loop8): ext4_dirty_inode:6459: inode #2: comm syz.8.2084: mark_inode_dirty error
[  134.583648][ T9159] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #2: comm syz.8.2084: corrupted inode contents
[  134.612897][ T9160] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #2: comm syz.8.2084: corrupted inode contents
[  134.661601][ T4001] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  134.676592][ T9160] EXT4-fs error (device loop8): ext4_setent:3643: inode #2: comm syz.8.2084: mark_inode_dirty error
[  134.705036][ T9160] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #2: comm syz.8.2084: corrupted inode contents
[  134.755392][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.827551][ T9176] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2091'.
[  134.975197][ T9194] serio: Serial port ptm0
[  135.030450][ T9199] loop4: detected capacity change from 0 to 512
[  135.045549][ T9198] netlink: 'syz.8.2111': attribute type 2 has an invalid length.
[  135.048841][ T9199] EXT4-fs (loop4): 1 orphan inode deleted
[  135.061286][ T9199] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.067863][ T9198] netlink: 'syz.8.2111': attribute type 1 has an invalid length.
[  135.074853][   T57] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  135.087824][ T9199] ext4 filesystem being mounted at /416/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.219382][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.402855][ T9224] bridge: RTM_NEWNEIGH with invalid ether address
[  135.484279][ T9231] syzkaller0: entered allmulticast mode
[  135.508006][ T9231] syzkaller0 (unregistering): left allmulticast mode
[  135.522152][ T9234] loop4: detected capacity change from 0 to 128
[  135.545575][ T9234] Buffer I/O error on dev loop4, logical block 305, lost async page write
[  135.632468][ T9241] loop0: detected capacity change from 0 to 256
[  135.640417][ T9241] vfat: Bad value for 'shortname'
[  135.650201][ T9241] __nla_validate_parse: 4 callbacks suppressed
[  135.650218][ T9241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2120'.
[  135.666698][ T9241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2120'.
[  135.676905][ T9241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2120'.
[  135.698580][ T9241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2120'.
[  135.708526][ T9241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2120'.
[  135.718202][ T9241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2120'.
[  135.753515][ T9241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2120'.
[  135.763431][ T9241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2120'.
[  135.772649][ T9241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2120'.
[  135.809811][ T9249] loop0: detected capacity change from 0 to 1024
[  135.829077][ T9249] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.841816][ T9249] ext4 filesystem being mounted at /345/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.857941][ T9249] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 3: comm syz.0.2122: lblock 3 mapped to illegal pblock 3 (length 1)
[  135.872688][ T9249] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  135.885863][ T9249] EXT4-fs (loop0): This should not happen!! Data will be lost
[  135.885863][ T9249] 
[  135.923804][ T9249] EXT4-fs warning (device loop0): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed
[  135.981664][ T4317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.054371][ T9272] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.063149][ T9272] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  136.241554][ T9281] loop6: detected capacity change from 0 to 1024
[  136.258579][ T9281] ext4: Unknown parameter 'uid<00000000000000000000'
[  136.330812][ T9285] loop4: detected capacity change from 0 to 1024
[  136.339084][ T9285] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  136.365073][ T9285] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  136.396644][ T9285] jbd2_journal_init_inode: Cannot locate journal superblock
[  136.404158][ T9285] EXT4-fs (loop4): Could not load journal inode
[  136.519178][ T9294] loop4: detected capacity change from 0 to 512
[  136.538662][ T9294] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.551900][ T9294] ext4 filesystem being mounted at /431/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  136.568072][ T9294] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.2139: corrupted inode contents
[  136.581671][ T9294] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #18: comm syz.4.2139: mark_inode_dirty error
[  136.593634][ T9294] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.2139: corrupted inode contents
[  136.608346][ T9294] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.2139: mark_inode_dirty error
[  136.621710][ T9294] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.2139: mark inode dirty (error -117)
[  136.635830][ T9294] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  136.660229][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.682285][ T9299] loop4: detected capacity change from 0 to 512
[  136.697658][ T9299] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  136.712209][ T9299] ext4 filesystem being mounted at /432/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.727283][ T9299] EXT4-fs (loop4): shut down requested (0)
[  136.737469][ T9299] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  136.756857][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  136.778365][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  136.778432][   T29] audit: type=1326 audit(2000000020.620:3669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.4.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  136.785257][ T9303] loop4: detected capacity change from 0 to 1024
[  136.809633][   T29] audit: type=1326 audit(2000000020.620:3670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.4.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  136.818409][ T9303] EXT4-fs: Ignoring removed orlov option
[  136.841309][   T29] audit: type=1326 audit(2000000020.620:3671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.4.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  136.872381][   T29] audit: type=1326 audit(2000000020.620:3672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.4.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7faac037e963 code=0x7ffc0000
[  136.896684][   T29] audit: type=1326 audit(2000000020.620:3673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.4.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7faac037d3df code=0x7ffc0000
[  136.921118][   T29] audit: type=1326 audit(2000000020.620:3674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.4.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7faac037e9b7 code=0x7ffc0000
[  136.946618][   T29] audit: type=1326 audit(2000000020.620:3675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.4.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faac037d290 code=0x7ffc0000
[  136.970560][   T29] audit: type=1326 audit(2000000020.620:3676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.4.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faac037e52b code=0x7ffc0000
[  136.995031][   T29] audit: type=1326 audit(2000000020.660:3677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.4.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7faac037d58a code=0x7ffc0000
[  137.019083][   T29] audit: type=1326 audit(2000000020.660:3678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.4.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7faac037d58a code=0x7ffc0000
[  137.049640][ T9303] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.094466][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.134574][ T9318] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2145'.
[  137.144803][ T9318] hsr_slave_0: left promiscuous mode
[  137.157522][ T9318] hsr_slave_1: left promiscuous mode
[  137.203461][ T9324] tipc: Started in network mode
[  137.209281][ T9324] tipc: Node identity ac14140f, cluster identity 4711
[  137.222264][ T9324] tipc: New replicast peer: 0.0.255.255
[  137.228131][ T9324] tipc: Enabled bearer <udp:s>, priority 10
[  137.302833][ T9328] loop6: detected capacity change from 0 to 164
[  137.598510][ T9347] veth1_to_bond: entered allmulticast mode
[  137.603925][ T9346] loop6: detected capacity change from 0 to 2048
[  137.615866][ T9347] veth1_to_bond: left allmulticast mode
[  137.616473][ T9346] EXT4-fs: Ignoring removed bh option
[  137.638988][ T9346] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.668083][ T9346] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  137.688296][ T9346] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  137.701277][ T9354] xt_cluster: node mask cannot exceed total number of nodes
[  137.709032][ T9346] EXT4-fs (loop6): This should not happen!! Data will be lost
[  137.709032][ T9346] 
[  137.718857][ T9346] EXT4-fs (loop6): Total free blocks count 0
[  137.724963][ T9346] EXT4-fs (loop6): Free/Dirty block details
[  137.731696][ T9346] EXT4-fs (loop6): free_blocks=2415919104
[  137.737575][ T9346] EXT4-fs (loop6): dirty_blocks=16
[  137.742728][ T9346] EXT4-fs (loop6): Block reservation details
[  137.748961][ T9346] EXT4-fs (loop6): i_reserved_data_blocks=1
[  137.764268][ T9357] loop4: detected capacity change from 0 to 256
[  137.771840][ T9359] netlink: 'syz.6.2160': attribute type 10 has an invalid length.
[  137.781073][ T9357] vfat: Bad value for 'shortname'
[  137.807583][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.236316][ T3389] tipc: Node number set to 2886997007
[  138.324631][ T9406] lo speed is unknown, defaulting to 1000
[  138.512486][ T9425] netlink: 'syz.8.2188': attribute type 12 has an invalid length.
[  138.522557][ T9423] veth1_macvtap: left promiscuous mode
[  138.529175][ T9423] macsec0: entered promiscuous mode
[  138.726465][ T9448] loop8: detected capacity change from 0 to 128
[  138.855656][ T9449] lo speed is unknown, defaulting to 1000
[  139.007551][ T9460] hsr_slave_0: left promiscuous mode
[  139.014794][ T9460] hsr_slave_1: left promiscuous mode
[  139.113997][ T9458] lo speed is unknown, defaulting to 1000
[  139.117768][ T9467] loop8: detected capacity change from 0 to 2048
[  139.120263][ T9463] lo speed is unknown, defaulting to 1000
[  139.127149][ T9467] EXT4-fs: Ignoring removed bh option
[  139.143782][ T9463] lo speed is unknown, defaulting to 1000
[  139.152494][ T9467] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.161506][ T9463] lo speed is unknown, defaulting to 1000
[  139.180864][ T9467] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  139.197178][ T9463] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  139.197143][ T9467] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  139.213970][ T9463] lo speed is unknown, defaulting to 1000
[  139.216673][ T9467] EXT4-fs (loop8): This should not happen!! Data will be lost
[  139.216673][ T9467] 
[  139.216694][ T9467] EXT4-fs (loop8): Total free blocks count 0
[  139.216738][ T9467] EXT4-fs (loop8): Free/Dirty block details
[  139.216753][ T9467] EXT4-fs (loop8): free_blocks=2415919104
[  139.216770][ T9467] EXT4-fs (loop8): dirty_blocks=16
[  139.216782][ T9467] EXT4-fs (loop8): Block reservation details
[  139.216793][ T9467] EXT4-fs (loop8): i_reserved_data_blocks=1
[  139.233746][ T9477] netlink: 'syz.8.2205': attribute type 10 has an invalid length.
[  139.283302][ T9463] lo speed is unknown, defaulting to 1000
[  139.301909][ T9463] lo speed is unknown, defaulting to 1000
[  139.304853][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.309410][ T9463] lo speed is unknown, defaulting to 1000
[  139.330708][ T9463] lo speed is unknown, defaulting to 1000
[  139.338736][ T9463] lo speed is unknown, defaulting to 1000
[  139.659753][ T9503] syzkaller1: entered promiscuous mode
[  139.665459][ T9503] syzkaller1: entered allmulticast mode
[  139.733323][ T9507] netlink: 'syz.7.2218': attribute type 12 has an invalid length.
[  139.892722][ T9522] netlink: 'syz.8.2222': attribute type 10 has an invalid length.
[  140.050921][ T9536] loop6: detected capacity change from 0 to 512
[  140.062596][ T9536] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  140.088400][ T9536] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.102284][ T9536] ext4 filesystem being mounted at /358/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.114621][ T9543] netlink: 'syz.8.2233': attribute type 13 has an invalid length.
[  140.187529][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.361151][ T9552] loop6: detected capacity change from 0 to 128
[  140.371012][ T9552] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  140.389313][ T9552] ext4 filesystem being mounted at /360/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  140.397939][ T9556] netlink: 'syz.7.2236': attribute type 10 has an invalid length.
[  140.490311][ T4507] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  140.542553][ T9559] lo speed is unknown, defaulting to 1000
[  140.553214][ T9559] lo speed is unknown, defaulting to 1000
[  140.600983][ T9569] bridge: RTM_NEWNEIGH with invalid ether address
[  140.645172][ T9571] xt_CT: You must specify a L4 protocol and not use inversions on it
[  140.753408][ T9581] __nla_validate_parse: 20 callbacks suppressed
[  140.753429][ T9581] netlink: 14528 bytes leftover after parsing attributes in process `syz.6.2249'.
[  141.038507][ T9616] netlink: 404 bytes leftover after parsing attributes in process `syz.7.2264'.
[  141.291423][ T9633] netlink: 'syz.0.2270': attribute type 12 has an invalid length.
[  141.443996][ T9643] loop8: detected capacity change from 0 to 1024
[  141.457791][ T9643] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  141.469021][ T9643] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  141.477249][ T9643] EXT4-fs (loop8): orphan cleanup on readonly fs
[  141.484238][ T9643] EXT4-fs error (device loop8): __ext4_get_inode_loc:4792: comm syz.8.2274: Invalid inode table block 0 in block_group 0
[  141.497831][ T9643] EXT4-fs (loop8): Remounting filesystem read-only
[  141.511554][ T9643] EXT4-fs (loop8): 1 truncate cleaned up
[  141.518785][ T9643] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  141.550072][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.575268][ T9653] netlink: 'syz.7.2278': attribute type 1 has an invalid length.
[  141.591648][ T9653] 8021q: adding VLAN 0 to HW filter on device bond1
[  141.603225][ T9653] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2278'.
[  141.615147][ T9653] bond1 (unregistering): Released all slaves
[  141.845307][ T9662] loop4: detected capacity change from 0 to 512
[  141.887147][ T9662] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  141.951065][ T9662] EXT4-fs (loop4): 1 truncate cleaned up
[  141.982679][ T9662] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.231069][ T9674] netlink: 'syz.6.2285': attribute type 4 has an invalid length.
[  142.239006][ T9674] netlink: 199836 bytes leftover after parsing attributes in process `syz.6.2285'.
[  142.301551][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.587888][ T9686] loop6: detected capacity change from 0 to 512
[  142.655135][ T9688] netlink: 2 bytes leftover after parsing attributes in process `syz.8.2292'.
[  142.690613][ T9686] EXT4-fs (loop6): 1 orphan inode deleted
[  142.708452][ T9686] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.799593][ T9688] team0: entered promiscuous mode
[  142.801406][ T3987] __quota_error: 155 callbacks suppressed
[  142.801427][ T3987] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  142.805545][ T9688] 8021q: adding VLAN 0 to HW filter on device team0
[  142.810445][ T3987] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:45: Failed to release dquot type 1
[  142.840648][ T9686] ext4 filesystem being mounted at /375/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.851660][ T9660] syz.7.2279 (9660) used greatest stack depth: 8376 bytes left
[  142.860285][ T9688] bridge0: port 1(team0) entered blocking state
[  142.867513][ T9688] bridge0: port 1(team0) entered disabled state
[  142.874101][ T9688] team0: entered allmulticast mode
[  142.920316][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.250041][ T9656] syz.7.2279 (9656) used greatest stack depth: 6832 bytes left
[  143.289972][ T9708] gtp0: entered promiscuous mode
[  143.307631][ T9711] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2300'.
[  143.663876][ T9743] xt_hashlimit: size too large, truncated to 1048576
[  143.714269][ T9745] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2314'.
[  143.729650][ T9745] team2: entered promiscuous mode
[  143.734957][ T9745] team2: entered allmulticast mode
[  143.796635][   T29] audit: type=1326 audit(2000000027.640:3832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  143.820294][   T29] audit: type=1326 audit(2000000027.640:3833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  143.870576][ T9750] tmpfs: Bad value for 'mpol'
[  143.909933][   T29] audit: type=1326 audit(2000000027.690:3834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  143.933610][   T29] audit: type=1326 audit(2000000027.690:3835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  143.957192][   T29] audit: type=1326 audit(2000000027.690:3836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  143.980662][   T29] audit: type=1326 audit(2000000027.700:3837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  144.004648][   T29] audit: type=1326 audit(2000000027.700:3838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  144.028426][   T29] audit: type=1326 audit(2000000027.700:3839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  144.051998][   T29] audit: type=1326 audit(2000000027.700:3840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  144.160421][ T9761] validate_nla: 1 callbacks suppressed
[  144.160436][ T9761] netlink: 'syz.8.2321': attribute type 27 has an invalid length.
[  144.174520][ T9761] gretap0: left promiscuous mode
[  144.195152][ T9761] bond1: left promiscuous mode
[  144.200147][ T9761] bond1: left allmulticast mode
[  144.206872][ T9761] team2: left promiscuous mode
[  144.211797][ T9764] loop6: detected capacity change from 0 to 2048
[  144.219256][ T9761] team2: left allmulticast mode
[  144.237858][ T9764]  loop6: p1 < > p4
[  144.243445][ T9764] loop6: p4 size 8388608 extends beyond EOD, truncated
[  144.255925][ T9766] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.266813][ T9766] 8021q: adding VLAN 0 to HW filter on device team0
[  144.275612][ T9766] net_ratelimit: 35 callbacks suppressed
[  144.275626][ T9766] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  144.297096][    T9] lo speed is unknown, defaulting to 1000
[  144.302982][    T9] syz2: Port: 1 Link ACTIVE
[  144.523595][ T9796] lo speed is unknown, defaulting to 1000
[  144.536878][ T9796] lo speed is unknown, defaulting to 1000
[  144.617229][ T9790] sch_fq: defrate 2048 ignored.
[  144.642832][ T9808] loop8: detected capacity change from 0 to 512
[  144.655448][ T9808] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  144.671441][ T9808] EXT4-fs (loop8): 1 truncate cleaned up
[  144.689511][ T9808] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.738540][ T9815] loop4: detected capacity change from 0 to 512
[  144.745398][ T9815] EXT4-fs: Ignoring removed bh option
[  144.752465][ T9815] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  144.761620][ T9815] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  144.784369][ T9815] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  144.793764][ T9815] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  144.799565][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.811799][ T9815] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.855543][ T9825] loop8: detected capacity change from 0 to 512
[  144.878125][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.889125][ T9825] EXT4-fs (loop8): 1 orphan inode deleted
[  144.899674][ T9825] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.912684][ T4001] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:59: Failed to release dquot type 1
[  144.927708][ T9825] ext4 filesystem being mounted at /381/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.110240][ T9838] loop4: detected capacity change from 0 to 1024
[  145.160058][ T9838] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.236692][ T9786] 9pnet_fd: p9_fd_create_tcp (9786): problem connecting socket to 127.0.0.1
[  145.252312][ T9838] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm +}[@: Allocating blocks 449-513 which overlap fs metadata
[  145.296930][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.306730][ T9837] EXT4-fs (loop4): pa ffff888105104b60: logic 48, phys. 177, len 21
[  145.314867][ T9837] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  145.350408][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.361799][ T9850] loop8: detected capacity change from 0 to 512
[  145.380820][ T9850] EXT4-fs (loop8): 1 orphan inode deleted
[  145.396260][ T3958] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:16: Failed to release dquot type 1
[  145.398602][ T9850] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.423341][ T9850] ext4 filesystem being mounted at /382/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.434987][ T9857] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.518104][ T9857] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.607506][ T9857] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.642727][ T9875] netlink: 'syz.7.2361': attribute type 27 has an invalid length.
[  145.666806][ T9875] wg2: left promiscuous mode
[  145.671500][ T9875] wg2: left allmulticast mode
[  145.686108][ T9875] gtp0: left promiscuous mode
[  145.693598][ T9857] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.733592][ T9880] 8021q: adding VLAN 0 to HW filter on device bond0
[  145.756530][ T9880] 8021q: adding VLAN 0 to HW filter on device team0
[  145.778931][ T9880] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  145.805344][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.824440][ T9857] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.838074][ T9857] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.851102][ T9857] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.869503][ T9857] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.998247][ T9892] loop4: detected capacity change from 0 to 764
[  146.019113][ T9892] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  146.087391][ T9896] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9896 comm=syz.4.2369
[  146.428620][ T9911] lo speed is unknown, defaulting to 1000
[  146.434930][ T9911] lo speed is unknown, defaulting to 1000
[  146.444805][ T9914] netlink: 'syz.0.2376': attribute type 10 has an invalid length.
[  146.454106][ T9914] team0: Port device dummy0 added
[  146.460359][ T9914] netlink: 'syz.0.2376': attribute type 10 has an invalid length.
[  146.468803][ T9914] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  146.478476][ T9914] team0: Failed to send options change via netlink (err -105)
[  146.486129][ T9914] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  146.495082][ T9914] team0: Port device dummy0 removed
[  146.596218][ T9927] netlink: 112 bytes leftover after parsing attributes in process `syz.7.2382'.
[  146.770058][ T9937] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2386'.
[  146.836319][ T9945] loop6: detected capacity change from 0 to 1024
[  146.843386][ T9945] EXT4-fs: inline encryption not supported
[  146.850442][ T9945] EXT4-fs: Ignoring removed bh option
[  146.868219][ T9945] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.890330][ T9945] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.2390: Allocating blocks 497-513 which overlap fs metadata
[  146.904812][ T9945] EXT4-fs (loop6): Remounting filesystem read-only
[  147.008619][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.123129][ T9968] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=9968 comm=syz.6.2396
[  147.145881][ T9970] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2400'.
[  147.159382][ T9970] loop4: detected capacity change from 0 to 512
[  147.166700][ T9970] EXT4-fs: Ignoring removed nobh option
[  147.177955][ T9970] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.2400: corrupted inode contents
[  147.190712][ T9970] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #3: comm syz.4.2400: mark_inode_dirty error
[  147.203260][ T9970] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.2400: corrupted inode contents
[  147.216916][ T9970] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.2400: mark_inode_dirty error
[  147.229084][ T9970] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2400: Failed to acquire dquot type 0
[  147.242157][ T9970] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2400: corrupted inode contents
[  147.243592][ T9978] futex_wake_op: syz.8.2403 tries to shift op by -1; fix this program
[  147.255200][ T9970] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #16: comm syz.4.2400: mark_inode_dirty error
[  147.274371][ T9970] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2400: corrupted inode contents
[  147.286919][ T9970] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.2400: mark_inode_dirty error
[  147.298701][ T9970] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2400: corrupted inode contents
[  147.311763][ T9970] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  147.320596][ T9970] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2400: corrupted inode contents
[  147.332904][ T9970] EXT4-fs error (device loop4): ext4_truncate:4597: inode #16: comm syz.4.2400: mark_inode_dirty error
[  147.345571][ T9970] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  147.355171][ T9970] EXT4-fs (loop4): 1 truncate cleaned up
[  147.355311][ T9980] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2404'.
[  147.362004][ T9970] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.383191][ T9970] ext4 filesystem being mounted at /473/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.395062][ T9970] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.489820][ T9990] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2410'.
[  147.595377][T10000] lo speed is unknown, defaulting to 1000
[  147.602348][T10000] lo speed is unknown, defaulting to 1000
[  147.997264][T10014] netlink: 'syz.7.2418': attribute type 1 has an invalid length.
[  148.005222][T10014] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2418'.
[  148.050648][T10010] sch_fq: defrate 2048 ignored.
[  148.263177][T10047] 9pnet: p9_errstr2errno: server reported unknown error 
[  148.326742][   T29] kauditd_printk_skb: 113 callbacks suppressed
[  148.326760][   T29] audit: type=1326 audit(2000000032.170:3950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10054 comm="syz.6.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  148.333491][T10055] loop6: detected capacity change from 0 to 512
[  148.367298][   T29] audit: type=1326 audit(2000000032.170:3951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10054 comm="syz.6.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  148.391054][   T29] audit: type=1326 audit(2000000032.170:3952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10054 comm="syz.6.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  148.414667][T10055] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  148.423722][   T29] audit: type=1326 audit(2000000032.170:3953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10054 comm="syz.6.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  148.447451][   T29] audit: type=1326 audit(2000000032.170:3954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10054 comm="syz.6.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0b4550e963 code=0x7ffc0000
[  148.458551][T10055] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  148.471015][   T29] audit: type=1326 audit(2000000032.170:3955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10054 comm="syz.6.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0b4550d3df code=0x7ffc0000
[  148.480512][T10055] System zones: 
[  148.502391][   T29] audit: type=1326 audit(2000000032.170:3956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10054 comm="syz.6.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f0b4550e9b7 code=0x7ffc0000
[  148.506929][T10055] 0-2
[  148.529429][   T29] audit: type=1326 audit(2000000032.170:3957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10054 comm="syz.6.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b4550d290 code=0x7ffc0000
[  148.532058][T10055] , 18-18, 34-34
[  148.555760][   T29] audit: type=1326 audit(2000000032.170:3958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10054 comm="syz.6.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0b4550e52b code=0x7ffc0000
[  148.555802][   T29] audit: type=1326 audit(2000000032.210:3959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10054 comm="syz.6.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0b4550d58a code=0x7ffc0000
[  148.607935][T10055] 
[  148.625620][T10055] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.641540][T10055] ext4 filesystem being mounted at /404/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.698448][T10069] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2440'.
[  148.707440][T10069] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2440'.
[  148.718492][T10069] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2440'.
[  148.740503][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.860679][T10085] loop8: detected capacity change from 0 to 1024
[  148.879397][T10085] EXT4-fs: Ignoring removed nomblk_io_submit option
[  148.900040][T10089] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2450'.
[  148.900576][T10091] netlink: 'syz.6.2449': attribute type 1 has an invalid length.
[  148.924258][T10085] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.014500][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.030896][T10105] loop6: detected capacity change from 0 to 512
[  149.040794][T10105] EXT4-fs: Ignoring removed nobh option
[  149.052625][T10105] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -13
[  149.066336][T10105] EXT4-fs error (device loop6): ext4_clear_blocks:876: inode #13: comm syz.6.2455: attempt to clear invalid blocks 2 len 1
[  149.085790][T10105] EXT4-fs (loop6): Remounting filesystem read-only
[  149.097258][T10105] EXT4-fs (loop6): 1 truncate cleaned up
[  149.105741][T10105] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.211750][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.231603][T10122] SELinux: failed to load policy
[  149.277481][T10127] netlink: 'syz.8.2462': attribute type 1 has an invalid length.
[  149.412262][T10137] loop8: detected capacity change from 0 to 2048
[  149.450546][T10137] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.494669][ T4000] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  149.547925][ T4000] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  149.560254][ T4000] EXT4-fs (loop8): This should not happen!! Data will be lost
[  149.560254][ T4000] 
[  149.570431][ T4000] EXT4-fs (loop8): Total free blocks count 0
[  149.577233][ T4000] EXT4-fs (loop8): Free/Dirty block details
[  149.583270][ T4000] EXT4-fs (loop8): free_blocks=66060288
[  149.588907][ T4000] EXT4-fs (loop8): dirty_blocks=32
[  149.594050][ T4000] EXT4-fs (loop8): Block reservation details
[  149.600107][ T4000] EXT4-fs (loop8): i_reserved_data_blocks=2
[  149.607350][ T4000] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  149.729479][T10152] loop6: detected capacity change from 0 to 512
[  149.744526][T10152] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  149.791738][T10152] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.836971][T10152] ext4 filesystem being mounted at /413/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.880556][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.981096][T10177] netlink: 'syz.8.2483': attribute type 10 has an invalid length.
[  149.991337][T10175] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.025356][T10177] netlink: 'syz.8.2483': attribute type 10 has an invalid length.
[  150.059216][T10175] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.094938][T10185] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  150.094938][T10185] The task syz.6.2484 (10185) triggered the difference, watch for misbehavior.
[  150.119400][T10175] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.170662][T10185] loop6: detected capacity change from 0 to 256
[  150.183853][T10185] vfat: Unknown parameter 'shortname'
[  150.207541][T10175] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.262755][T10087] syz.0.2448 (10087) used greatest stack depth: 5856 bytes left
[  150.292391][T10175] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.307654][T10175] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.331729][T10175] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  150.344835][T10175] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  150.953990][T10198] xt_CT: You must specify a L4 protocol and not use inversions on it
[  151.113746][T10209] netlink: 'syz.7.2496': attribute type 10 has an invalid length.
[  151.135211][T10209] team0: Port device dummy0 added
[  151.150184][T10209] netlink: 'syz.7.2496': attribute type 10 has an invalid length.
[  151.159971][T10209] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  151.170500][T10209] team0: Failed to send options change via netlink (err -105)
[  151.178514][T10209] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  151.188436][T10209] team0: Port device dummy0 removed
[  151.204761][T10209] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  151.512559][T10251] netlink: 'syz.4.2515': attribute type 10 has an invalid length.
[  151.523695][T10251] bond0: (slave dummy0): Releasing backup interface
[  151.541410][T10251] team0: Port device dummy0 added
[  151.578673][T10251] netlink: 'syz.4.2515': attribute type 10 has an invalid length.
[  151.602360][T10251] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  151.637038][T10251] team0: Failed to send options change via netlink (err -105)
[  151.646104][T10251] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  151.663909][T10251] team0: Port device dummy0 removed
[  151.676130][T10251] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  151.783120][T10264] __nla_validate_parse: 5 callbacks suppressed
[  151.783137][T10264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2521'.
[  151.799006][T10264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2521'.
[  151.829600][T10264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2521'.
[  151.989933][T10278] netlink: 68 bytes leftover after parsing attributes in process `syz.7.2527'.
[  152.409307][T10308] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2536'.
[  152.422592][T10306] loop6: detected capacity change from 0 to 1024
[  152.437646][T10306] EXT4-fs: Ignoring removed nobh option
[  152.443304][T10306] EXT4-fs: Ignoring removed nobh option
[  152.460490][T10306] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  152.474875][T10306] EXT4-fs error (device loop6): ext4_get_journal_inode:5796: comm syz.6.2534: inode #4294967295: comm syz.6.2534: iget: illegal inode #
[  152.519621][T10306] EXT4-fs (loop6): no journal found
[  152.524917][T10306] EXT4-fs (loop6): can't get journal size
[  152.558822][T10306] EXT4-fs (loop6): failed to initialize system zone (-22)
[  152.585241][T10306] EXT4-fs (loop6): mount failed
[  153.148677][T10346] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2551'.
[  153.335650][T10362] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[  153.347697][   T29] kauditd_printk_skb: 81 callbacks suppressed
[  153.347712][   T29] audit: type=1400 audit(2000000037.190:4041): avc:  denied  { relabelto } for  pid=10360 comm="syz.4.2558" name="cgroup.procs" dev="cgroup" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  153.381466][   T29] audit: type=1400 audit(2000000037.190:4042): avc:  denied  { associate } for  pid=10360 comm="syz.4.2558" name="cgroup.procs" dev="cgroup" ino=200 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:crond_var_run_t:s0"
[  153.398897][T10363] random: crng reseeded on system resumption
[  153.411994][   T29] audit: type=1400 audit(2000000037.230:4043): avc:  denied  { append } for  pid=10359 comm="syz.6.2557" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  153.439978][   T29] audit: type=1400 audit(2000000037.230:4044): avc:  denied  { open } for  pid=10359 comm="syz.6.2557" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  153.492190][T10367] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.503179][T10369] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2561'.
[  153.516700][T10369] netlink: zone id is out of range
[  153.521895][T10369] netlink: zone id is out of range
[  153.527122][T10369] netlink: zone id is out of range
[  153.534389][T10369] netlink: del zone limit has 8 unknown bytes
[  153.573207][T10373] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  153.598220][T10367] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.632085][T10381] xt_CT: You must specify a L4 protocol and not use inversions on it
[  153.667774][T10367] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.752864][T10367] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.812209][T10367] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.826149][T10407] loop6: detected capacity change from 0 to 128
[  153.840074][T10367] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.850899][T10407] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  153.869366][T10367] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.885099][T10407] ext4 filesystem being mounted at /429/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  153.900288][T10367] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.097290][T10428] loop4: detected capacity change from 0 to 1024
[  154.163310][T10428] EXT4-fs: Ignoring removed nobh option
[  154.168993][T10428] EXT4-fs: Ignoring removed nobh option
[  154.242065][T10448] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.274968][T10428] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  154.318080][T10448] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.350436][T10428] EXT4-fs error (device loop4): ext4_get_journal_inode:5796: comm syz.4.2566: inode #4294967295: comm syz.4.2566: iget: illegal inode #
[  154.385310][T10428] EXT4-fs (loop4): no journal found
[  154.391435][T10428] EXT4-fs (loop4): can't get journal size
[  154.400162][T10448] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.438729][T10428] EXT4-fs (loop4): failed to initialize system zone (-22)
[  154.447244][T10448] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.457191][T10428] EXT4-fs (loop4): mount failed
[  154.523014][T10461] xt_CT: You must specify a L4 protocol and not use inversions on it
[  154.646651][T10466] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  154.656011][T10465] tipc: Resetting bearer <eth:syzkaller0>
[  154.687825][T10468] loop6: detected capacity change from 0 to 256
[  154.726441][T10465] tipc: Disabling bearer <eth:syzkaller0>
[  154.758584][T10474] xt_hashlimit: size too large, truncated to 1048576
[  154.897337][T10479] netlink: 596 bytes leftover after parsing attributes in process `syz.6.2588'.
[  155.231565][   T29] audit: type=1326 audit(2000000039.070:4045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10495 comm="syz.7.2594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  155.255385][   T29] audit: type=1326 audit(2000000039.070:4046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10495 comm="syz.7.2594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  155.290756][   T29] audit: type=1326 audit(2000000039.070:4047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10495 comm="syz.7.2594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  155.314378][   T29] audit: type=1326 audit(2000000039.070:4048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10495 comm="syz.7.2594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  155.338195][   T29] audit: type=1326 audit(2000000039.070:4049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10495 comm="syz.7.2594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  155.361890][   T29] audit: type=1326 audit(2000000039.130:4050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10495 comm="syz.7.2594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  155.372485][T10496] lo speed is unknown, defaulting to 1000
[  155.402084][T10448] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.414018][T10448] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.443703][T10414] syz.4.2566 (10414) used greatest stack depth: 5824 bytes left
[  155.448688][T10448] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.470804][T10496] lo speed is unknown, defaulting to 1000
[  155.492710][T10448] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.577919][T10505] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.622569][T10509] tipc: New replicast peer: 255.255.255.255
[  155.628749][T10509] tipc: Enabled bearer <udp:s>, priority 10
[  155.657864][T10505] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.748638][T10517] netlink: 160 bytes leftover after parsing attributes in process `syz.7.2604'.
[  155.758202][T10517] netlink: 160 bytes leftover after parsing attributes in process `syz.7.2604'.
[  155.778907][T10505] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.845264][T10529] 8021q: adding VLAN 0 to HW filter on device team1
[  155.905339][T10535] netlink: 'syz.7.2611': attribute type 1 has an invalid length.
[  155.915032][T10505] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.935937][T10537] loop8: detected capacity change from 0 to 1024
[  155.939757][T10535] 8021q: adding VLAN 0 to HW filter on device bond1
[  155.958553][T10537] ext4 filesystem being mounted at /422/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.975603][T10535] bond1 (unregistering): Released all slaves
[  155.985355][T10537] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  156.001911][T10537] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  156.014371][T10537] EXT4-fs (loop8): This should not happen!! Data will be lost
[  156.014371][T10537] 
[  156.024050][T10537] EXT4-fs (loop8): Total free blocks count 0
[  156.030799][T10537] EXT4-fs (loop8): Free/Dirty block details
[  156.036759][T10537] EXT4-fs (loop8): free_blocks=4293918720
[  156.042507][T10537] EXT4-fs (loop8): dirty_blocks=64
[  156.047676][T10537] EXT4-fs (loop8): Block reservation details
[  156.053724][T10537] EXT4-fs (loop8): i_reserved_data_blocks=4
[  156.674376][T10570] loop6: detected capacity change from 0 to 1024
[  156.699147][T10570] ext4 filesystem being mounted at /442/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.728953][T10570] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  156.779710][T10570] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  156.792306][T10570] EXT4-fs (loop6): This should not happen!! Data will be lost
[  156.792306][T10570] 
[  156.802819][T10570] EXT4-fs (loop6): Total free blocks count 0
[  156.808903][T10570] EXT4-fs (loop6): Free/Dirty block details
[  156.814871][T10570] EXT4-fs (loop6): free_blocks=4293918720
[  156.820737][T10570] EXT4-fs (loop6): dirty_blocks=64
[  156.826979][T10570] EXT4-fs (loop6): Block reservation details
[  156.833007][T10570] EXT4-fs (loop6): i_reserved_data_blocks=4
[  157.020147][T10505] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.054924][T10505] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.089235][T10505] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.150901][T10505] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.183377][T10598] __nla_validate_parse: 1 callbacks suppressed
[  157.183396][T10598] netlink: 96 bytes leftover after parsing attributes in process `syz.8.2636'.
[  157.200699][T10600] 8021q: VLANs not supported on ip6gre0
[  157.248625][T10606] IPVS: Error connecting to the multicast addr
[  157.309725][T10610] netlink: 'syz.6.2641': attribute type 1 has an invalid length.
[  157.334655][T10610] bond2: entered promiscuous mode
[  157.340002][T10610] bond2: entered allmulticast mode
[  157.364576][T10610] geneve2: entered allmulticast mode
[  157.396642][T10610] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.398796][T10616] netlink: 'syz.7.2644': attribute type 39 has an invalid length.
[  157.404926][T10610] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.421076][T10610] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.429407][T10610] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.439790][T10610] bond2: (slave geneve2): making interface the new active one
[  157.447031][T10617] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2641'.
[  157.447333][T10610] geneve2: entered promiscuous mode
[  157.462305][T10610] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  157.481123][T10617] bond2: left promiscuous mode
[  157.486109][T10617] geneve2: left promiscuous mode
[  157.491255][T10617] bond2: left allmulticast mode
[  157.510537][T10617] 8021q: adding VLAN 0 to HW filter on device bond2
[  157.621274][T10623] vlan2: entered allmulticast mode
[  157.626649][T10623] bond0: entered allmulticast mode
[  157.642090][T10623] dummy0: entered allmulticast mode
[  157.652246][T10623] bond0: (slave vlan2): Opening slave failed
[  157.719588][T10631] loop8: detected capacity change from 0 to 512
[  157.742222][T10631] EXT4-fs: Ignoring removed mblk_io_submit option
[  157.767343][T10631] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  157.784903][T10631] EXT4-fs (loop8): orphan cleanup on readonly fs
[  157.792581][T10631] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  157.824955][T10631] EXT4-fs (loop8): Cannot turn on quotas: error -117
[  157.833526][T10631] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.2651: bg 0: block 40: padding at end of block bitmap is not set
[  157.862407][T10631] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  157.876907][T10631] EXT4-fs (loop8): 1 truncate cleaned up
[  157.913041][T10649] loop4: detected capacity change from 0 to 512
[  157.920419][T10651] netlink: 'syz.6.2658': attribute type 13 has an invalid length.
[  157.945271][T10651] gretap0: left promiscuous mode
[  157.965615][T10651] gretap0: refused to change device tx_queue_len
[  157.966393][T10649] ext4 filesystem being mounted at /512/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  157.983007][T10651] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  158.214893][T10671] netlink: 'syz.6.2664': attribute type 10 has an invalid length.
[  158.233569][T10671] veth0_vlan: entered allmulticast mode
[  158.247153][T10675] SELinux: failed to load policy
[  158.255281][T10671] veth0_vlan: left promiscuous mode
[  158.272684][T10671] veth0_vlan: entered promiscuous mode
[  158.287803][T10671] team0: Device veth0_vlan failed to register rx_handler
[  158.378783][T10691] netlink: 'syz.0.2676': attribute type 39 has an invalid length.
[  158.387221][T10689] atomic_op ffff88811990f128 conn xmit_atomic 0000000000000000
[  158.447587][T10696] netlink: 'syz.4.2678': attribute type 1 has an invalid length.
[  158.474321][   T29] kauditd_printk_skb: 29 callbacks suppressed
[  158.474339][   T29] audit: type=1400 audit(2000000042.310:4079): avc:  denied  { map } for  pid=10698 comm="syz.7.2679" path="socket:[31314]" dev="sockfs" ino=31314 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  158.503759][   T29] audit: type=1400 audit(2000000042.310:4080): avc:  denied  { read accept } for  pid=10698 comm="syz.7.2679" path="socket:[31314]" dev="sockfs" ino=31314 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  158.536018][T10696] bond2: entered promiscuous mode
[  158.541169][T10696] bond2: entered allmulticast mode
[  158.549174][T10700] geneve2: entered allmulticast mode
[  158.558029][T10700] bond2: (slave geneve2): making interface the new active one
[  158.565571][T10700] geneve2: entered promiscuous mode
[  158.600046][T10705] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2678'.
[  158.618542][T10700] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  158.629016][T10704] sch_tbf: burst 0 is lower than device lo mtu (39799) !
[  158.668374][T10705] bond2: left promiscuous mode
[  158.673340][T10705] geneve2: left promiscuous mode
[  158.678616][T10705] bond2: left allmulticast mode
[  158.686808][T10705] 8021q: adding VLAN 0 to HW filter on device bond2
[  158.702056][T10707] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.767610][T10707] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.819204][T10707] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.877111][T10707] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.944001][T10707] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  158.978584][T10707] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  159.026445][T10707] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  159.056309][T10732] pim6reg1: entered promiscuous mode
[  159.061741][T10732] pim6reg1: entered allmulticast mode
[  159.074809][T10707] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  159.161560][   T29] audit: type=1326 audit(2000000043.000:4081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10734 comm="syz.7.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  159.185368][   T29] audit: type=1326 audit(2000000043.000:4082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10734 comm="syz.7.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  159.209110][   T29] audit: type=1326 audit(2000000043.000:4083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10734 comm="syz.7.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  159.233165][   T29] audit: type=1326 audit(2000000043.000:4084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10734 comm="syz.7.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  159.256912][   T29] audit: type=1326 audit(2000000043.000:4085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10734 comm="syz.7.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  159.280642][   T29] audit: type=1326 audit(2000000043.000:4086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10734 comm="syz.7.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  159.304483][   T29] audit: type=1326 audit(2000000043.000:4087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10734 comm="syz.7.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  159.328289][   T29] audit: type=1326 audit(2000000043.000:4088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10734 comm="syz.7.2701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d286ce929 code=0x7ffc0000
[  159.512844][T10752] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  159.533253][T10759] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  159.541413][T10759] tipc: Enabled bearer <udp:syz1>, priority 10
[  159.570634][T10767] netlink: 664 bytes leftover after parsing attributes in process `syz.4.2700'.
[  159.775404][T10779] loop8: detected capacity change from 0 to 1024
[  159.802518][T10779] EXT4-fs: Ignoring removed nobh option
[  159.808298][T10779] EXT4-fs: Ignoring removed nobh option
[  159.838929][T10779] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  159.865523][T10779] EXT4-fs error (device loop8): ext4_get_journal_inode:5796: comm syz.8.2704: inode #4294967295: comm syz.8.2704: iget: illegal inode #
[  159.911739][T10779] EXT4-fs (loop8): no journal found
[  159.917093][T10779] EXT4-fs (loop8): can't get journal size
[  159.945153][T10779] EXT4-fs (loop8): failed to initialize system zone (-22)
[  159.961483][T10779] EXT4-fs (loop8): mount failed
[  160.281676][T10800] tipc: Started in network mode
[  160.286658][T10800] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  160.295765][T10800] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  160.840820][T10843] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  161.390017][T10887] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10887 comm=syz.0.2754
[  161.402686][T10887] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10887 comm=syz.0.2754
[  161.708645][T10905] batadv_slave_0: entered promiscuous mode
[  161.753707][T10911] loop8: detected capacity change from 0 to 164
[  161.787156][T10913] loop6: detected capacity change from 0 to 2049
[  161.798340][T10913] EXT4-fs warning (device loop6): read_mmp_block:115: Error -117 while reading MMP block 64
[  161.880947][T10919] lo speed is unknown, defaulting to 1000
[  161.887630][T10919] lo speed is unknown, defaulting to 1000
[  161.938785][T10930] ref_ctr_offset mismatch. inode: 0x93c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  162.143417][T10942] netlink: 33912 bytes leftover after parsing attributes in process `syz.4.2768'.
[  162.637010][T10960] lo speed is unknown, defaulting to 1000
[  162.644264][T10960] lo speed is unknown, defaulting to 1000
[  162.858790][T10988] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2785'.
[  163.109005][T11000] pim6reg1: entered promiscuous mode
[  163.114515][T11000] pim6reg1: entered allmulticast mode
[  163.234979][T11010] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.327881][T11010] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.397890][T11010] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.410700][T11021] loop6: detected capacity change from 0 to 2048
[  163.448217][T11010] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.466770][T11021]  loop6: p1 < > p4
[  163.471210][T11021] loop6: p4 size 8388608 extends beyond EOD, truncated
[  163.514929][T11010] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  163.538857][T11010] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.568762][T11010] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.598420][T11010] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  163.686944][T11025] loop6: detected capacity change from 0 to 128
[  163.693671][T11025] EXT4-fs: Ignoring removed nobh option
[  163.721906][T11027] IPv6: Can't replace route, no match found
[  163.739149][T11025] EXT4-fs mount: 9 callbacks suppressed
[  163.739169][T11025] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  163.794751][T11025] ext4 filesystem being mounted at /476/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  163.834932][   T29] kauditd_printk_skb: 70 callbacks suppressed
[  163.834950][   T29] audit: type=1326 audit(2000000047.670:4159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11032 comm="syz.4.2804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  163.896447][ T4507] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  163.911819][   T29] audit: type=1326 audit(2000000047.710:4160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11032 comm="syz.4.2804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  163.936219][   T29] audit: type=1326 audit(2000000047.710:4161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11032 comm="syz.4.2804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  163.959891][   T29] audit: type=1326 audit(2000000047.710:4162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11032 comm="syz.4.2804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  163.984297][   T29] audit: type=1326 audit(2000000047.710:4163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11032 comm="syz.4.2804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  164.008665][   T29] audit: type=1326 audit(2000000047.710:4164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11032 comm="syz.4.2804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  164.032253][   T29] audit: type=1326 audit(2000000047.720:4165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11032 comm="syz.4.2804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  164.056596][   T29] audit: type=1326 audit(2000000047.720:4166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11032 comm="syz.4.2804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  164.080165][   T29] audit: type=1326 audit(2000000047.720:4167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11032 comm="syz.4.2804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  164.104662][   T29] audit: type=1326 audit(2000000047.720:4168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11032 comm="syz.4.2804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7faac037e929 code=0x7ffc0000
[  164.166489][T11051] batadv_slave_0: entered promiscuous mode
[  164.475892][T11075] loop6: detected capacity change from 0 to 8192
[  164.744214][T11115] ALSA: seq fatal error: cannot create timer (-22)
[  164.757232][T11116] netlink: 'syz.7.2824': attribute type 4 has an invalid length.
[  164.769176][T11116] netlink: 'syz.7.2824': attribute type 4 has an invalid length.
[  164.988676][T11127] loop6: detected capacity change from 0 to 164
[  165.025248][T11127] bio_check_eod: 12 callbacks suppressed
[  165.025293][T11127] syz.6.2828: attempt to access beyond end of device
[  165.025293][T11127] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  165.076459][T11127] syz.6.2828: attempt to access beyond end of device
[  165.076459][T11127] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  165.197705][T11131] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2830'.
[  165.609057][T11139] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2833'.
[  165.629941][T11139] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2833'.
[  165.861213][T11158] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2841'.
[  166.070531][T11175] ÿÿÿÿÿÿ: renamed from vlan1
[  166.166984][T11177] ref_ctr increment failed for inode: 0x977 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff88810378dc00
[  166.193501][T11176] uprobe: syz.8.2850:11176 failed to unregister, leaking uprobe
[  167.292651][T11202] loop8: detected capacity change from 0 to 1024
[  167.311241][T11202] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  167.322225][T11202] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  167.361696][T11202] JBD2: no valid journal superblock found
[  167.367543][T11202] EXT4-fs (loop8): Could not load journal inode
[  167.707027][T11225] loop4: detected capacity change from 0 to 1024
[  167.714457][T11225] EXT4-fs: Ignoring removed nomblk_io_submit option
[  167.722123][T11225] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  167.733172][T11225] JBD2: no valid journal superblock found
[  167.738983][T11225] EXT4-fs (loop4): Could not load journal inode
[  168.552736][T11249] syz_tun: entered allmulticast mode
[  168.567320][T11246] syz_tun: left allmulticast mode
[  169.091519][   T29] kauditd_printk_skb: 71 callbacks suppressed
[  169.091551][   T29] audit: type=1400 audit(2000000052.930:4240): avc:  denied  { append } for  pid=11266 comm="syz.6.2886" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  169.126870][T11267] loop6: detected capacity change from 0 to 7
[  169.188841][T11271] netlink: 596 bytes leftover after parsing attributes in process `syz.6.2889'.
[  169.303508][   T29] audit: type=1326 audit(2000000053.140:4241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11274 comm="syz.6.2890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  169.328243][   T29] audit: type=1326 audit(2000000053.140:4242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11274 comm="syz.6.2890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  169.405747][   T29] audit: type=1326 audit(2000000053.200:4243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11274 comm="syz.6.2890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  169.430252][   T29] audit: type=1326 audit(2000000053.200:4244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11274 comm="syz.6.2890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  169.453801][   T29] audit: type=1326 audit(2000000053.200:4245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11274 comm="syz.6.2890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  169.478284][   T29] audit: type=1326 audit(2000000053.210:4246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11274 comm="syz.6.2890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  169.501842][   T29] audit: type=1326 audit(2000000053.210:4247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11274 comm="syz.6.2890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  169.527444][   T29] audit: type=1326 audit(2000000053.210:4248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11274 comm="syz.6.2890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  169.551279][   T29] audit: type=1326 audit(2000000053.210:4249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11274 comm="syz.6.2890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b4550e929 code=0x7ffc0000
[  169.675117][T11288] loop6: detected capacity change from 0 to 512
[  169.724706][T11288] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.760626][T11288] ext4 filesystem being mounted at /503/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.875024][ T4507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.512099][T11312] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2904'.
[  170.726639][T11324] loop8: detected capacity change from 0 to 512
[  170.742061][T11324] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  170.763413][T11324] EXT4-fs (loop8): 1 truncate cleaned up
[  170.776207][T11324] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.924232][T11330] ==================================================================
[  170.932399][T11330] BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark
[  170.940426][T11330] 
[  170.942771][T11330] write to 0xffff888119c9b6ac of 4 bytes by task 11324 on cpu 1:
[  170.950523][T11330]  xas_set_mark+0x12b/0x140
[  170.955065][T11330]  tag_pages_for_writeback+0xc2/0x290
[  170.960470][T11330]  ext4_do_writepages+0x697/0x21c0
[  170.965611][T11330]  ext4_writepages+0x176/0x300
[  170.970430][T11330]  do_writepages+0x1c6/0x310
[  170.975054][T11330]  file_write_and_wait_range+0x156/0x2c0
[  170.980744][T11330]  generic_buffers_fsync_noflush+0x45/0x120
[  170.986676][T11330]  ext4_sync_file+0x1ab/0x690
[  170.991403][T11330]  vfs_fsync_range+0x10d/0x130
[  170.996205][T11330]  ext4_buffered_write_iter+0x34f/0x3c0
[  171.001780][T11330]  ext4_file_write_iter+0xdbf/0xf00
[  171.007004][T11330]  iter_file_splice_write+0x5f2/0x970
[  171.012410][T11330]  direct_splice_actor+0x156/0x2a0
[  171.017587][T11330]  splice_direct_to_actor+0x312/0x680
[  171.022994][T11330]  do_splice_direct+0xda/0x150
[  171.027787][T11330]  do_sendfile+0x380/0x650
[  171.032228][T11330]  __x64_sys_sendfile64+0x105/0x150
[  171.037450][T11330]  x64_sys_call+0xb39/0x2fb0
[  171.042063][T11330]  do_syscall_64+0xd2/0x200
[  171.046585][T11330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.052502][T11330] 
[  171.054837][T11330] read to 0xffff888119c9b6ac of 4 bytes by task 11330 on cpu 0:
[  171.062520][T11330]  file_write_and_wait_range+0x10e/0x2c0
[  171.068190][T11330]  generic_buffers_fsync_noflush+0x45/0x120
[  171.074122][T11330]  ext4_sync_file+0x1ab/0x690
[  171.078827][T11330]  vfs_fsync_range+0x10d/0x130
[  171.083612][T11330]  ext4_buffered_write_iter+0x34f/0x3c0
[  171.089188][T11330]  ext4_file_write_iter+0xdbf/0xf00
[  171.094419][T11330]  iter_file_splice_write+0x5f2/0x970
[  171.099835][T11330]  direct_splice_actor+0x156/0x2a0
[  171.104981][T11330]  splice_direct_to_actor+0x312/0x680
[  171.110386][T11330]  do_splice_direct+0xda/0x150
[  171.115197][T11330]  do_sendfile+0x380/0x650
[  171.119651][T11330]  __x64_sys_sendfile64+0x105/0x150
[  171.124885][T11330]  x64_sys_call+0xb39/0x2fb0
[  171.129514][T11330]  do_syscall_64+0xd2/0x200
[  171.134040][T11330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.139962][T11330] 
[  171.142373][T11330] value changed: 0x02000021 -> 0x04000021
[  171.148105][T11330] 
[  171.150438][T11330] Reported by Kernel Concurrency Sanitizer on:
[  171.156617][T11330] CPU: 0 UID: 0 PID: 11330 Comm: syz.8.2910 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  171.169138][T11330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  171.179215][T11330] ==================================================================
[  171.187711][T11331] EXT4-fs error (device loop8): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.8.2910: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  171.234661][T11331] EXT4-fs (loop8): Remounting filesystem read-only
[  171.389715][ T4749] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.