last executing test programs:

3m46.394364337s ago: executing program 32 (id=2564):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000780)=ANY=[@ANYBLOB="7a0af8ff75257000bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b25952850a84a70002b2ab3d6ffaa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc44bc25fb591cf77b9dfb379a3f611dbc2a364916f098dab10b1a297cf528666d1ddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e9e54687d3c56d7bedb6b2f25ddb8c640bb321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0b6dd7356aa79d5fabb5c0d0da6d719d7e0efb2bb713d18242cd5df6ca53307a4cdd91be4587f90e317c8de5e5c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1786eda2b20"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000240)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r2}, &(0x7f00000002c0), &(0x7f0000000300), 0xa00}, 0x20)

3m33.128716159s ago: executing program 33 (id=3068):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007"], 0x64}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002002000000004000100080004"], 0x44}}, 0x0)

2m37.392349074s ago: executing program 34 (id=5003):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)

48.589715659s ago: executing program 6 (id=10138):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x4000000a})
preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000280)=""/154, 0x9a}], 0x1, 0x101, 0xe06)
ppoll(&(0x7f0000000100)=[{r1, 0x200}], 0x1, &(0x7f0000000140), 0x0, 0x0)

48.57905356s ago: executing program 6 (id=10139):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESOCT], 0x5c}}, 0x0)

48.557550641s ago: executing program 0 (id=10141):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
fdatasync(0xffffffffffffffff)

48.502653306s ago: executing program 6 (id=10144):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = socket$key(0xf, 0x3, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x531, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
sendmsg$key(r1, &(0x7f0000000400)={0x10000000, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYBLOB="020e0080150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff000000000600330000000000000000000000eafffd8000000000000000000000000000aa000000000000000000000000000000000400"], 0xa8}}, 0x2)

48.403878534s ago: executing program 0 (id=10146):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x56c, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000100)="09001600e700140000007e7bfbf788a83baa9900d6f18f8e9500810000000000", 0x20, 0x24000801, &(0x7f0000000300)={0x11, 0x8100, r2, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14)

48.356061877s ago: executing program 0 (id=10160):
r0 = io_uring_setup(0x560d, &(0x7f0000000680)={0x0, 0xb586, 0x8, 0xffffffff, 0x3bd})
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x3, 0x9)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x7fffffffffffffff)

48.351594698s ago: executing program 6 (id=10150):
r0 = semget$private(0x0, 0x6, 0x0)
semtimedop(r0, &(0x7f00000002c0)=[{0x1, 0xfffe, 0x1000}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x0, 0xc63e}, {0x4, 0x4, 0x1800}], 0x2)
semctl$GETZCNT(r0, 0x1, 0xf, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000200)=[0x8, 0xb2b])

48.19543085s ago: executing program 0 (id=10165):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x3f)

47.793204752s ago: executing program 4 (id=10175):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
syz_emit_ethernet(0x4e, &(0x7f0000000780)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd60002000001832ff00000000000000000000ffff0a010100fe8000000000000000000000000000aa"], 0x0)

47.790781293s ago: executing program 4 (id=10177):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
sendfile(r2, r2, 0x0, 0xb)

47.57549009s ago: executing program 4 (id=10178):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x1494)
fcntl$setstatus(r0, 0x4, 0x0)

47.57537736s ago: executing program 35 (id=10178):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x1494)
fcntl$setstatus(r0, 0x4, 0x0)

47.57002201s ago: executing program 0 (id=10188):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110)
setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108)
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108)

47.365144597s ago: executing program 0 (id=10181):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0001}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='kmem_cache_free\x00', r0}, 0x18)
setpriority(0x3, 0x0, 0xfffffffd)

47.365029927s ago: executing program 36 (id=10181):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0001}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='kmem_cache_free\x00', r0}, 0x18)
setpriority(0x3, 0x0, 0xfffffffd)

47.364943257s ago: executing program 6 (id=10182):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4)
sendmmsg$inet(r1, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)='\x00\x00\x00', 0x3}], 0x1}}], 0x1, 0x2400c042)

47.218272449s ago: executing program 6 (id=10184):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xa7f10723c5e5444d}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

47.217974788s ago: executing program 37 (id=10184):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xa7f10723c5e5444d}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

14.261509258s ago: executing program 9 (id=11257):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x15, 0x1ffffffffffffe06, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)

14.066671384s ago: executing program 9 (id=11272):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
arch_prctl$ARCH_SET_GS(0x1001, 0x0)

14.004823479s ago: executing program 9 (id=11275):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x32)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

13.976585781s ago: executing program 9 (id=11278):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x4cb, &(0x7f00000005c0)="$eJzs3ctvG9UaAPDPdpMmbe7t415dtb3SbaVeqfehxnkINQEkxApYVEJUYgNSCYkbSpw6ip3SRF2ksOuCBQKBhFiw5y9gQ1dUlRBrEFtWqBWUIAECychju83DTkNJbZr5/aSpz8y4/s6x+50en5nxBJBax2p/ZCIGIuLziNhXX137hGP1h5XblydrSyaq1TPfZpLn1dabT23+vb0RsRwRfRHx3FMRL2c2xi0vLs1MFIuF+cZ6vjI7ly8vLp08PzsxXZguXBgeOzU+PjY0OjK+bW29+uarV09//EzvRz++cfP6W59+UqvWQGPf6nZsp3rTe+LAqm27IuLxBxGsC3KN9vR3uyLcl9rn97eIOJ7k/77IJZ8mkAbVarX6a3V3u93LVWDHyiZj4Ex2MCLq5Wx2cLA+hv977MkWS+XK/8+VFi5M1cfK+6Mne+58sTDU+K6wP3oytfXhpHx3fWTd+mhEMgZ+O9efrA9OlopTne3qgHX2rsv/H3L1/AdSwld+SC/5D+kl/yG95D+kl/yH9JL/kF7yH9JL/kN6yX9IL/kP6bVZ/vd2sB5ARz17+nRtqTavf5+6uLgwU7p4cqpQnhmcXZgcnCzNzw1Ol0rTyTU7s/d6vWKpNDf8SCxcylcK5Uq+vLh0dra0cKFyNrmu/2yhpyOtArbiwNFrX2YiYvnR/mSJVf/ly1XY2arVTHT7GmSgO3Ld7oCArjH1D+n1O77jt/2RMODh1uInetfoa735iZh7ELUBOiG72c5fbnSuIkDHnTjs+B+klfl/SC/z/5BexvjAfc7/h/l/eHhtOv8P7GgDbe7/9ZdV9+4aioi/RsQXuZ7dzXt9ATtB9ptMY/x/Yt+/B9bv7c38lBwi6I2I194/8+6liUplfri2/bs72yvvNbaPdKP+QHtrZ/iaedrMYwAgvVZuX55sLp2Me+vJ+kkIG+PvasxN9iUjmD0rmTXnKmS26dyF5SsRcahV/Ezjfuf1Ix97VnIb4h9sPGbqL5HUd1dy3/TOxD+8Kv6/VsU/8offFUiHa7X+Z6hV/mWTnI47+be2/xnYpnMnmv1f85zr1fGb/V+uTf93dIsxXvng9baHd29diTjSsv9txutLYq2PX6vbiS3Gv/ni8/9ot6/6Yf11WsVvqpXyldm5fHlx6eT5Zi3GTo2Pjw2NjoznkznqfHOmeqPHDn12fbP2N7Rp/1ct21/b9t8ttv/nf9544dgm8f9zvPW/v4PJY+v3vz8i/rfF+N+PfP1Su321+FNt3v/sJvFr20a3GL/8ztOuHQaAP5Hy4tLMRLFYmFdQUFC4U7hXz7HcmQ4KeGDuJn23awIAAAAAAAAAAABsVSdOJ+52GwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdoLfAgAA//8N/c3z")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8008, 0x0, 0x0, 0x100, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee1dcf457f0edf110ff4117639c2eb4b78c660e677df700905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})

13.842639452s ago: executing program 9 (id=11287):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000400), 0x1, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x7000, 0x0, 0x10)

13.48511491s ago: executing program 9 (id=11298):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x18)
close(0xffffffffffffffff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001340)=@newtaction={0x488, 0x30, 0x12f, 0x70bd28, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xb84, 0x3, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x100, 0x0, 0x0, 0xc74, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffff001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xffffffff, 0x0, 0x200, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x0, 0x1}, 0x2, 0x0, 0x4}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x1}}}}]}]}, 0x488}}, 0xc0)

13.476181581s ago: executing program 38 (id=11298):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x18)
close(0xffffffffffffffff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001340)=@newtaction={0x488, 0x30, 0x12f, 0x70bd28, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xb84, 0x3, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x100, 0x0, 0x0, 0xc74, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffff001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xffffffff, 0x0, 0x200, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x0, 0x1}, 0x2, 0x0, 0x4}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x1}}}}]}]}, 0x488}}, 0xc0)

11.444871484s ago: executing program 2 (id=11369):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x1}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$netlink(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fbdbdf250f00000005002f000100000005002a0001000000050029000100000008000300", @ANYRES32=r1], 0x54}, 0x1, 0x0, 0x0, 0x24004040}, 0x24008824)

11.325481133s ago: executing program 2 (id=11376):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x28, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2, 0x0, 0x700}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0xfd6c)

11.2435539s ago: executing program 2 (id=11381):
r0 = syz_open_dev$usbfs(&(0x7f0000000340), 0x76, 0x101341)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0), 0xed)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0x80045515, &(0x7f0000000040)=@usbdevfs_connect)

11.156225117s ago: executing program 2 (id=11386):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x2a05004, 0x0)

11.061192435s ago: executing program 2 (id=11389):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xa, 0x4, 0xc, 0xb}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000f00)={'dummy0\x00', &(0x7f0000000600)=@ethtool_sset_info={0x37, 0x9, 0x7fff}})

10.8695617s ago: executing program 2 (id=11401):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

10.840705773s ago: executing program 39 (id=11401):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

3.485122492s ago: executing program 3 (id=11803):
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x40)
close(r0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$tipc(0x1e, 0x5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

3.393937619s ago: executing program 3 (id=11808):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000040)='%pI4   \x00'}, 0x2a)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000c80)=ANY=[@ANYRES16=r1, @ANYBLOB="ed6119d0e8444b33349380cc46fa62c2c750493c6e568dc2cb680715e3e38c90de63d2a035959f3f6437566b5e535d299f5bb2119675df34a604aa5085461b2327c041f9f9e099dea019bb6bc2ff617a01e89be86857baa2c984a782299d533299edec4f75a5da464f1c3719d145b8be78c0ca7948144356a000ef4595230b40c9e505e3616b921f26cdcdc292dc386e168d1cc56b83d3d65fb361f10db361e73ff7a12c999e2746a90048d0d7311dc5637dd6a23d3b46e0b9bfbb2b00c4fd6d6f1ca1fe16b5fec55d90eec263", @ANYRES64=r2, @ANYRESDEC=r0, @ANYRESDEC], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x1, 0xffffffffffffffff, &(0x7f0000010180)=0x60)

3.345671903s ago: executing program 3 (id=11814):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = dup(r0)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000000)={0x23, 0x3, 0x17, 0x1ffe, 0x0, 0x5, 0x0})

3.292697957s ago: executing program 3 (id=11816):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x4cb, &(0x7f00000005c0)="$eJzs3ctvG9UaAPDPdpMmbe7t415dtb3SbaVeqfehxnkINQEkxApYVEJUYgNSCYkbSpw6ip3SRF2ksOuCBQKBhFiw5y9gQ1dUlRBrEFtWqBWUIAECychju83DTkNJbZr5/aSpz8y4/s6x+50en5nxBJBax2p/ZCIGIuLziNhXX137hGP1h5XblydrSyaq1TPfZpLn1dabT23+vb0RsRwRfRHx3FMRL2c2xi0vLs1MFIuF+cZ6vjI7ly8vLp08PzsxXZguXBgeOzU+PjY0OjK+bW29+uarV09//EzvRz++cfP6W59+UqvWQGPf6nZsp3rTe+LAqm27IuLxBxGsC3KN9vR3uyLcl9rn97eIOJ7k/77IJZ8mkAbVarX6a3V3u93LVWDHyiZj4Ex2MCLq5Wx2cLA+hv977MkWS+XK/8+VFi5M1cfK+6Mne+58sTDU+K6wP3oytfXhpHx3fWTd+mhEMgZ+O9efrA9OlopTne3qgHX2rsv/H3L1/AdSwld+SC/5D+kl/yG95D+kl/yH9JL/kF7yH9JL/kN6yX9IL/kP6bVZ/vd2sB5ARz17+nRtqTavf5+6uLgwU7p4cqpQnhmcXZgcnCzNzw1Ol0rTyTU7s/d6vWKpNDf8SCxcylcK5Uq+vLh0dra0cKFyNrmu/2yhpyOtArbiwNFrX2YiYvnR/mSJVf/ly1XY2arVTHT7GmSgO3Ld7oCArjH1D+n1O77jt/2RMODh1uInetfoa735iZh7ELUBOiG72c5fbnSuIkDHnTjs+B+klfl/SC/z/5BexvjAfc7/h/l/eHhtOv8P7GgDbe7/9ZdV9+4aioi/RsQXuZ7dzXt9ATtB9ptMY/x/Yt+/B9bv7c38lBwi6I2I194/8+6liUplfri2/bs72yvvNbaPdKP+QHtrZ/iaedrMYwAgvVZuX55sLp2Me+vJ+kkIG+PvasxN9iUjmD0rmTXnKmS26dyF5SsRcahV/Ezjfuf1Ix97VnIb4h9sPGbqL5HUd1dy3/TOxD+8Kv6/VsU/8offFUiHa7X+Z6hV/mWTnI47+be2/xnYpnMnmv1f85zr1fGb/V+uTf93dIsxXvng9baHd29diTjSsv9txutLYq2PX6vbiS3Gv/ni8/9ot6/6Yf11WsVvqpXyldm5fHlx6eT5Zi3GTo2Pjw2NjoznkznqfHOmeqPHDn12fbP2N7Rp/1ct21/b9t8ttv/nf9544dgm8f9zvPW/v4PJY+v3vz8i/rfF+N+PfP1Su321+FNt3v/sJvFr20a3GL/8ztOuHQaAP5Hy4tLMRLFYmFdQUFC4U7hXz7HcmQ4KeGDuJn23awIAAAAAAAAAAABsVSdOJ+52GwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdoLfAgAA//8N/c3z")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8008, 0x0, 0x0, 0x100, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee1dcf457f0edf110ff4117639c2eb4b78c660e677df700905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})

3.155648598s ago: executing program 3 (id=11823):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3)

2.305006796s ago: executing program 3 (id=11858):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x200000000000002f, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
brk(0x800000000000)

2.280833117s ago: executing program 40 (id=11858):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x200000000000002f, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
brk(0x800000000000)

960.540993ms ago: executing program 4 (id=11849):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000640)={0x2, 0x0, @loopback}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, 0x0}}], 0x90}, 0x0)

925.215266ms ago: executing program 4 (id=11868):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x29, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xf7}, 0x18)
alarm(0x4000000000002)

879.007851ms ago: executing program 7 (id=11883):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="646f74732c646f74732c646f74732c636865636b3d72656c617865642c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030302c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c636865636b3d7374726963742c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c646f74732c646f74732c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c6e6f646f74732c646f74732c666d61736b3d30303030303030303030303030303030303030303030322c6e6f646f74732c646f74732c666c7573682c6e6f646f74732c636865636b3d6e6f726d616c2c0079c7cebee7a0df8765ffc536c4e752679b645307d1bf097e07b8e261bb27d1bb80ee490fc501e4f230ddf1483b11ac5c39a93cfc3ba360037c79a9be063a3bf5015e3d6a8cad0e98ccb29619c51c44ec612fc7ff44fa8cf7759eada764c43ba9d602a958bd209ace3df01c3dae04baa94aedc5515da8160ae0"], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000100)="8000102e", 0x3}], 0x1}}], 0x1, 0x4c0c0)
mount$nfs(&(0x7f0000000100)='.5.', 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40, 0x1ff)

878.52851ms ago: executing program 4 (id=11870):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x1, 0x0, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0xfbd, 0x64, 0x0, 0xb, 0x88, 0x0, @private=0xa0100fe, @dev={0xac, 0x14, 0x14, 0x1a}}, "3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0dad392d66248a43540df968e7fcaab34569c0e36170578c0d3c546a98b26295e2592f360905866eb4720fed00100000000000005629fd6ccec64f13a999f18f518e3ee28798381975e862f1db9dccdb2f1c1fb60f5ffc7a339d40a8bd1f24cede8a32f186f142e194d4fb48224759faf813ea80e6a853e79b4fe27fe3e1aec5897b314a7f0d515b07b1835986b4885e9826d902c40f16cd77c58b6433ab039955ce9db11f36f459e7114ace6c9989eecea80a81fd39f339356c7c3391af83da2486503a7973f6db4806cf3e5ca94cf7e1f79fd00decd76100c18251a59d1474caabf4d3ca6a9a9885df710e68c5b0dc11832dbb5eecb5c88c2f8f02bdbd88569ad4a740359cbca8c378118220d73bdd1e661c3a74f77aa931b11cd38119b0f084bb96e84803fca6566c33ee1e4e34ab0253fbf24f9f5974af5e1fc2a43a4ec9dd9928a8f38a128ea27c429300ae5a6bd7740471f973d8224b2b07879f4fbe7dcbed776a72ebdc713bcf1d7aa45b01c32a1003e6670d58510bd79ba2fde5cb2b82cef2cc315648f4e9d96d848ba327949b8926253cbdef6888a8982108b6ac7a1108533dd3fe125002e2e286362d1055082a9d73ec5ac3080f2a501ff27250b62c8965f371cf92b32d6422d79f66261eb08a2f8fe50049e102c69ce703d116d0834208cc957d0f1376457a90245816d7642412897fdd2f982fdfbc3af65aa0446b00c767b79aec40e460887ea02188e3a0960eea39b144859467b881978378c9fd593259e0f63148179fe2c2f6d40987b63a6e384e63027f03d8039d707522942d5dc88fd842524d006290b6a65e9cc86cc5b401a60ec4aedfb3bf4d0447bb681810a16b9684b72c2f4593ef834a0203e78cd1d9dbc978e9ae8f3ab62c07f1e41d59470decee7b0cc41ac49e4b75a9ab6da65849f62ec217bb39ed161e7d337822d96badbd74d66451ea9a74bed591dc9631bf639dcf7846ee428a9fa55bfceedf3b1c23642f3b58dd0a7273664c6c49c9160a4b9c0200000010e305b94e2cb09ae1d4af9d365b5093851f229c8c30aef75d45ccdbab4b86d801a9ad3b27f26ba601d531c0743717aa7aae29d37f496fec7682c5a1abd321ad61941a2d23fcac6af1d1875e308c8d8c64a5152be47b59c09d293f46b857310a99f1885f0a49d432aa0d39a3e8fc885e75e66b63215133175a19267c8d0adf7d8f644e742ed5369d1405e99e63b78727f135e0243f24d9ce354a1562102ee8de4c191508343b86bf7e7519ddd770ce55e17e590561b2f437194c97ad46622a6ae3dd68d9993e6744954f4cd308bd6594fdccedc578e80aed274a65219697229059723ac37d535cca0e9c314e7941b4160bbd2ffba71f26ffe3228431bc81463078ad70583277ef18bce23ca2e5b9a00670956ea8e0e2c739c006106c8c9ee3f92ba728d8490742b74a9a18cbedfc4e69bb87e0da4c7dfb964374c28c837d4641fb99a19b233675f8526af395335e0185cf3934805442ac379980b687a7128e53284ba9e741b5fe9bc969bfbd55cbce76842915e076e2adf844338d16d3802c681bafdcc60465bd34dfc2d1c069ceee40060e0570fc1275ccabfe3f9be3e84ceedf72cd649c082232008e2b0c94594588c00e0fe911bbf1c12eb6c37ce05674a7597feecf27f5e051ffa824d9ff93638dfa9a84c77562aa2cf897f55a97b79c18544ad03480e1011b8f93e0ead9c2c6672448f585c5803ae99be777fbc662ef4450c1e936ed8b3c8047f00e72adc84561f417f8e5e1dde4967005d96a64fc75d9f486b3ebdb5904a0a56ec48542f0efce939f66fd69259e7376ad37e84434ea90f35b2d3bd63b5c36b267d8f2c7dc5a50b46e00ed086dff8b039e07b84c60611269d4f282ad04dc8e0b481eece2f8a614734be73617f0ad5be195446b09dca4cf1f32653dd3e188aece76f3014deb2ba61744835c0f735234b6a4637c948a7b4fd4203b286ca87d669e325d70277075b094f59eb1dff6c9c05c40d5e464c563df79486e1a32e6ed9bcf675aac7968b4e98dc4e210215b0d3b6a2525b2e3df11f3f1490eb39cbbffbe32e23659121fde8e4e346e0f595aaf3666a5f6f118c1a1128039502ac04c40b85eb4c54e6c95b8060000000000000055ccde9d54d5d833293f5df09224482179e5bcd8e227c9eaacb5793498be490de32baba49172a6e14c2cd4e6462ceb0a905a1d64804840ce62e350c6efac10a7fcb029f84af64e2256d45afd3b3f59379895740e0cd2fd24c63264f785bb6e3f40ec72ed67d1a7d87dd264743d9c951cb5aa8bc6f1d1bc9b23303d5aa7f8f6f961326757456057000cb2bacf78cc229002777e932c2640b8dfa793846ca49fa93996db95104a8808a1906b19df17e754b90582b6c49efb3ddce067dd9292291cfd2bb0323ce8098f29e4fce0de31cf5c7e2e2da5d0d0996a8be776de8fecfd3ce68e80d21f1701f6b90ac51278abbd727d19411e0ebe001b990b177b8db0c592b18a4b5e4a6221902362e5b20e6e6f2131a5a5e03c1150b179ef40c933c2fef1b79de738652ec4c32565f5cf751a11db177099c4e2e5bd7616cd0dd501d5bfccf5691de3cca590365328648baf8a9487a3c212193c9bb837594460967e823067a9465eba7001eaf609a810488ef5c147aaa5e9e8c75b585ac3582b6915e20b5aa2f79b7a94857122988c56dbce1ea52de1a56652e839bb853be3ee16052b33fb83ca54d8e4e19440a5e81492107043a66286f63ca87a1f7b8a4e9547a7eb6005419cfd28cb37e9e374f4d0143973286e87070754025c1a6fccfdc6858eaca8c35ecb19584ce7141cc79a5bc813469161b87a19fc21f3373d1f25b3427916dd1be2a589b70ea3b39fcc7801e13beaf19b76164faf3dc4ab8faa5648d24eddd6caceaa0d5ac9cad633c19a4a4d059ee823a49b7cf82c5777d376c111f58ea8fd473429907852301a2c856f27bd0c687ab5be0e2bbef64ddee1601375a4440e3f59d60f57caebfe457f82432523ec4a61cdbb7f1e91e4b05fda892df131c274b19929d26f7a5a6d3ca487983f729601ed9bb4bf5c1cc3d453d406e9534688dec6a2dd0b9db149365c125a95e129565e62cc91f7d960abe1055b730ae0994e7eb08392d5745d0e4f529c4defc3d3e43d0815b0cc63effa88d20c13b14e780c2f6c89a1ee5e4db45a5c272186cc3e51b13dab3add5f467e8ca0f4c45a1fc76db2f0cbf794102946aafcd8cd8a3e935a606b9721645c4d550ae0907f345593736506efc626498c974753d474a73626041d3a54f8fb50de2a6335611a3779da3a02daceb2256d9b102d4d30dd3cd389a04b1a7a6076879f36534bb3379debb46ed1fa2c40096c752017dd024345c58313b43070ff7bef94dc3cafbe6ec20d59e5ea3c196ba3b783bfa87384407efc664cd350c80ac397516018e35371956e414755cde304d2a228c1540ba6fd6a7402d11c666964f024da4c016eb556ba2c5fab86c60c12efb1496295d8f46d9d7c438b46998085735b2b7308e60f0383526e8e0fc55a287bbd3cb966a916f57958d8b6ef97aa0c4b47f7746bab6b99698c1c96b25c4e2e084147866fe0970b109dd26984adc0758eb6442712cc46dcd8ed3038b0595252eed1b8a46525862662d1e67eba66ac341f8d27853eed54854f488f079bd48df6ce7a4be8b1b61fd23a2dc4d3ade0992011539cc63f80fcfc75008c20cb639348cb218f8f476a6d56917f4ca07e67fc20ea2e9642eaf2182b397e279f5f6c70438fb8aa39cba788588c181461ea7efe1a0dd5b95eb26f7158b91012f7ce0ee1b4e79ce4da377bea4551738a0f491a84f19b3be9827b4469c299527aa9c20b8bf12f919976a0356bba720fb97800763c79bcbb10d89280f0f97cdd19aa0d54828b308195fac170613cf4b515e340a9ef2c97f618a9f50b30ae34ebeed9a38b4c6969680accc740b154ecb014fb5d543a59ccb98a7de2823a2dec39f331cb503eb74fef61262c6d4050bc723caee834eb28c64ce007f6027375e936b62387cf1778970e88b0574a0106d4c855be7425767c551b2fa644d9d8a59f787e7610581b768057d229673344571c3d6e3f10975b2859f568398b1f38f89524d9ad0c1588617c3883a1227b714c81cdf28da54f33968c1c50f28da01c308eb31d319b3e77f96bec001c9300000000000000009cc0062283ac112868592619db14d629c47bfb793a723dcd2f7b07ae4ec14ca3ef4b955ea5b2b153a279b080f6236d418075b86850974c8850efb306d5c304e726bf2643b4403e6d46b0e0395b02e93308b4b2c3e957308d497dc51c753344a7878f1f0c91295fd76e3d1cc9ef813161c6b92b7ea6068ceb97d8f45a4ce57af7d7632d699951f7fe3c71c3a32b014c74425c67e5030546b10cf7edcec2eca5ba31dc62c08f83f35bc2e36b93f15f071bc2537ebe9ca19f86dce4e84272e10323d0ceaa2cc47fe4f6ad101d454c761f9863e94af91199c5000000000000009314b84aa7efa4bdc18f7700c19511d48d6132450111d70401a8ac73565d5386ca12345e884d08b23f9c901000a95eb4167865e58c28b112f47c96beeaa6657c923e25e56529107c5c30e65bb485d5ed21b91332db4e09df7e59dcfa05c994570deb3f9b838e22ae4abbf9a9a8c319cc9112c8dba7c2278f78b9578b0254c46a4c04b8fa4fedad6bd275f70b1618971ef6503379bfb0a508c9944328af2c820091a89e3f75e68e7f980ddc9154d273f7f2ce7a6294aefe93136860786679b80e41f6636ff45efeacfb52e2ba2bd9bd9c9030079a46caca5c4b340c17d01ba8ecbc5c561b2038481a8321c009d12136a3ad5461881d998eeaac5236fdcd8f81fb5e53848bb096d9198fd0d38830d1809f2a632b31e2b67754140c907ed58aead048b2d8af9a1c407e48db815212cfdcca97222dabdfe01f311a73e1e82c3e189ec5add48d3f8190eb9e14b58e540f7f1388a7c687629eadb19fd8a133dc8177629270ecaabff79efb6c1f750d89b9e6c5f34c6238066f8e3e425e46a27b3c0d2e9e2ed3cffe2a6f39b8e0137ea5de689b94107fb4748a5feb3902f0feba64dae4c2e69bc8d86463575c6b0ef4a8a64fef41121e57a8c67eda07e9fc8f98299677de198ea0a649ef3c00591940b2c27ba1414aaa1633deb52e3a44cfa8d7a00d014317c026a7d7f42a34b97128e1bf9cda4d8315819ac73ed5061bf9b5631d07b09b85b78ff1b6eb86e9e8c4faa0f991cd6fa0b0eb71b39c20ca9bc7c156f3bd255a5b408df172396bafd7f0fb11c6eaf1eb0a06576d37bee00424bf699584b1dfed68f0d8d8a35f0427c783fe2d79b4373628971e87501a5e4bb05b5058d0b2132741f26e76065b6f4017d963c8ee5605c4c5b6eebb96fca0a41893cb6add3fb0d728abeb860f22cedbd36e464bdaf124a7041460f7af3d64b54e9ffd240b5afad9baf6e5dd8406bc1b205da5848f51fc9dd5197716e144e1b0386614bd3cfd5ddb80ada1e5ca74c8960093a553b1f6288aa7f53663cdd867f658e51b95772dc7a6fa45fa03e14988a33250e6c16fbf0351769080d64ddfbdbf77e1215563bf2e82ecc38a682846d7e2e2ac4e87d715f97f15e84c3df04aff"}}, 0xfcb)

863.109451ms ago: executing program 7 (id=11872):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
fcntl$notify(r0, 0x402, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x7}, 0x18)
getdents64(r0, 0x0, 0x0)

815.846615ms ago: executing program 7 (id=11875):
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[], 0xfdef)

772.332349ms ago: executing program 5 (id=11880):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10)
syz_clone(0x60000400, 0x0, 0x0, 0x0, 0x0, 0x0)

744.646971ms ago: executing program 7 (id=11881):
open(&(0x7f0000000180)='./file0\x00', 0x40c5, 0x24)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x4, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc2}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',msize=0x0000000000001000'])

644.188979ms ago: executing program 8 (id=11886):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="646f74732c646f74732c646f74732c636865636b3d72656c617865642c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030302c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c636865636b3d7374726963742c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c646f74732c646f74732c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c6e6f646f74732c646f74732c666d61736b3d30303030303030303030303030303030303030303030322c6e6f646f74732c646f74732c666c7573682c6e6f646f74732c636865636b3d6e6f726d616c2c0079c7cebee7a0df8765ffc536c4e752679b645307d1bf097e07b8e261bb27d1bb80ee490fc501e4f230ddf1483b11ac5c39a93cfc3ba360037c79a9be063a3bf5015e3d6a8cad0e98ccb29619c51c44ec612fc7ff44fa8cf7759eada764c43ba9d602a958bd209ace3df01c3dae04baa94aedc5515da8160ae0"], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000100)="8000102e", 0x3}], 0x1}}], 0x1, 0x4c0c0)
mount$nfs(&(0x7f0000000100)='.5.', 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40, 0x1ff)

610.413092ms ago: executing program 7 (id=11887):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x0, 0xad}, &(0x7f0000000440), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x2, &(0x7f0000000180), 0xfe)

585.876374ms ago: executing program 8 (id=11888):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r1)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="bbfb2bbd7000fddbdf25670000000800c400020000000800c3"], 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x0)

558.992706ms ago: executing program 5 (id=11889):
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="e17f6ee9ce2b89c26658d58a1812a6e2b440e038d0f4e99b86b78afed1aec06e8c7c7764839b00c11156eb679ba04c116dc7fa281c23624f922af64433331138fd2a6aa6aa6b453f2a62512baecfc39b1c36cf25ec31361b693b530b4772b6580b56cd4f20505c3e5fef6058", 0xfffffeac}], 0x6, &(0x7f0000000040), 0xfffffffffffffc9e, 0x20040005}, 0x20000001)
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000040), 0x4)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01')

555.541446ms ago: executing program 8 (id=11890):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

533.926938ms ago: executing program 5 (id=11892):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)

491.139801ms ago: executing program 1 (id=11893):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x5a6f5da4ed3dbaa5, 0x0)

490.503801ms ago: executing program 5 (id=11903):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x9}, 0x18)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f0000000c40)={{0x80}, 'port0\x00', 0x0, 0x100c40, 0x5, 0x6, 0x2, 0x40, 0x3, 0x0, 0x1, 0x5})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x1, 0x1b1878, 0x4, 0x2, 0x3e4, 0x0, 0x4, 0x0, 0x7, 0xff})

489.702122ms ago: executing program 8 (id=11904):
r0 = perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
syz_read_part_table(0x106f, &(0x7f0000000000)="$eJzsz6FNBkEQBeDZHf7cnTuLujbogJBgkSgEhCY4EkqgCiQWj8DRAooScEs2d7QAiO8Tm53Je2KCPzXVMSLLyUM+RsZdxDz09dqfw56pZ0vEy9t5fLV2qOXyOiN/+sfz61L2f3uPo9Mceq98ti1Sbq/G6IGpD+vHTb3P56hbIS+efvlcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiXvgMAAP//6XISlw==")
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xb, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000000)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x100000000000000, 0x2}})

427.577476ms ago: executing program 1 (id=11894):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)

427.204707ms ago: executing program 5 (id=11906):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x2a05004, 0x0)

399.028568ms ago: executing program 5 (id=11895):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000440)={@val, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x5865}}}}}}}, 0xfdef)

319.937375ms ago: executing program 1 (id=11896):
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[], 0xfdef)

319.455015ms ago: executing program 7 (id=11909):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x0, @rand_addr=0x64010100}, 0x2}}, 0x2e)

296.460067ms ago: executing program 8 (id=11897):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1188}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@access_uid}]}})

243.801071ms ago: executing program 1 (id=11898):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x47f6, 0x0, 0x4, 0x0, 0x0)

199.960265ms ago: executing program 8 (id=11899):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141142, 0x0)
pwrite64(r1, &(0x7f0000000300)="0e48", 0x2, 0x10000)

179.521336ms ago: executing program 1 (id=11900):
open(&(0x7f0000000180)='./file0\x00', 0x40c5, 0x24)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x4, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc2}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',msize=0x0000000000001000'])

0s ago: executing program 1 (id=11901):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10)
syz_clone(0x60000400, 0x0, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

riptor inconsistent: 0 vs 150994969 free clusters
[  274.951786][T26060] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28
[  274.964039][T26060] EXT4-fs (loop3): This should not happen!! Data will be lost
[  274.964039][T26060] 
[  274.973724][T26060] EXT4-fs (loop3): Total free blocks count 0
[  274.979741][T26060] EXT4-fs (loop3): Free/Dirty block details
[  274.985669][T26060] EXT4-fs (loop3): free_blocks=2415919504
[  274.991453][T26060] EXT4-fs (loop3): dirty_blocks=16
[  274.996611][T26060] EXT4-fs (loop3): Block reservation details
[  275.002595][T26060] EXT4-fs (loop3): i_reserved_data_blocks=1
[  275.040764][T26079] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10057'.
[  275.104152][T14112] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.391103][T26104] 9pnet_fd: Insufficient options for proto=fd
[  276.021980][T26160] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10094'.
[  276.563232][T26198] netlink: 8 bytes leftover after parsing attributes in process `syz.7.10111'.
[  276.614796][T26202] netlink: 8 bytes leftover after parsing attributes in process `syz.7.10113'.
[  276.941627][   T29] kauditd_printk_skb: 207 callbacks suppressed
[  276.941644][   T29] audit: type=1400 audit(2000000083.729:23652): avc:  denied  { create } for  pid=26212 comm="syz.6.10114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  277.028383][   T29] audit: type=1400 audit(2000000083.779:23653): avc:  denied  { write } for  pid=26212 comm="syz.6.10114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  277.049115][   T29] audit: type=1400 audit(2000000083.779:23654): avc:  denied  { nlmsg_write } for  pid=26212 comm="syz.6.10114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  277.130102][T26224] audit: audit_backlog=65 > audit_backlog_limit=64
[  277.136779][T26224] audit: audit_lost=10 audit_rate_limit=0 audit_backlog_limit=64
[  277.140991][   T29] audit: type=1326 audit(2000000083.859:23655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26217 comm="syz.0.10129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74a13cebe9 code=0x7ffc0000
[  277.144525][T26224] audit: backlog limit exceeded
[  277.168995][   T29] audit: type=1326 audit(2000000083.869:23656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26217 comm="syz.0.10129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f74a13cebe9 code=0x7ffc0000
[  277.196794][   T29] audit: type=1326 audit(2000000083.869:23657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26217 comm="syz.0.10129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74a13cebe9 code=0x7ffc0000
[  277.221455][   T29] audit: type=1326 audit(2000000083.869:23658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26217 comm="syz.0.10129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74a13cebe9 code=0x7ffc0000
[  277.278345][T26228] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10124'.
[  277.279911][T26224] vxcan1 speed is unknown, defaulting to 1000
[  277.453121][T26245] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10131'.
[  277.644030][T26273] loop6: detected capacity change from 0 to 512
[  277.664168][T26275] wireguard0: entered promiscuous mode
[  277.669691][T26275] wireguard0: entered allmulticast mode
[  277.718217][T26273] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  277.756811][T26273] EXT4-fs (loop6): mount failed
[  277.964377][T26302] loop7: detected capacity change from 0 to 128
[  277.991211][T26304] pim6reg1: entered promiscuous mode
[  277.996701][T26304] pim6reg1: entered allmulticast mode
[  278.042659][T26307] program syz.3.10158 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  278.219802][T26325] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10169'.
[  278.660262][   T51] bridge_slave_1: left allmulticast mode
[  278.666835][   T51] bridge_slave_1: left promiscuous mode
[  278.672879][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.680713][   T51] bridge_slave_0: left allmulticast mode
[  278.686544][   T51] bridge_slave_0: left promiscuous mode
[  278.692311][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.726391][   T51] team0: Port device bridge0 removed
[  278.760455][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.777297][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  278.786683][   T51] bond0 (unregistering): Released all slaves
[  278.796377][T23158] team0: Port device vlan4 removed
[  278.837452][   T51] tipc: Disabling bearer <udp:syz0>
[  278.842699][   T51] tipc: Left network mode
[  278.880083][   T51] hsr_slave_0: left promiscuous mode
[  278.886604][   T51] hsr_slave_1: left promiscuous mode
[  278.892302][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  278.900774][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  278.940084][   T51] team0 (unregistering): Port device team_slave_1 removed
[  278.949626][   T51] team0 (unregistering): Port device team_slave_0 removed
[  279.455347][T26372] vxcan1 speed is unknown, defaulting to 1000
[  279.534034][T26372] chnl_net:caif_netlink_parms(): no params data found
[  279.568333][T26372] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.575449][T26372] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.582748][T26372] bridge_slave_0: entered allmulticast mode
[  279.589261][T26372] bridge_slave_0: entered promiscuous mode
[  279.595796][T26372] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.602924][T26372] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.610219][T26372] bridge_slave_1: entered allmulticast mode
[  279.616793][T26372] bridge_slave_1: entered promiscuous mode
[  279.636905][T26372] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.649642][T26372] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.676184][T26372] team0: Port device team_slave_0 added
[  279.682182][   T51] bridge_slave_1: left allmulticast mode
[  279.687910][   T51] bridge_slave_1: left promiscuous mode
[  279.693600][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.702094][   T51] bridge_slave_0: left allmulticast mode
[  279.707784][   T51] bridge_slave_0: left promiscuous mode
[  279.713464][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.721925][   T51] bridge_slave_1: left allmulticast mode
[  279.727610][   T51] bridge_slave_1: left promiscuous mode
[  279.733315][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.740967][   T51] bridge_slave_0: left allmulticast mode
[  279.746685][   T51] bridge_slave_0: left promiscuous mode
[  279.752367][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.780354][   T51] team0: Port device bridge0 removed
[  279.870402][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  279.879883][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  279.891408][   T51] bond0 (unregistering): Released all slaves
[  279.948288][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  279.957616][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  279.966550][   T51] bond0 (unregistering): Released all slaves
[  279.982436][T26372] team0: Port device team_slave_1 added
[  279.998705][T26372] batman_adv: batadv0: Adding interface: batadv_slave_0
[  280.005752][T26372] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  280.031671][T26372] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  280.042958][T26372] batman_adv: batadv0: Adding interface: batadv_slave_1
[  280.049983][T26372] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  280.075959][T26372] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  280.118196][   T51] tipc: Disabling bearer <udp:syz0>
[  280.123543][   T51] tipc: Left network mode
[  280.128528][T26372] hsr_slave_0: entered promiscuous mode
[  280.134576][T26372] hsr_slave_1: entered promiscuous mode
[  280.148704][T26372] debugfs: 'hsr0' already exists in 'hsr'
[  280.154541][T26372] Cannot create hsr debugfs directory
[  280.290819][T26372] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  280.303205][T26388] vxcan1 speed is unknown, defaulting to 1000
[  280.319839][T26372] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  280.338284][T26372] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  280.347312][T26372] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  280.385978][T26390] vxcan1 speed is unknown, defaulting to 1000
[  280.478545][T26388] chnl_net:caif_netlink_parms(): no params data found
[  280.494485][T26410] vxcan1 speed is unknown, defaulting to 1000
[  280.519008][T26372] 8021q: adding VLAN 0 to HW filter on device bond0
[  280.562957][T26372] 8021q: adding VLAN 0 to HW filter on device team0
[  280.580633][   T51] hsr_slave_0: left promiscuous mode
[  280.586895][   T51] hsr_slave_1: left promiscuous mode
[  280.594298][   T51] hsr_slave_0: left promiscuous mode
[  280.600006][   T51] hsr_slave_1: left promiscuous mode
[  280.636286][   T51] team0 (unregistering): Port device team_slave_1 removed
[  280.645635][   T51] team0 (unregistering): Port device C removed
[  280.698473][   T51] team0 (unregistering): Port device team_slave_1 removed
[  280.707842][   T51] team0 (unregistering): Port device C removed
[  280.765619][  T416] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.772791][  T416] bridge0: port 1(bridge_slave_0) entered forwarding state
[  280.785732][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.792797][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  280.806334][T26388] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.813417][T26388] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.820714][T26388] bridge_slave_0: entered allmulticast mode
[  280.827283][T26388] bridge_slave_0: entered promiscuous mode
[  280.833952][T26388] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.841131][T26388] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.848319][T26388] bridge_slave_1: entered allmulticast mode
[  280.854656][T26388] bridge_slave_1: entered promiscuous mode
[  280.876208][T26388] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  280.886678][T26388] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  280.895897][T26390] chnl_net:caif_netlink_parms(): no params data found
[  280.925010][T26388] team0: Port device team_slave_0 added
[  280.941019][T26388] team0: Port device team_slave_1 added
[  280.961184][T26388] batman_adv: batadv0: Adding interface: batadv_slave_0
[  280.968355][T26388] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  280.994345][T26388] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  281.005851][T26388] batman_adv: batadv0: Adding interface: batadv_slave_1
[  281.012842][T26388] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.038841][T26388] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  281.070072][T26390] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.077313][T26390] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.084483][T26390] bridge_slave_0: entered allmulticast mode
[  281.090988][T26390] bridge_slave_0: entered promiscuous mode
[  281.099965][T26390] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.107044][T26390] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.114222][T26390] bridge_slave_1: entered allmulticast mode
[  281.120785][T26390] bridge_slave_1: entered promiscuous mode
[  281.149285][T26390] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  281.167625][T26388] hsr_slave_0: entered promiscuous mode
[  281.173716][T26388] hsr_slave_1: entered promiscuous mode
[  281.179661][T26388] debugfs: 'hsr0' already exists in 'hsr'
[  281.185469][T26388] Cannot create hsr debugfs directory
[  281.192740][T26390] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.223440][T26390] team0: Port device team_slave_0 added
[  281.231752][T26390] team0: Port device team_slave_1 added
[  281.258305][T26390] batman_adv: batadv0: Adding interface: batadv_slave_0
[  281.265319][T26390] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.291257][T26390] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  281.312084][T26390] batman_adv: batadv0: Adding interface: batadv_slave_1
[  281.319131][T26390] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.345168][T26390] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  281.378106][   T51] IPVS: stop unused estimator thread 0...
[  281.384172][T26410] chnl_net:caif_netlink_parms(): no params data found
[  281.424700][T26390] hsr_slave_0: entered promiscuous mode
[  281.431742][T26390] hsr_slave_1: entered promiscuous mode
[  281.437988][T26390] debugfs: 'hsr0' already exists in 'hsr'
[  281.443729][T26390] Cannot create hsr debugfs directory
[  281.513585][T26410] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.520787][T26410] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.528101][T26410] bridge_slave_0: entered allmulticast mode
[  281.534546][T26410] bridge_slave_0: entered promiscuous mode
[  281.541125][T26410] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.548277][T26410] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.555557][T26410] bridge_slave_1: entered allmulticast mode
[  281.561974][T26410] bridge_slave_1: entered promiscuous mode
[  281.590766][T26410] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  281.601410][T26410] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.619510][T26372] 8021q: adding VLAN 0 to HW filter on device batadv0
[  281.633306][T26410] team0: Port device team_slave_0 added
[  281.645981][T26410] team0: Port device team_slave_1 added
[  281.671926][T26410] batman_adv: batadv0: Adding interface: batadv_slave_0
[  281.679059][T26410] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.704984][T26410] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  281.716517][T26410] batman_adv: batadv0: Adding interface: batadv_slave_1
[  281.723497][T26410] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.749520][T26410] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  281.760403][T26388] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  281.774489][T26388] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  281.784470][T26388] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  281.805572][T26388] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  281.819566][T26410] hsr_slave_0: entered promiscuous mode
[  281.825878][T26410] hsr_slave_1: entered promiscuous mode
[  281.831652][T26410] debugfs: 'hsr0' already exists in 'hsr'
[  281.837415][T26410] Cannot create hsr debugfs directory
[  281.942105][T26372] veth0_vlan: entered promiscuous mode
[  281.951063][T26372] veth1_vlan: entered promiscuous mode
[  281.964762][T26388] 8021q: adding VLAN 0 to HW filter on device bond0
[  281.981281][T26372] veth0_macvtap: entered promiscuous mode
[  281.990542][T26388] 8021q: adding VLAN 0 to HW filter on device team0
[  282.000947][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.008063][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.018050][T26372] veth1_macvtap: entered promiscuous mode
[  282.025893][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.032952][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.053558][T26372] batman_adv: batadv0: Interface activated: batadv_slave_0
[  282.068636][T26390] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  282.079043][T26390] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  282.088295][T26390] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  282.097324][T26390] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  282.107201][T26372] batman_adv: batadv0: Interface activated: batadv_slave_1
[  282.126221][   T31] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  282.137748][   T37] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  282.150555][   T37] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  282.164415][   T37] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  282.203890][   T29] kauditd_printk_skb: 140 callbacks suppressed
[  282.203906][   T29] audit: type=1400 audit(2000000088.989:23798): avc:  denied  { mounton } for  pid=26372 comm="syz-executor" path="/root/syzkaller.kyPnrK/syz-tmp" dev="sda1" ino=2062 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  282.231002][T26388] 8021q: adding VLAN 0 to HW filter on device batadv0
[  282.242045][   T29] audit: type=1400 audit(2000000089.019:23799): avc:  denied  { mount } for  pid=26372 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  282.264418][   T29] audit: type=1400 audit(2000000089.019:23800): avc:  denied  { mounton } for  pid=26372 comm="syz-executor" path="/root/syzkaller.kyPnrK/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  282.272850][T26390] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.289954][   T29] audit: type=1400 audit(2000000089.019:23801): avc:  denied  { mount } for  pid=26372 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  282.318764][   T29] audit: type=1400 audit(2000000089.019:23802): avc:  denied  { mounton } for  pid=26372 comm="syz-executor" path="/root/syzkaller.kyPnrK/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  282.328037][T26390] 8021q: adding VLAN 0 to HW filter on device team0
[  282.345654][   T29] audit: type=1400 audit(2000000089.019:23803): avc:  denied  { mounton } for  pid=26372 comm="syz-executor" path="/root/syzkaller.kyPnrK/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=83209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  282.369929][T26390] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  282.380034][   T29] audit: type=1400 audit(2000000089.019:23804): avc:  denied  { unmount } for  pid=26372 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  282.390443][T26390] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  282.421645][   T29] audit: type=1400 audit(2000000089.219:23805): avc:  denied  { mounton } for  pid=26372 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  282.442639][  T416] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.444777][   T29] audit: type=1400 audit(2000000089.219:23806): avc:  denied  { mount } for  pid=26372 comm="syz-executor" name="/" dev="gadgetfs" ino=4436 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  282.451771][  T416] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.482319][   T29] audit: type=1400 audit(2000000089.229:23807): avc:  denied  { add_name } for  pid=26372 comm="syz-executor" name="syz9" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  282.487938][  T416] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.514261][  T416] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.597749][T26390] 8021q: adding VLAN 0 to HW filter on device batadv0
[  282.609516][T26410] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  282.621838][T26410] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  282.630695][T26410] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  282.639303][T26410] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  282.681260][T26388] veth0_vlan: entered promiscuous mode
[  282.694404][T26388] veth1_vlan: entered promiscuous mode
[  282.732627][T26388] veth0_macvtap: entered promiscuous mode
[  282.747095][T26508] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10185'.
[  282.750794][T26388] veth1_macvtap: entered promiscuous mode
[  282.795715][T26388] batman_adv: batadv0: Interface activated: batadv_slave_0
[  282.804828][T26511] loop7: detected capacity change from 0 to 512
[  282.809854][T26410] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.827274][T26390] veth0_vlan: entered promiscuous mode
[  282.827878][T26511] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.834199][T26388] batman_adv: batadv0: Interface activated: batadv_slave_1
[  282.856550][T26390] veth1_vlan: entered promiscuous mode
[  282.863271][T26511] ext4 filesystem being mounted at /921/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  282.868724][T26410] 8021q: adding VLAN 0 to HW filter on device team0
[  282.883116][T26511] EXT4-fs error (device loop7): ext4_readdir:264: inode #2: block 3: comm syz.7.10187: path /921/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  282.899693][T26410] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  282.914251][T26410] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  282.931393][T26511] EXT4-fs error (device loop7): ext4_readdir:264: inode #2: block 12: comm syz.7.10187: path /921/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  282.931609][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.954835][T26511] EXT4-fs error (device loop7): ext4_readdir:264: inode #2: block 13: comm syz.7.10187: path /921/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  282.959436][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.983159][T26511] EXT4-fs error (device loop7): ext4_readdir:264: inode #2: block 14: comm syz.7.10187: path /921/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  283.010620][T26511] EXT4-fs error (device loop7): ext4_readdir:264: inode #2: block 15: comm syz.7.10187: path /921/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  283.032177][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.039326][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  283.039494][T26511] EXT4-fs error (device loop7): ext4_readdir:264: inode #2: block 16: comm syz.7.10187: path /921/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  283.068137][T26511] EXT4-fs error (device loop7): ext4_readdir:264: inode #2: block 17: comm syz.7.10187: path /921/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  283.091976][   T12] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.095660][T26511] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #2: block 18: comm syz.7.10187: lblock 23 mapped to illegal pblock 18 (length 1)
[  283.121889][T26390] veth0_macvtap: entered promiscuous mode
[  283.133839][   T12] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.142948][   T12] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.152904][T15002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.170592][   T12] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.179838][T26390] veth1_macvtap: entered promiscuous mode
[  283.200450][T26390] batman_adv: batadv0: Interface activated: batadv_slave_0
[  283.218854][T26410] 8021q: adding VLAN 0 to HW filter on device batadv0
[  283.233745][T26390] batman_adv: batadv0: Interface activated: batadv_slave_1
[  283.271424][   T56] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.287597][   T56] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.311356][   T56] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.320696][   T56] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.342812][T26544] wireguard0: entered promiscuous mode
[  283.348348][T26544] wireguard0: entered allmulticast mode
[  283.362298][T26549] loop8: detected capacity change from 0 to 128
[  283.409560][T26410] veth0_vlan: entered promiscuous mode
[  283.436509][T26410] veth1_vlan: entered promiscuous mode
[  283.475837][T26410] veth0_macvtap: entered promiscuous mode
[  283.483419][T26410] veth1_macvtap: entered promiscuous mode
[  283.504443][T26410] batman_adv: batadv0: Interface activated: batadv_slave_0
[  283.506644][T26565] program syz.2.10206 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  283.518759][T26410] batman_adv: batadv0: Interface activated: batadv_slave_1
[  283.541237][   T51] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.567034][   T51] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.603685][   T51] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.619893][   T51] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.657281][T26574] loop7: detected capacity change from 0 to 512
[  283.710804][T26574] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  283.736470][T26574] EXT4-fs (loop7): mount failed
[  283.832788][T26594] loop7: detected capacity change from 0 to 512
[  283.842639][T26594] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  283.857287][T26597] netlink: 104 bytes leftover after parsing attributes in process `syz.8.10218'.
[  283.887463][T26594] EXT4-fs (loop7): 1 truncate cleaned up
[  283.893514][T26594] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.929663][T26595] vxcan1 speed is unknown, defaulting to 1000
[  283.964414][T15002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.064554][T26612] pim6reg1: entered promiscuous mode
[  284.069920][T26612] pim6reg1: entered allmulticast mode
[  284.116187][T26618] loop9: detected capacity change from 0 to 512
[  284.138271][T26618] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  284.176798][T26618] EXT4-fs (loop9): mount failed
[  284.230141][T26634] netlink: 'syz.8.10233': attribute type 1 has an invalid length.
[  284.700618][   T10] Process accounting resumed
[  285.181609][T26735] loop7: detected capacity change from 0 to 512
[  285.208660][T26735] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.221743][T26735] ext4 filesystem being mounted at /934/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.264447][T15002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.268224][T26743] program syz.8.10255 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  285.330078][T26753] 9pnet: p9_errstr2errno: server reported unknown error 00000000000000000000005
[  285.467502][T26772] loop3: detected capacity change from 0 to 512
[  285.474275][T26772] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  285.509561][T26778] loop8: detected capacity change from 0 to 512
[  285.533503][T26778] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  285.550278][T26782] loop7: detected capacity change from 0 to 2048
[  285.557283][T26778] EXT4-fs (loop8): mount failed
[  285.569680][T26782] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.604412][T26782] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  285.623605][T26782] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28
[  285.636044][T26782] EXT4-fs (loop7): This should not happen!! Data will be lost
[  285.636044][T26782] 
[  285.645755][T26782] EXT4-fs (loop7): Total free blocks count 0
[  285.651759][T26782] EXT4-fs (loop7): Free/Dirty block details
[  285.657792][T26782] EXT4-fs (loop7): free_blocks=2415919504
[  285.663579][T26782] EXT4-fs (loop7): dirty_blocks=16
[  285.668771][T26782] EXT4-fs (loop7): Block reservation details
[  285.674799][T26782] EXT4-fs (loop7): i_reserved_data_blocks=1
[  285.682238][T26795] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28
[  285.735628][T26799] IPv6: sit1: Disabled Multicast RS
[  285.741898][T26799] sit1: entered allmulticast mode
[  285.764569][T26803] netlink: 'syz.3.10281': attribute type 4 has an invalid length.
[  285.920291][T26822] netlink: 104 bytes leftover after parsing attributes in process `syz.3.10298'.
[  286.009709][T26833] loop9: detected capacity change from 0 to 512
[  286.028885][T26833] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  286.047022][T26833] EXT4-fs error (device loop9): ext4_get_branch:178: inode #11: block 4294967295: comm syz.9.10294: invalid block
[  286.070871][T26833] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #11: comm syz.9.10294: invalid indirect mapped block 4294967295 (level 1)
[  286.148892][T26833] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #11: comm syz.9.10294: invalid indirect mapped block 4294967295 (level 1)
[  286.173526][T26833] EXT4-fs (loop9): 2 truncates cleaned up
[  286.179724][T26833] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.212653][T26372] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.242214][T26856] loop9: detected capacity change from 0 to 2048
[  286.259831][T26856] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.282856][T26856] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  286.300026][T26856] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28
[  286.312475][T26856] EXT4-fs (loop9): This should not happen!! Data will be lost
[  286.312475][T26856] 
[  286.322226][T26856] EXT4-fs (loop9): Total free blocks count 0
[  286.328280][T26856] EXT4-fs (loop9): Free/Dirty block details
[  286.334274][T26856] EXT4-fs (loop9): free_blocks=2415919504
[  286.340036][T26856] EXT4-fs (loop9): dirty_blocks=16
[  286.345166][T26856] EXT4-fs (loop9): Block reservation details
[  286.351169][T26856] EXT4-fs (loop9): i_reserved_data_blocks=1
[  286.392837][ T5075] Process accounting resumed
[  286.399470][T26372] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.422413][T26863] loop9: detected capacity change from 0 to 512
[  286.429609][T26863] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  286.442470][T26863] EXT4-fs (loop9): 1 truncate cleaned up
[  286.464359][T26863] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.563312][T26372] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.631531][T26880] netlink: 'syz.7.10314': attribute type 1 has an invalid length.
[  286.797157][T26893] netlink: 'syz.9.10319': attribute type 4 has an invalid length.
[  286.891128][T26904] loop8: detected capacity change from 0 to 512
[  286.933201][T26904] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  286.954453][T26904] EXT4-fs (loop8): 1 truncate cleaned up
[  286.961024][T26904] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.001120][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.045487][T26918] loop8: detected capacity change from 0 to 512
[  287.068398][T26918] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.088636][T26918] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.102864][T26918] EXT4-fs error (device loop8): ext4_readdir:264: inode #2: block 3: comm syz.8.10331: path /35/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  287.124502][T26918] EXT4-fs error (device loop8): ext4_readdir:264: inode #2: block 12: comm syz.8.10331: path /35/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  287.164564][T26918] EXT4-fs error (device loop8): ext4_readdir:264: inode #2: block 13: comm syz.8.10331: path /35/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  287.219439][T26918] EXT4-fs error (device loop8): ext4_readdir:264: inode #2: block 14: comm syz.8.10331: path /35/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  287.241064][T26918] EXT4-fs error (device loop8): ext4_readdir:264: inode #2: block 15: comm syz.8.10331: path /35/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  287.270651][T26918] EXT4-fs error (device loop8): ext4_readdir:264: inode #2: block 16: comm syz.8.10331: path /35/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  287.270860][   T29] kauditd_printk_skb: 207 callbacks suppressed
[  287.270877][   T29] audit: type=1326 audit(2000000094.059:24012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26935 comm="syz.2.10337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09a8b9ebe9 code=0x7ffc0000
[  287.323824][T26938] loop3: detected capacity change from 0 to 512
[  287.337421][T26918] EXT4-fs error (device loop8): ext4_readdir:264: inode #2: block 17: comm syz.8.10331: path /35/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  287.342272][T26938] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  287.359481][   T29] audit: type=1326 audit(2000000094.129:24013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26935 comm="syz.2.10337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f09a8b9ebe9 code=0x7ffc0000
[  287.372730][T26938] EXT4-fs (loop3): 1 truncate cleaned up
[  287.391374][   T29] audit: type=1326 audit(2000000094.129:24014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26935 comm="syz.2.10337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09a8b9ebe9 code=0x7ffc0000
[  287.400321][T26938] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.424476][T26918] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #2: block 18: comm syz.8.10331: lblock 23 mapped to illegal pblock 18 (length 1)
[  287.470427][T26410] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.489391][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.507558][T26944] IPv6: sit1: Disabled Multicast RS
[  287.521502][T26944] sit1: entered allmulticast mode
[  287.543061][T26948] ªªªªªª: renamed from wg2 (while UP)
[  287.591199][   T29] audit: type=1400 audit(2000000094.379:24015): avc:  denied  { create } for  pid=26951 comm="syz.8.10347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  287.621393][   T29] audit: type=1400 audit(2000000094.409:24016): avc:  denied  { setopt } for  pid=26951 comm="syz.8.10347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  287.641152][   T29] audit: type=1400 audit(2000000094.409:24017): avc:  denied  { bind } for  pid=26951 comm="syz.8.10347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  287.661996][T26954] netlink: 'syz.2.10348': attribute type 13 has an invalid length.
[  287.689891][T26954] gretap0: refused to change device tx_queue_len
[  287.709460][T26954] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  287.728038][   T29] audit: type=1400 audit(2000000094.469:24018): avc:  denied  { name_bind } for  pid=26957 comm="syz.8.10350" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  287.729184][T26962] 9pnet: p9_errstr2errno: server reported unknown error 00000000000000000000005
[  287.761332][T26961] netlink: 28 bytes leftover after parsing attributes in process `syz.8.10352'.
[  287.771989][T26961] netlink: 28 bytes leftover after parsing attributes in process `syz.8.10352'.
[  287.808039][   T29] audit: type=1400 audit(2000000094.599:24019): avc:  denied  { append } for  pid=26965 comm="syz.3.10355" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  287.831310][   T29] audit: type=1400 audit(2000000094.599:24020): avc:  denied  { read } for  pid=26965 comm="syz.3.10355" name="usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  287.855096][   T29] audit: type=1400 audit(2000000094.599:24021): avc:  denied  { open } for  pid=26965 comm="syz.3.10355" path="/dev/usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  287.909973][T26969] vhci_hcd: invalid port number 23
[  287.969921][T26977] loop8: detected capacity change from 0 to 512
[  287.979211][T26977] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  288.022983][T26981] IPv6: sit1: Disabled Multicast RS
[  288.041119][T26981] sit1: entered allmulticast mode
[  288.214573][T27002] 9pnet: p9_errstr2errno: server reported unknown error 00000000000000000000005
[  288.414199][T27034] ªªªªªª: renamed from wg2 (while UP)
[  288.473419][T27043] 9pnet: p9_errstr2errno: server reported unknown error 00000000000000000000005
[  288.505179][T27048] loop9: detected capacity change from 0 to 736
[  288.511931][T27048] iso9660: Unknown parameter 'verification time 387 usec
[  288.511931][T27048] stack depth 0
[  288.511931][T27048] processed 2 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0
[  288.511931][T27048] '
[  289.753606][T27103] sctp: [Deprecated]: syz.3.10416 (pid 27103) Use of int in max_burst socket option.
[  289.753606][T27103] Use struct sctp_assoc_value instead
[  289.840964][T27112] netlink: 'syz.9.10420': attribute type 13 has an invalid length.
[  289.861543][T27112] gretap0: refused to change device tx_queue_len
[  289.875521][T27112] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  289.903638][T27120] atomic_op ffff88811af16928 conn xmit_atomic 0000000000000000
[  289.940903][T27122] syzkaller1: entered promiscuous mode
[  289.946580][T27122] syzkaller1: entered allmulticast mode
[  289.974550][T27124] netdevsim netdevsim9: Direct firmware load for ./file0/file1 failed with error -2
[  290.187217][T27160] netlink: 'syz.7.10447': attribute type 6 has an invalid length.
[  290.236203][T27166] atomic_op ffff88811af16928 conn xmit_atomic 0000000000000000
[  290.261987][T27169] netdevsim netdevsim7: Direct firmware load for ./file0/file1 failed with error -2
[  290.275250][T27173] netlink: 100 bytes leftover after parsing attributes in process `syz.9.10453'.
[  290.458480][T27192] netlink: 'syz.3.10463': attribute type 6 has an invalid length.
[  290.501122][T27197] netlink: 'syz.3.10464': attribute type 13 has an invalid length.
[  290.526284][T27197] gretap0: refused to change device tx_queue_len
[  290.547062][T27197] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  290.759464][T27218] netlink: 'syz.2.10475': attribute type 6 has an invalid length.
[  290.875458][T27233] loop9: detected capacity change from 0 to 256
[  291.054130][T27258] SELinux: failed to load policy
[  291.070265][T27260] loop9: detected capacity change from 0 to 2048
[  291.135777][T27260]  loop9: p1 < > p3
[  291.146061][T27260] loop9: p3 size 134217728 extends beyond EOD, truncated
[  291.162692][T27270] netlink: 100 bytes leftover after parsing attributes in process `syz.3.10499'.
[  291.231006][T27277] netlink: 'syz.9.10502': attribute type 6 has an invalid length.
[  291.415181][T27293] netlink: 24 bytes leftover after parsing attributes in process `syz.9.10511'.
[  291.516196][T27298] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10513'.
[  291.597525][T27302] loop3: detected capacity change from 0 to 2048
[  291.636102][T27302]  loop3: p1 < > p3
[  291.644865][T27302] loop3: p3 size 134217728 extends beyond EOD, truncated
[  291.685886][T27308] netdevsim netdevsim2: Direct firmware load for ./file0/file1 failed with error -2
[  291.864019][T27321] bond1: entered promiscuous mode
[  291.869129][T27321] bond1: entered allmulticast mode
[  291.883605][T27321] 8021q: adding VLAN 0 to HW filter on device bond1
[  291.915876][T27321] bond1 (unregistering): Released all slaves
[  291.922633][T27329] loop8: detected capacity change from 0 to 1024
[  291.933058][T27329] ext4: Unknown parameter 'init_i'
[  292.012976][T27337] loop3: detected capacity change from 0 to 512
[  292.054079][T27337] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  292.081503][T27337] EXT4-fs (loop3): mount failed
[  292.150866][T27346] netlink: 'syz.3.10533': attribute type 1 has an invalid length.
[  292.272598][T27352] loop3: detected capacity change from 0 to 512
[  292.296867][T27352] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  292.320437][T27352] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.10536: invalid block
[  292.369155][T27352] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.10536: invalid indirect mapped block 4294967295 (level 1)
[  292.388655][   T29] kauditd_printk_skb: 216 callbacks suppressed
[  292.388701][   T29] audit: type=1400 audit(2000000099.179:24237): avc:  denied  { unmount } for  pid=26388 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  292.396698][T27357] netlink: 16 bytes leftover after parsing attributes in process `syz.8.10538'.
[  292.440507][T27352] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.10536: invalid indirect mapped block 4294967295 (level 1)
[  292.486736][T27352] EXT4-fs (loop3): 2 truncates cleaned up
[  292.504735][T27352] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.592287][T26410] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.639528][T27373] loop3: detected capacity change from 0 to 256
[  292.690735][   T29] audit: type=1400 audit(2000000099.479:24238): avc:  denied  { read } for  pid=27376 comm="syz.9.10549" name="mISDNtimer" dev="devtmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  292.714251][   T29] audit: type=1400 audit(2000000099.479:24239): avc:  denied  { open } for  pid=27376 comm="syz.9.10549" path="/dev/mISDNtimer" dev="devtmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  292.754809][   T29] audit: type=1400 audit(2000000099.529:24240): avc:  denied  { ioctl } for  pid=27376 comm="syz.9.10549" path="/dev/mISDNtimer" dev="devtmpfs" ino=249 ioctlcmd=0x4940 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  292.808284][T27373] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[  292.816185][T27373] FAT-fs (loop3): Filesystem has been set read-only
[  292.846823][T27373] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[  292.927643][   T29] audit: type=1400 audit(2000000099.719:24241): avc:  denied  { write } for  pid=27386 comm="syz.8.10555" name="kcm" dev="proc" ino=4026533556 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  293.032144][   T29] audit: type=1400 audit(2000000099.819:24242): avc:  denied  { validate_trans } for  pid=27394 comm="syz.8.10558" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  293.098588][   T29] audit: type=1326 audit(2000000099.839:24243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27396 comm="syz.2.10559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09a8b9ebe9 code=0x7ffc0000
[  293.122396][   T29] audit: type=1326 audit(2000000099.839:24244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27396 comm="syz.2.10559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09a8b9ebe9 code=0x7ffc0000
[  293.146115][   T29] audit: type=1326 audit(2000000099.849:24245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27396 comm="syz.2.10559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09a8b9ebe9 code=0x7ffc0000
[  293.155531][T27404] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10563'.
[  293.169849][   T29] audit: type=1326 audit(2000000099.849:24246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27396 comm="syz.2.10559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09a8b9ebe9 code=0x7ffc0000
[  293.284446][T27415] netlink: 'syz.8.10567': attribute type 1 has an invalid length.
[  293.309918][T27413] vxcan1 speed is unknown, defaulting to 1000
[  293.351172][T27423] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  293.351172][T27423]    program syz.7.10571 not setting count and/or reply_len properly
[  293.396824][T27425] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10573'.
[  293.622725][T27448] loop3: detected capacity change from 0 to 1764
[  293.660303][T27457] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  293.660303][T27457]    program syz.3.10587 not setting count and/or reply_len properly
[  293.737667][T27469] loop7: detected capacity change from 0 to 256
[  293.779818][T27469] FAT-fs (loop7): error, corrupted file size (i_pos 196, 2097152)
[  293.787785][T27469] FAT-fs (loop7): Filesystem has been set read-only
[  293.805799][T27469] FAT-fs (loop7): error, corrupted file size (i_pos 196, 2097152)
[  293.845799][T27481] netlink: 180 bytes leftover after parsing attributes in process `syz.2.10597'.
[  293.870937][T27476] vxcan1 speed is unknown, defaulting to 1000
[  293.872541][T27481] netlink: 180 bytes leftover after parsing attributes in process `syz.2.10597'.
[  294.037601][T27503] loop7: detected capacity change from 0 to 512
[  294.132493][T27503] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  294.155132][T27503] EXT4-fs (loop7): mount failed
[  294.327655][T27539] bond1: entered promiscuous mode
[  294.332766][T27539] bond1: entered allmulticast mode
[  294.345815][T27546] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10627'.
[  294.355105][T27539] 8021q: adding VLAN 0 to HW filter on device bond1
[  294.372858][T27539] bond1 (unregistering): Released all slaves
[  294.429241][T27548] netlink: 36 bytes leftover after parsing attributes in process `syz.9.10630'.
[  294.472930][T27552] loop9: detected capacity change from 0 to 1024
[  294.486988][T27552] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.540342][T26372] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.605530][T27564] loop9: detected capacity change from 0 to 2048
[  294.655554][T27564]  loop9: p2 < > p3 < >
[  294.659872][T27564] loop9: partition table partially beyond EOD, truncated
[  294.669959][T27564] loop9: p2 start 4278190080 is beyond EOD, truncated
[  294.712660][T27577] bond1: entered promiscuous mode
[  294.717897][T27577] bond1: entered allmulticast mode
[  294.723265][T27577] 8021q: adding VLAN 0 to HW filter on device bond1
[  294.747276][T27577] bond1 (unregistering): Released all slaves
[  294.997931][T27608] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.10652'.
[  295.007717][T27607] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.10652'.
[  295.067798][T27612] loop8: detected capacity change from 0 to 2048
[  295.105404][T27612]  loop8: p2 < > p3 < >
[  295.109607][T27612] loop8: partition table partially beyond EOD, truncated
[  295.123568][T27612] loop8: p2 start 4278190080 is beyond EOD, truncated
[  295.241029][T27645] loop8: detected capacity change from 0 to 512
[  295.252199][T27645] journal_path: Non-blockdev passed as './bus'
[  295.258459][T27645] EXT4-fs: error: could not find journal device path
[  295.685034][T27709] loop8: detected capacity change from 0 to 512
[  295.700929][T27709] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  295.727505][T27709] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ee018, mo2=0002]
[  295.751147][T27709] System zones: 1-12
[  295.762051][T27709] EXT4-fs (loop8): 1 truncate cleaned up
[  295.778575][T27709] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.804480][T27709] EXT4-fs warning (device loop8): ext4_group_extend:1886: will only finish group (8193 blocks, 7937 new)
[  295.824997][T27709] EXT4-fs warning (device loop8): ext4_group_extend:1891: can't read last block, resize aborted
[  295.870463][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.982578][T27753] loop8: detected capacity change from 0 to 256
[  296.028783][T27753] FAT-fs (loop8): error, corrupted file size (i_pos 196, 2097152)
[  296.036704][T27753] FAT-fs (loop8): Filesystem has been set read-only
[  296.044214][T27753] FAT-fs (loop8): error, corrupted file size (i_pos 196, 2097152)
[  296.192256][T27771] pim6reg: entered allmulticast mode
[  296.203375][T27771] pim6reg: left allmulticast mode
[  296.342478][T27789] gretap0: entered promiscuous mode
[  296.711447][T27800] loop9: detected capacity change from 0 to 512
[  296.719527][T27800] journal_path: Non-blockdev passed as './bus'
[  296.725796][T27800] EXT4-fs: error: could not find journal device path
[  296.810864][T27813] ALSA: seq fatal error: cannot create timer (-22)
[  296.855015][T27817] loop9: detected capacity change from 0 to 1024
[  296.862740][T27817] EXT4-fs: Ignoring removed nobh option
[  296.868438][T27817] EXT4-fs: Ignoring removed bh option
[  296.874290][T27820] loop8: detected capacity change from 0 to 1024
[  296.888825][T27817] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.916355][T27820] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.933562][T26372] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.968820][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.018344][T27834] netlink: 16402 bytes leftover after parsing attributes in process `syz.9.10716'.
[  297.036909][T27829] netlink: 16402 bytes leftover after parsing attributes in process `syz.9.10716'.
[  297.341502][T27864] loop8: detected capacity change from 0 to 512
[  297.368732][T27864] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.383519][T27864] ext4 filesystem being mounted at /109/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  297.398861][   T29] kauditd_printk_skb: 199 callbacks suppressed
[  297.398876][   T29] audit: type=1400 audit(2000000616.188:24445): avc:  denied  { setattr } for  pid=27863 comm="syz.8.10727" name="/" dev="loop8" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  297.399120][T27864] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.10727: corrupted inode contents
[  297.429201][T27872] loop7: detected capacity change from 0 to 512
[  297.449426][T27864] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #2: comm syz.8.10727: mark_inode_dirty error
[  297.451037][T27875] netlink: 'syz.3.10732': attribute type 12 has an invalid length.
[  297.481804][T27864] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.10727: corrupted inode contents
[  297.486740][T27872] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.511101][T27872] ext4 filesystem being mounted at /1021/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  297.514180][T27876] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.10727: corrupted inode contents
[  297.535405][T27876] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #2: comm syz.8.10727: mark_inode_dirty error
[  297.547075][T27876] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.10727: corrupted inode contents
[  297.573427][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.649343][T15002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.682102][T27892] loop8: detected capacity change from 0 to 512
[  297.702012][T27892] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  297.711439][T27892] EXT4-fs (loop8): orphan cleanup on readonly fs
[  297.717993][T27892] Quota error (device loop8): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  297.729795][T27892] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  297.754577][T27892] EXT4-fs (loop8): Cannot turn on quotas: error -117
[  297.779795][T27892] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #16: comm syz.8.10744: casefold flag without casefold feature
[  297.814657][T27892] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.10744: couldn't read orphan inode 16 (err -117)
[  297.835435][T27892] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  297.877879][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.894818][   T29] audit: type=1326 audit(2000000616.678:24446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27903 comm="syz.3.10757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f769716ebe9 code=0x7ffc0000
[  297.918596][   T29] audit: type=1326 audit(2000000616.678:24447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27903 comm="syz.3.10757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f769716ebe9 code=0x7ffc0000
[  297.942293][   T29] audit: type=1326 audit(2000000616.678:24448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27903 comm="syz.3.10757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f769716ebe9 code=0x7ffc0000
[  297.974052][   T29] audit: type=1326 audit(2000000616.758:24449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27903 comm="syz.3.10757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f769716ebe9 code=0x7ffc0000
[  297.998560][   T29] audit: type=1326 audit(2000000616.758:24450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27903 comm="syz.3.10757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f769716ebe9 code=0x7ffc0000
[  298.022488][   T29] audit: type=1326 audit(2000000616.758:24451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27903 comm="syz.3.10757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f769716ebe9 code=0x7ffc0000
[  298.046169][   T29] audit: type=1326 audit(2000000616.758:24452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27903 comm="syz.3.10757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f769716ebe9 code=0x7ffc0000
[  298.069870][   T29] audit: type=1326 audit(2000000616.758:24453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27903 comm="syz.3.10757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f769716ebe9 code=0x7ffc0000
[  298.131708][T27910] loop7: detected capacity change from 0 to 512
[  298.143986][T27910] EXT4-fs: Ignoring removed nobh option
[  298.179393][T27912] 9pnet: Could not find request transport: t7“2õÓ<�Ïy•1<	Þ
[  298.200265][T27910] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.10748: corrupted inode contents
[  298.215993][T27910] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #3: comm syz.7.10748: mark_inode_dirty error
[  298.239253][T27927] random: crng reseeded on system resumption
[  298.257617][T27910] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.10748: corrupted inode contents
[  298.270935][T27910] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #3: comm syz.7.10748: mark_inode_dirty error
[  298.286498][T27910] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.10748: Failed to acquire dquot type 0
[  298.322510][T27910] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.10748: corrupted inode contents
[  298.351565][T27910] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #16: comm syz.7.10748: mark_inode_dirty error
[  298.368258][T27910] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.10748: corrupted inode contents
[  298.383122][T27947] loop3: detected capacity change from 0 to 512
[  298.391459][T27910] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #16: comm syz.7.10748: mark_inode_dirty error
[  298.415590][T27910] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.10748: corrupted inode contents
[  298.428679][T27910] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem
[  298.434544][T27957] netlink: 'syz.9.10767': attribute type 12 has an invalid length.
[  298.440877][T27947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  298.445200][T27957] __nla_validate_parse: 1 callbacks suppressed
[  298.445247][T27957] netlink: 248 bytes leftover after parsing attributes in process `syz.9.10767'.
[  298.466490][T27960] netlink: 56 bytes leftover after parsing attributes in process `syz.9.10769'.
[  298.482684][T27910] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.10748: corrupted inode contents
[  298.501158][T27910] EXT4-fs error (device loop7): ext4_truncate:4666: inode #16: comm syz.7.10748: mark_inode_dirty error
[  298.518600][T27947] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  298.527592][T27965] pimreg: entered allmulticast mode
[  298.534724][T27910] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem
[  298.545891][T27965] pimreg: left allmulticast mode
[  298.570440][T27910] EXT4-fs (loop7): 1 truncate cleaned up
[  298.581792][T27910] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  298.619129][T27910] ext4 filesystem being mounted at /1024/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  298.690479][T26410] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.707881][T15002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.768057][T27997] macvtap0: refused to change device tx_queue_len
[  298.870128][T28017] netlink: 64 bytes leftover after parsing attributes in process `syz.3.10786'.
[  298.887169][T28019] loop8: detected capacity change from 0 to 512
[  298.911903][T28019] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  298.932076][T28026] loop3: detected capacity change from 0 to 512
[  298.932193][T28019] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  298.938765][T28026] EXT4-fs: Ignoring removed nobh option
[  298.964220][T28030] pimreg: entered allmulticast mode
[  298.976417][T28026] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.10788: corrupted inode contents
[  298.995890][T28030] pimreg: left allmulticast mode
[  299.014413][T28026] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.10788: mark_inode_dirty error
[  299.028508][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.030747][T28026] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.10788: corrupted inode contents
[  299.049592][T28026] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.10788: mark_inode_dirty error
[  299.062953][T28026] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.10788: Failed to acquire dquot type 0
[  299.086855][T28026] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.10788: corrupted inode contents
[  299.126486][T28026] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.10788: mark_inode_dirty error
[  299.223509][T28026] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.10788: corrupted inode contents
[  299.242714][T28073] loop7: detected capacity change from 0 to 1024
[  299.259034][T28073] EXT4-fs: Ignoring removed orlov option
[  299.264746][T28073] EXT4-fs: Ignoring removed nomblk_io_submit option
[  299.266719][T28026] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.10788: mark_inode_dirty error
[  299.282894][T28026] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.10788: corrupted inode contents
[  299.295338][T28026] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  299.298200][T28073] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.304075][T28026] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.10788: corrupted inode contents
[  299.338020][T28026] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.10788: mark_inode_dirty error
[  299.351246][T28026] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  299.361379][T28026] EXT4-fs (loop3): 1 truncate cleaned up
[  299.367575][T28026] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.380177][T28026] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.401418][T15002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.426776][T26410] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.789439][T28089] pim6reg1: entered promiscuous mode
[  299.869940][T28100] 9pnet: Could not find request transport: t7“2õÓ<�Ïy•1<	Þ
[  299.971029][T28114] syz_tun: entered allmulticast mode
[  300.040878][T28128] netlink: 76 bytes leftover after parsing attributes in process `syz.8.10815'.
[  300.168971][T28141] pim6reg1: entered promiscuous mode
[  300.281530][T28151] netlink: 'syz.7.10822': attribute type 21 has an invalid length.
[  300.289628][T28151] netlink: 132 bytes leftover after parsing attributes in process `syz.7.10822'.
[  300.321293][T28154] loop9: detected capacity change from 0 to 512
[  300.358145][T28154] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  300.376509][T28154] EXT4-fs (loop9): orphan cleanup on readonly fs
[  300.391124][T28154] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  300.434857][T28154] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  300.442228][T28154] EXT4-fs error (device loop9): ext4_orphan_get:1392: inode #16: comm syz.9.10823: casefold flag without casefold feature
[  300.462811][T28154] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.10823: couldn't read orphan inode 16 (err -117)
[  300.488964][T28154] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  300.515435][T28167] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  300.523925][T28167] SELinux: failed to load policy
[  300.552989][T28169] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  300.559257][T26372] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.705923][T28190] netlink: 'syz.3.10840': attribute type 3 has an invalid length.
[  300.739680][T28194] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  300.752877][T28194] SELinux: failed to load policy
[  300.756674][T28184] vxcan1 speed is unknown, defaulting to 1000
[  300.785945][T28198] loop3: detected capacity change from 0 to 1024
[  300.801583][T28198] EXT4-fs: Ignoring removed orlov option
[  300.807391][T28198] EXT4-fs: Ignoring removed nomblk_io_submit option
[  300.848766][T28198] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.870953][T28200] pim6reg1: entered promiscuous mode
[  300.976006][T26410] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.105713][T28227] netlink: 'syz.9.10855': attribute type 3 has an invalid length.
[  301.188298][T26698] failed to send hello msg
[  301.192850][T26698] failed while handling packet from 1:-2
[  301.371993][T28266] loop7: detected capacity change from 0 to 512
[  301.389833][T28266] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  301.398010][T28266] EXT4-fs (loop7): orphan cleanup on readonly fs
[  301.406752][T28266] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  301.422880][T28266] EXT4-fs (loop7): Cannot turn on quotas: error -117
[  301.430806][T28266] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #16: comm syz.7.10873: casefold flag without casefold feature
[  301.468525][T28266] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.10873: couldn't read orphan inode 16 (err -117)
[  301.496492][T28266] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  301.523443][T28281] netlink: 'syz.2.10879': attribute type 21 has an invalid length.
[  301.539057][T28279] loop9: detected capacity change from 0 to 2048
[  301.557920][T28281] netlink: 132 bytes leftover after parsing attributes in process `syz.2.10879'.
[  301.581104][T15002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.606564][T28279]  loop9: p1 < > p4
[  301.615949][T28279] loop9: p4 size 8388608 extends beyond EOD, truncated
[  301.740514][T26696] failed to send hello msg
[  301.745020][T26696] failed while handling packet from 1:-2
[  301.846927][T28323] loop3: detected capacity change from 0 to 2048
[  301.900245][T28323]  loop3: p1 < > p4
[  301.904805][T28323] loop3: p4 size 8388608 extends beyond EOD, truncated
[  301.970396][T28336] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  302.049472][T26696] failed to send hello msg
[  302.053941][T26696] failed while handling packet from 1:-2
[  302.372297][T28393] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  302.517557][T28398] vxcan1 speed is unknown, defaulting to 1000
[  302.646252][T26696] failed to send hello msg
[  302.650760][T26696] failed while handling packet from 1:-2
[  302.794888][   T29] kauditd_printk_skb: 146 callbacks suppressed
[  302.794908][   T29] audit: type=1400 audit(2000000621.578:24594): avc:  denied  { read write } for  pid=28439 comm="syz.9.10925" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  302.835667][   T29] audit: type=1400 audit(2000000621.578:24595): avc:  denied  { open } for  pid=28439 comm="syz.9.10925" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  302.996727][   T29] audit: type=1404 audit(2000000621.668:24596): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  303.011970][   T29] audit: type=1400 audit(2000000621.678:24597): avc:  denied  { read write } for  pid=26410 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  303.036439][   T29] audit: type=1400 audit(2000000621.698:24598): avc:  denied  { read write } for  pid=26372 comm="syz-executor" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  303.060887][   T29] audit: type=1404 audit(2000000621.698:24599): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  303.075973][   T29] audit: type=1400 audit(2000000621.708:24600): avc:  denied  { prog_load } for  pid=28450 comm="syz.2.10928" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  303.095297][   T29] audit: type=1400 audit(2000000621.718:24601): avc:  denied  { bpf } for  pid=28450 comm="syz.2.10928" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  303.116216][   T29] audit: type=1400 audit(2000000621.718:24602): avc:  denied  { allowed } for  pid=28458 comm="syz.3.10929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  303.135920][   T29] audit: type=1400 audit(2000000621.718:24603): avc:  denied  { create } for  pid=28458 comm="syz.3.10929" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  303.294082][T28502] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10947'.
[  303.329255][T28506] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10949'.
[  303.338322][T28506] netlink: 'syz.2.10949': attribute type 2 has an invalid length.
[  303.498733][T28534] geneve2: entered promiscuous mode
[  303.504007][T28534] geneve2: entered allmulticast mode
[  303.590137][T28547] netlink: 16 bytes leftover after parsing attributes in process `syz.9.10968'.
[  303.815155][T28573] SELinux: failed to load policy
[  304.033519][T28606] netlink: '+}[@': attribute type 21 has an invalid length.
[  304.042360][T28606] netlink: 156 bytes leftover after parsing attributes in process `+}[@'.
[  304.147242][T28618] vxcan1 speed is unknown, defaulting to 1000
[  304.286419][T28630] loop9: detected capacity change from 0 to 128
[  304.310018][T28630] FAT-fs (loop9): error, invalid access to FAT (entry 0x0fff0000)
[  304.318113][T28630] FAT-fs (loop9): Filesystem has been set read-only
[  304.352771][T28630] FAT-fs (loop9): error, invalid access to FAT (entry 0x0fff0000)
[  304.406975][T28638] binfmt_misc: register: failed to install interpreter file ./file0
[  304.463886][T28648] loop9: detected capacity change from 0 to 512
[  304.482650][T28648] EXT4-fs (loop9): blocks per group (95) and clusters per group (32768) inconsistent
[  304.494801][T28653] netlink: 64 bytes leftover after parsing attributes in process `GPL'.
[  304.736608][T28697] loop7: detected capacity change from 0 to 512
[  304.759630][T28697] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  304.774893][T28697] EXT4-fs (loop7): mount failed
[  304.814055][T28711] geneve2: entered promiscuous mode
[  304.819515][T28711] geneve2: entered allmulticast mode
[  304.899474][T28720] openvswitch: netlink: Message has 6 unknown bytes.
[  305.186444][T28754] loop3: detected capacity change from 0 to 512
[  305.203181][T28754] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  305.222388][T28754] EXT4-fs (loop3): 1 truncate cleaned up
[  305.235192][T28750] SELinux: failed to load policy
[  305.237121][T28754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.521904][T28796] loop7: detected capacity change from 0 to 128
[  305.559374][T28796] FAT-fs (loop7): error, invalid access to FAT (entry 0x0fff0000)
[  305.567338][T28796] FAT-fs (loop7): Filesystem has been set read-only
[  305.586525][T28796] FAT-fs (loop7): error, invalid access to FAT (entry 0x0fff0000)
[  305.681720][T26410] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.786858][T28818] netlink: 116 bytes leftover after parsing attributes in process `syz.3.11058'.
[  305.924398][T28828] openvswitch: netlink: Message has 6 unknown bytes.
[  305.989817][T28830] loop7: detected capacity change from 0 to 512
[  306.025192][T28830] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  306.067168][T28830] EXT4-fs (loop7): 1 truncate cleaned up
[  306.078412][T28830] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  306.111132][T28835] netlink: 'syz.8.11066': attribute type 10 has an invalid length.
[  306.284995][T15002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.305999][T28848] geneve2: entered promiscuous mode
[  306.311241][T28848] geneve2: entered allmulticast mode
[  306.343275][T28855] openvswitch: netlink: Message has 6 unknown bytes.
[  306.469142][T28867] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  306.477862][T28867] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  306.657626][T28869] loop8: detected capacity change from 0 to 32768
[  306.779035][T28879] loop8: detected capacity change from 0 to 512
[  306.788570][T28879] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  306.802324][T28879] EXT4-fs (loop8): 1 truncate cleaned up
[  306.809704][T28879] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  306.833968][T28882] openvswitch: netlink: Message has 6 unknown bytes.
[  306.855738][T28888] geneve2: entered promiscuous mode
[  306.861024][T28888] geneve2: entered allmulticast mode
[  306.899264][T28890] hub 9-0:1.0: USB hub found
[  306.904193][T28890] hub 9-0:1.0: 8 ports detected
[  306.962560][T28896] netlink: 'syz.3.11094': attribute type 10 has an invalid length.
[  306.965851][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.008414][T28902] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11096'.
[  307.031763][T28905] SELinux:  policydb table sizes (0,16) do not match mine (8,7)
[  307.039830][T28905] SELinux: failed to load policy
[  307.069106][T28911] loop3: detected capacity change from 0 to 128
[  307.089401][T28911] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fff0000)
[  307.097397][T28911] FAT-fs (loop3): Filesystem has been set read-only
[  307.100199][T28911] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fff0000)
[  307.151768][T28921] loop9: detected capacity change from 0 to 1024
[  307.178868][T28921] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  307.191686][T28921] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.208447][T28921] EXT4-fs error (device loop9): ext4_map_blocks:814: inode #15: comm syz.9.11107: lblock 0 mapped to illegal pblock 0 (length 1)
[  307.222681][T28921] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  307.235071][T28921] EXT4-fs (loop9): This should not happen!! Data will be lost
[  307.235071][T28921] 
[  307.273962][T26372] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  307.351954][T28937] hub 6-0:1.0: USB hub found
[  307.361282][T28937] hub 6-0:1.0: 8 ports detected
[  307.367531][T28947] loop8: detected capacity change from 0 to 128
[  307.406629][T28947] FAT-fs (loop8): error, invalid access to FAT (entry 0x0fff0000)
[  307.414755][T28947] FAT-fs (loop8): Filesystem has been set read-only
[  307.423278][T28947] FAT-fs (loop8): error, invalid access to FAT (entry 0x0fff0000)
[  307.490833][T28968] geneve2: entered promiscuous mode
[  307.496210][T28968] geneve2: entered allmulticast mode
[  308.273748][   T29] kauditd_printk_skb: 397 callbacks suppressed
[  308.273766][   T29] audit: type=1326 audit(2000000627.058:25000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28961 comm="syz.7.11124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e880aebe9 code=0x7fc00000
[  308.557962][T28995] loop9: detected capacity change from 0 to 512
[  308.564767][   T29] audit: type=1400 audit(2000000627.348:25001): avc:  denied  { create } for  pid=28988 comm="syz.2.11137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  308.578143][T28995] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  308.613692][T28995] EXT4-fs (loop9): 1 truncate cleaned up
[  308.614213][   T29] audit: type=1400 audit(2000000627.358:25002): avc:  denied  { read write } for  pid=28989 comm="syz.7.11136" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  308.620663][T28995] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  308.644565][   T29] audit: type=1400 audit(2000000627.358:25003): avc:  denied  { open } for  pid=28989 comm="syz.7.11136" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  308.681477][   T29] audit: type=1400 audit(2000000627.358:25004): avc:  denied  { execmem } for  pid=28989 comm="syz.7.11136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  308.701091][   T29] audit: type=1400 audit(2000000627.388:25005): avc:  denied  { mounton } for  pid=28988 comm="syz.2.11137" path="/210/file0" dev="tmpfs" ino=1091 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  308.825448][T26372] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.409705][   T29] audit: type=1400 audit(2000000628.198:25006): avc:  denied  { create } for  pid=28999 comm="syz.7.11140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  309.454883][   T29] audit: type=1400 audit(2000000628.228:25007): avc:  denied  { write } for  pid=28999 comm="syz.7.11140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  309.487762][T29008] loop9: detected capacity change from 0 to 512
[  309.498501][   T29] audit: type=1400 audit(2000000628.288:25008): avc:  denied  { egress } for  pid=15 comm="rcu_preempt" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  309.522340][   T29] audit: type=1400 audit(2000000628.288:25009): avc:  denied  { sendto } for  pid=15 comm="rcu_preempt" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  309.528082][T29006] geneve2: entered promiscuous mode
[  309.551080][T29006] geneve2: entered allmulticast mode
[  309.563321][T29008] EXT4-fs error (device loop9): ext4_orphan_get:1392: inode #15: comm syz.9.11151: iget: bad i_size value: 38620345925642
[  309.581054][T29008] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.11151: couldn't read orphan inode 15 (err -117)
[  309.593868][T29008] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.637147][T26673] EXT4-fs error (device loop9): ext4_validate_block_bitmap:432: comm kworker/u8:34: bg 0: block 5: invalid block bitmap
[  309.681632][T26673] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  309.694002][T26673] EXT4-fs (loop9): This should not happen!! Data will be lost
[  309.694002][T26673] 
[  309.703710][T26673] EXT4-fs (loop9): Total free blocks count 0
[  309.709810][T26673] EXT4-fs (loop9): Free/Dirty block details
[  309.715760][T26673] EXT4-fs (loop9): free_blocks=0
[  309.720701][T26673] EXT4-fs (loop9): dirty_blocks=1
[  309.725773][T26673] EXT4-fs (loop9): Block reservation details
[  309.731763][T26673] EXT4-fs (loop9): i_reserved_data_blocks=1
[  309.784219][T26372] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.841460][T29041] netlink: 96 bytes leftover after parsing attributes in process `syz.8.11153'.
[  309.850731][T29044] netlink: 'syz.9.11150': attribute type 10 has an invalid length.
[  310.008487][T29056] loop9: detected capacity change from 0 to 2048
[  310.020471][T29056] EXT4-fs: Ignoring removed nomblk_io_submit option
[  310.047336][T29056] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.082902][T29056] EXT4-fs error (device loop9): ext4_find_dest_de:2052: inode #12: block 5: comm syz.9.11156: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=7952, size=56 fake=0
[  310.114860][T29069] netlink: 20 bytes leftover after parsing attributes in process `syz.8.11158'.
[  310.127392][T29056] EXT4-fs (loop9): Remounting filesystem read-only
[  310.158022][T26372] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.394674][T29116] loop8: detected capacity change from 0 to 2048
[  310.421001][T29116] EXT4-fs: Ignoring removed mblk_io_submit option
[  310.474750][T29116] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.503176][T29130] sch_tbf: burst 0 is lower than device veth1 mtu (1514) !
[  310.515155][T29115] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.11167: bg 0: block 234: padding at end of block bitmap is not set
[  310.537450][T29115] EXT4-fs (loop8): Remounting filesystem read-only
[  310.547537][T29115] EXT4-fs (loop8): error restoring inline_data for inode -- potential data loss! (inode 18, error -30)
[  310.599171][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.663655][T29151] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=29151 comm=syz.2.11183
[  310.676362][T29151] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=29151 comm=syz.2.11183
[  310.693106][T29157] loop7: detected capacity change from 0 to 128
[  310.893500][T29192] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=29192 comm=syz.7.11199
[  310.906337][T29192] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=29192 comm=syz.7.11199
[  310.923378][T29194] loop3: detected capacity change from 0 to 2048
[  310.943656][T29194] EXT4-fs: Ignoring removed nomblk_io_submit option
[  310.989243][T29194] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.050825][T29194] EXT4-fs error (device loop3): ext4_find_dest_de:2052: inode #12: block 5: comm syz.3.11202: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=7952, size=56 fake=0
[  311.088930][T29194] EXT4-fs (loop3): Remounting filesystem read-only
[  311.123772][T29224] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=29224 comm=syz.9.11217
[  311.136551][T29224] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=29224 comm=syz.9.11217
[  311.174400][T29232] IPv6: Can't replace route, no match found
[  311.183703][T26410] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.343261][T29250] loop7: detected capacity change from 0 to 128
[  311.402472][T29254] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=29254 comm=syz.8.11230
[  311.415447][T29254] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=29254 comm=syz.8.11230
[  311.428874][T29250] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  311.447105][T29250] ext4 filesystem being mounted at /1105/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  311.499121][T15002] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  311.514482][T29261] loop8: detected capacity change from 0 to 2048
[  311.524515][T29261] EXT4-fs: Ignoring removed nomblk_io_submit option
[  311.538750][T29261] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.574777][T29261] EXT4-fs error (device loop8): ext4_find_dest_de:2052: inode #12: block 5: comm syz.8.11232: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=7952, size=56 fake=0
[  311.602602][T29261] EXT4-fs (loop8): Remounting filesystem read-only
[  311.624590][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.753621][T29298] loop7: detected capacity change from 0 to 128
[  311.769577][T29298] syz.7.11250: attempt to access beyond end of device
[  311.769577][T29298] loop7: rw=2049, sector=138, nr_sectors = 2 limit=128
[  311.787073][T29302] loop9: detected capacity change from 0 to 512
[  311.796974][T29302] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.809701][T29302] ext4 filesystem being mounted at /224/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  311.873228][T26372] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.889816][T29312] syzkaller1: entered promiscuous mode
[  311.895512][T29312] syzkaller1: entered allmulticast mode
[  311.972381][T29323] netlink: 48 bytes leftover after parsing attributes in process `syz.3.11261'.
[  312.174010][T29359] loop9: detected capacity change from 0 to 512
[  312.225859][T29359] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.241752][T29359] ext4 filesystem being mounted at /228/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  312.315595][T26372] EXT4-fs error (device loop9): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[  312.329592][T26372] EXT4-fs error (device loop9): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[  312.350431][T29377] loop8: detected capacity change from 0 to 2048
[  312.358789][T29379] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11289'.
[  312.367812][T29379] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11289'.
[  312.390291][T29158] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.407263][T29377] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.503703][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.540335][T29390] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11294'.
[  312.566877][T29390] netlink: 48 bytes leftover after parsing attributes in process `syz.2.11294'.
[  312.621106][   T37] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.708297][   T37] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.754595][T29412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11303'.
[  312.763733][T29412] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11303'.
[  312.779414][   T37] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.828883][   T37] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.910917][T29405] vxcan1 speed is unknown, defaulting to 1000
[  312.921255][   T37] bridge_slave_1: left allmulticast mode
[  312.926973][   T37] bridge_slave_1: left promiscuous mode
[  312.932766][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.951373][   T37] bridge_slave_0: left allmulticast mode
[  312.957269][   T37] bridge_slave_0: left promiscuous mode
[  312.963135][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.016356][T29442] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11315'.
[  313.046275][T29440] loop3: detected capacity change from 0 to 8192
[  313.075216][T29440]  loop3: p1 p2 p3 p4
[  313.079359][T29440] loop3: p1 size 3523149824 extends beyond EOD, truncated
[  313.091750][T29440] loop3: p2 start 4293394688 is beyond EOD, truncated
[  313.098682][T29440] loop3: p3 start 150994944 is beyond EOD, truncated
[  313.105424][T29440] loop3: p4 size 50331648 extends beyond EOD, truncated
[  313.112990][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  313.123245][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  313.134527][   T37] bond0 (unregistering): Released all slaves
[  313.186320][T29450] netlink: 'syz.3.11318': attribute type 21 has an invalid length.
[  313.284872][   T29] kauditd_printk_skb: 272 callbacks suppressed
[  313.284891][   T29] audit: type=1400 audit(2000000632.068:25282): avc:  denied  { read } for  pid=29459 comm="syz.2.11322" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  313.314871][   T29] audit: type=1400 audit(2000000632.068:25283): avc:  denied  { open } for  pid=29459 comm="syz.2.11322" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  313.329645][T29405] chnl_net:caif_netlink_parms(): no params data found
[  313.339263][   T29] audit: type=1400 audit(2000000632.078:25284): avc:  denied  { ioctl } for  pid=29459 comm="syz.2.11322" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  313.379351][   T37] hsr_slave_0: left promiscuous mode
[  313.387740][   T37] hsr_slave_1: left promiscuous mode
[  313.394690][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  313.402147][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[  313.411627][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  313.419070][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.438788][   T37] veth1_vlan: left promiscuous mode
[  313.448573][   T37] veth0_vlan: left promiscuous mode
[  313.486235][   T29] audit: type=1326 audit(2000000632.268:25285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29398 comm="syz.8.11300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd30a28ebe9 code=0x7fc00000
[  313.532852][   T29] audit: type=1400 audit(2000000632.318:25286): avc:  denied  { read } for  pid=29469 comm="syz.3.11327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  313.577600][   T37] team0 (unregistering): Port device team_slave_1 removed
[  313.595001][   T29] audit: type=1400 audit(2000000632.378:25287): avc:  denied  { write } for  pid=29469 comm="syz.3.11327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  313.624686][T29474] loop7: detected capacity change from 0 to 8192
[  313.635045][   T29] audit: type=1400 audit(2000000632.428:25288): avc:  denied  { mount } for  pid=29473 comm="syz.7.11329" name="/" dev="loop7" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  313.660419][   T37] team0 (unregistering): Port device team_slave_0 removed
[  313.668780][   T29] audit: type=1400 audit(2000000632.458:25289): avc:  denied  { execute } for  pid=29475 comm="syz.2.11330" name="file0" dev="tmpfs" ino=1285 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  313.763653][   T29] audit: type=1400 audit(2000000632.548:25290): avc:  denied  { create } for  pid=29481 comm="syz.2.11332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  313.783492][   T29] audit: type=1400 audit(2000000632.548:25291): avc:  denied  { getopt } for  pid=29481 comm="syz.2.11332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  313.806838][T29472] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  313.915578][T29405] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.922906][T29405] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.934725][T29405] bridge_slave_0: entered allmulticast mode
[  313.949088][T29405] bridge_slave_0: entered promiscuous mode
[  313.958465][T29405] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.965631][T29405] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.974116][T29405] bridge_slave_1: entered allmulticast mode
[  313.982947][T29405] bridge_slave_1: entered promiscuous mode
[  314.004411][T29405] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  314.015288][T29405] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  314.042572][T29405] team0: Port device team_slave_0 added
[  314.051312][T29405] team0: Port device team_slave_1 added
[  314.071914][T29405] batman_adv: batadv0: Adding interface: batadv_slave_0
[  314.078958][T29405] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.105135][T29405] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  314.116435][T29405] batman_adv: batadv0: Adding interface: batadv_slave_1
[  314.123451][T29405] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.149561][T29405] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  314.197271][T29405] hsr_slave_0: entered promiscuous mode
[  314.204469][T29405] hsr_slave_1: entered promiscuous mode
[  314.219399][T29405] debugfs: 'hsr0' already exists in 'hsr'
[  314.225283][T29405] Cannot create hsr debugfs directory
[  314.234069][T29513] netlink: 'syz.2.11345': attribute type 21 has an invalid length.
[  314.284885][T29516] SELinux:  Context Ž is not valid (left unmapped).
[  314.502429][T29537] loop8: detected capacity change from 0 to 8192
[  314.624750][T29405] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  314.634426][T29405] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  314.643656][T29405] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  314.669651][T29405] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  314.714529][T29405] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.721658][T29405] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.729015][T29405] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.736217][T29405] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.809875][T29405] 8021q: adding VLAN 0 to HW filter on device bond0
[  314.851590][T26696] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.862982][T29591] vhci_hcd: invalid port number 254
[  314.868741][T26696] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.895507][T29405] 8021q: adding VLAN 0 to HW filter on device team0
[  314.917107][T26696] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.924237][T26696] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.947605][T26696] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.954816][T26696] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.017444][T29611] tipc: Started in network mode
[  315.022398][T29611] tipc: Node identity ac14140f, cluster identity 4711
[  315.037778][T29611] tipc: New replicast peer: 255.255.255.255
[  315.043802][T29611] tipc: Enabled bearer <udp:s>, priority 10
[  315.060076][T26390] syz_tun (unregistering): left allmulticast mode
[  315.130063][T29405] 8021q: adding VLAN 0 to HW filter on device batadv0
[  315.243387][T29643] 9pnet: p9_errstr2errno: server reported unknown error 
[  315.363792][T29405] veth0_vlan: entered promiscuous mode
[  315.395477][T29405] veth1_vlan: entered promiscuous mode
[  315.427037][T29405] veth0_macvtap: entered promiscuous mode
[  315.441540][T29405] veth1_macvtap: entered promiscuous mode
[  315.458412][T29405] batman_adv: batadv0: Interface activated: batadv_slave_0
[  315.474226][T29405] batman_adv: batadv0: Interface activated: batadv_slave_1
[  315.482585][T29647] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  315.493915][T26685] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.517827][T29647] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  315.528203][T26685] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.546226][T26685] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.567093][   T37] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  315.614495][T29693] __nla_validate_parse: 7 callbacks suppressed
[  315.614510][T29693] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11415'.
[  315.621331][T29664] vxcan1 speed is unknown, defaulting to 1000
[  315.744443][T29664] chnl_net:caif_netlink_parms(): no params data found
[  315.812772][T29664] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.819954][T29664] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.843381][T29664] bridge_slave_0: entered allmulticast mode
[  315.850660][T29664] bridge_slave_0: entered promiscuous mode
[  315.857769][T29664] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.864877][T29664] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.872209][T29664] bridge_slave_1: entered allmulticast mode
[  315.878770][T29664] bridge_slave_1: entered promiscuous mode
[  315.906903][T29664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  315.917331][T29664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  315.941265][T29664] team0: Port device team_slave_0 added
[  315.948436][T29664] team0: Port device team_slave_1 added
[  315.977802][T29664] batman_adv: batadv0: Adding interface: batadv_slave_0
[  315.984812][T29664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.010790][T29664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  316.059701][T29664] batman_adv: batadv0: Adding interface: batadv_slave_1
[  316.066852][T29664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.092912][T29664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  316.134275][T29664] hsr_slave_0: entered promiscuous mode
[  316.142054][T29664] hsr_slave_1: entered promiscuous mode
[  316.150803][T29664] debugfs: 'hsr0' already exists in 'hsr'
[  316.156598][T29664] Cannot create hsr debugfs directory
[  316.165144][T24588] tipc: Node number set to 2886997007
[  316.287532][T29757] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  316.294518][T24588] IPVS: starting estimator thread 0...
[  316.395091][T29763] IPVS: using max 1968 ests per chain, 98400 per kthread
[  316.415150][T29771] loop8: detected capacity change from 0 to 512
[  316.452051][T29771] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.468655][T29771] ext4 filesystem being mounted at /259/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  316.508001][T26388] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.530591][T29664] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  316.544743][T29664] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  316.561873][T29664] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  316.577209][T29664] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  316.645486][T29664] 8021q: adding VLAN 0 to HW filter on device bond0
[  316.671202][T29664] 8021q: adding VLAN 0 to HW filter on device team0
[  316.686496][T26655] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.693702][T26655] bridge0: port 1(bridge_slave_0) entered forwarding state
[  316.712280][T26685] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.719468][T26685] bridge0: port 2(bridge_slave_1) entered forwarding state
[  316.797699][T29798] vxcan1 speed is unknown, defaulting to 1000
[  316.824276][T29664] 8021q: adding VLAN 0 to HW filter on device batadv0
[  316.980523][T29664] veth0_vlan: entered promiscuous mode
[  316.990843][T29664] veth1_vlan: entered promiscuous mode
[  317.024912][T29831] loop5: detected capacity change from 0 to 256
[  317.051275][T29664] veth0_macvtap: entered promiscuous mode
[  317.088941][T29664] veth1_macvtap: entered promiscuous mode
[  317.112178][T29664] batman_adv: batadv0: Interface activated: batadv_slave_0
[  317.128144][T29664] batman_adv: batadv0: Interface activated: batadv_slave_1
[  317.150499][T26655] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.188879][T26655] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.208915][T26655] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.228116][T26655] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.288745][T29859] netlink: 'syz.1.11480': attribute type 10 has an invalid length.
[  317.299138][T29859] ipvlan0: entered allmulticast mode
[  317.304476][T29859] veth0_vlan: entered allmulticast mode
[  317.312823][T29859] team0: Device ipvlan0 failed to register rx_handler
[  317.339434][T29860] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11479'.
[  317.348476][T29860] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11479'.
[  317.358344][T29856] loop3: detected capacity change from 0 to 8192
[  317.372224][T29856] random: crng reseeded on system resumption
[  317.501772][T29880] SELinux:  policydb version 0 does not match my version range 15-35
[  317.520705][T29880] SELinux: failed to load policy
[  317.542385][T29887] netlink: 'syz.7.11493': attribute type 4 has an invalid length.
[  317.886194][T29943] loop7: detected capacity change from 0 to 512
[  317.900075][T29943] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  317.909212][T29943] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  317.922826][T29943] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  317.933756][T29943] System zones: 0-2, 18-18, 34-35
[  317.941056][T29943] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  317.957448][T29943] EXT4-fs (loop7): warning: mounting unchecked fs, running e2fsck is recommended
[  317.968129][T29943] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  317.978296][T29943] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  317.992022][T29953] 9pnet_fd: Insufficient options for proto=fd
[  317.999538][T15002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.121337][T29974] sd 0:0:1:0: device reset
[  318.131134][T29975] loop5: detected capacity change from 0 to 1024
[  318.149437][T29975] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  318.161291][T29975] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.11535: Invalid block bitmap block 0 in block_group 0
[  318.175763][T29975] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.11535: Failed to acquire dquot type 0
[  318.197499][T29975] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.11535: Freeing blocks not in datazone - block = 0, count = 4096
[  318.213575][T29975] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.11535: Invalid inode bitmap blk 0 in block_group 0
[  318.229907][T29986] rdma_op ffff888103c1c180 conn xmit_rdma 0000000000000000
[  318.237470][T26696] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:56: Failed to release dquot type 0
[  318.237582][T29975] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  318.271903][T29975] EXT4-fs (loop5): 1 orphan inode deleted
[  318.278158][T29975] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.296919][   T29] kauditd_printk_skb: 232 callbacks suppressed
[  318.296934][   T29] audit: type=1400 audit(2000000637.088:25521): avc:  denied  { setattr } for  pid=29972 comm="syz.5.11535" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  318.357498][T29405] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.366855][T26655] Quota error (device loop5): do_check_range: Getting block 0 out of range 1-7
[  318.375986][T26655] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:16: Failed to release dquot type 0
[  318.394344][   T29] audit: type=1400 audit(2000000637.178:25522): avc:  denied  { read write } for  pid=29993 comm="syz.7.11544" name="uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  318.418176][   T29] audit: type=1400 audit(2000000637.178:25523): avc:  denied  { open } for  pid=29993 comm="syz.7.11544" path="/dev/uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  318.445147][   T29] audit: type=1326 audit(2000000637.178:25524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29999 comm="syz.1.11547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  318.446427][T24479] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  318.469184][   T29] audit: type=1326 audit(2000000637.178:25525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29999 comm="syz.1.11547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  318.500253][   T29] audit: type=1326 audit(2000000637.178:25526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29999 comm="syz.1.11547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  318.524119][   T29] audit: type=1326 audit(2000000637.208:25527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29999 comm="syz.1.11547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  318.545458][T24479] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  318.547821][   T29] audit: type=1326 audit(2000000637.208:25528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29999 comm="syz.1.11547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  318.580964][   T29] audit: type=1326 audit(2000000637.208:25529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29999 comm="syz.1.11547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  318.614075][T30008] loop5: detected capacity change from 0 to 1024
[  318.621171][T30008] EXT4-fs: Ignoring removed oldalloc option
[  318.627258][T30008] EXT4-fs: Ignoring removed bh option
[  318.653623][T30008] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.11550: Allocating blocks 481-513 which overlap fs metadata
[  318.668361][T30010] 9p: Unknown access argument : -22
[  318.774339][T30019] loop8: detected capacity change from 0 to 512
[  318.785591][T30019] EXT4-fs: Ignoring removed oldalloc option
[  318.805261][T30019] EXT4-fs (loop8): 1 truncate cleaned up
[  319.043132][T30052] binfmt_misc: register: failed to install interpreter file ./bus
[  319.102541][T30063] netlink: 'syz.8.11575': attribute type 21 has an invalid length.
[  319.175905][T30068] vhci_hcd: invalid port number 96
[  319.181124][T30068] vhci_hcd: default hub control req: 0318 vf7fa i0060 l0
[  319.216281][T30084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11584'.
[  319.225539][T30084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11584'.
[  319.275361][T30095] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11590'.
[  319.331011][T30107] netlink: 32 bytes leftover after parsing attributes in process `syz.3.11596'.
[  319.521211][T30127] loop3: detected capacity change from 0 to 512
[  319.571531][T30127] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  319.588167][T30132] loop8: detected capacity change from 0 to 2048
[  319.595863][T30127] EXT4-fs (loop3): mount failed
[  319.631688][T30132] ext4 filesystem being mounted at /292/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  319.690043][T30150] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11614'.
[  319.699157][T30150] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11614'.
[  319.708217][T30150] netlink: 2 bytes leftover after parsing attributes in process `syz.8.11614'.
[  319.851991][T30180] loop8: detected capacity change from 0 to 512
[  319.883218][T30186] IPv6: Can't replace route, no match found
[  320.063382][T30200] vxcan1 speed is unknown, defaulting to 1000
[  320.419571][T30257] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  320.524318][T30264] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  320.684358][T30271] vxcan1 speed is unknown, defaulting to 1000
[  320.848404][T30295] loop8: detected capacity change from 0 to 128
[  320.889493][T30295] ext4 filesystem being mounted at /306/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  321.056152][T30330] syzkaller1: entered promiscuous mode
[  321.061796][T30330] syzkaller1: entered allmulticast mode
[  321.083129][T30332] loop5: detected capacity change from 0 to 512
[  321.449026][T30372] __nla_validate_parse: 8 callbacks suppressed
[  321.449041][T30372] netlink: 48 bytes leftover after parsing attributes in process `syz.5.11721'.
[  321.593824][T30395] netlink: 'syz.3.11731': attribute type 21 has an invalid length.
[  321.618410][T30399] loop8: detected capacity change from 0 to 512
[  321.636693][T30399] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  321.656536][T30399] EXT4-fs (loop8): mount failed
[  321.661637][T30402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11734'.
[  321.675244][T30402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11734'.
[  321.684714][T30402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11734'.
[  321.694197][T30402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11734'.
[  321.800062][T30416] hub 6-0:1.0: USB hub found
[  321.805201][T30416] hub 6-0:1.0: 8 ports detected
[  321.891314][T30436] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11749'.
[  321.903121][T30436] netlink: 48 bytes leftover after parsing attributes in process `syz.1.11749'.
[  322.011521][T30456] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  322.150673][T30484] loop5: detected capacity change from 0 to 512
[  322.167561][T30484] EXT4-fs: Ignoring removed oldalloc option
[  322.183397][T30484] EXT4-fs (loop5): 1 truncate cleaned up
[  322.242101][T30494] netlink: 'syz.7.11777': attribute type 21 has an invalid length.
[  322.420722][T30522] syzkaller1: entered promiscuous mode
[  322.426336][T30522] syzkaller1: entered allmulticast mode
[  322.487464][T30533] netlink: 'syz.1.11794': attribute type 21 has an invalid length.
[  322.517410][T30529] loop7: detected capacity change from 0 to 8192
[  322.605438][T30544] loop7: detected capacity change from 0 to 512
[  322.701754][T30560] netlink: 32 bytes leftover after parsing attributes in process `syz.1.11806'.
[  322.762631][T30568] syzkaller1: entered promiscuous mode
[  322.768187][T30568] syzkaller1: entered allmulticast mode
[  322.794527][T30573] vhci_hcd: invalid port number 254
[  322.855882][T30578] loop3: detected capacity change from 0 to 512
[  322.869431][T30578] ext4 filesystem being mounted at /337/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  322.955922][T30590] tipc: New replicast peer: 255.255.255.255
[  322.962097][T30590] tipc: Enabled bearer <udp:s>, priority 10
[  322.981867][T26410] EXT4-fs error (device loop3): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[  323.023020][T26410] EXT4-fs error (device loop3): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[  323.058678][T30596] netlink: 24 bytes leftover after parsing attributes in process `syz.7.11824'.
[  323.069234][T30596] netlink: 48 bytes leftover after parsing attributes in process `syz.7.11824'.
[  323.112015][T30602] 9pnet: p9_errstr2errno: server reported unknown error 
[  323.193145][T30604] loop5: detected capacity change from 0 to 8192
[  323.328278][   T29] kauditd_printk_skb: 383 callbacks suppressed
[  323.328293][   T29] audit: type=1326 audit(2000000642.118:25911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30627 comm="syz.1.11841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  323.365290][   T29] audit: type=1326 audit(2000000642.158:25912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30627 comm="syz.1.11841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  323.478380][   T29] audit: type=1326 audit(2000000642.218:25913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30627 comm="syz.1.11841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  323.502067][   T29] audit: type=1326 audit(2000000642.218:25914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30627 comm="syz.1.11841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  323.525862][   T29] audit: type=1326 audit(2000000642.218:25915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30627 comm="syz.1.11841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  323.549463][   T29] audit: type=1326 audit(2000000642.218:25916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30627 comm="syz.1.11841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  323.573145][   T29] audit: type=1326 audit(2000000642.218:25917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30627 comm="syz.1.11841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb44a6ebe9 code=0x7ffc0000
[  323.612192][   T29] audit: type=1400 audit(2000000642.398:25918): avc:  denied  { lock } for  pid=30633 comm="syz.7.11843" path="socket:[96158]" dev="sockfs" ino=96158 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  323.777872][   T29] audit: type=1326 audit(2000000642.568:25919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30644 comm="syz.7.11847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e880aebe9 code=0x7ffc0000
[  323.801886][   T29] audit: type=1326 audit(2000000642.568:25920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30644 comm="syz.7.11847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e880aebe9 code=0x7ffc0000
[  324.037083][T30656] vxcan1 speed is unknown, defaulting to 1000
[  324.112943][T30655] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  324.114042][T30656] chnl_net:caif_netlink_parms(): no params data found
[  324.121619][T30655] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  324.161213][T30656] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.168438][T30656] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.175596][T30656] bridge_slave_0: entered allmulticast mode
[  324.181988][T30656] bridge_slave_0: entered promiscuous mode
[  324.188772][T30656] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.195964][T30656] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.203250][T30656] bridge_slave_1: entered allmulticast mode
[  324.209664][T30656] bridge_slave_1: entered promiscuous mode
[  324.226549][T30656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  324.237004][T30656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  324.256939][T30656] team0: Port device team_slave_0 added
[  324.263471][T30656] team0: Port device team_slave_1 added
[  324.279054][T30656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  324.286034][T30656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  324.312041][T30656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  324.323517][T30656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  324.330488][T30656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  324.356487][T30656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  324.383237][T30656] hsr_slave_0: entered promiscuous mode
[  324.389405][T30656] hsr_slave_1: entered promiscuous mode
[  324.395214][T30656] debugfs: 'hsr0' already exists in 'hsr'
[  324.401019][T30656] Cannot create hsr debugfs directory
[  324.623731][T30656] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  324.632601][T30656] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  324.641125][T30656] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  324.649705][T30656] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  324.701190][T30679] syzkaller1: entered promiscuous mode
[  324.706787][T30679] syzkaller1: entered allmulticast mode
[  324.726945][T30684] loop5: detected capacity change from 0 to 512
[  324.743905][T30656] 8021q: adding VLAN 0 to HW filter on device bond0
[  324.763677][T30656] 8021q: adding VLAN 0 to HW filter on device team0
[  324.777967][T26654] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.785052][T26654] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.799924][T26685] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.807108][T26685] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.816842][T30684] EXT4-fs mount: 18 callbacks suppressed
[  324.816855][T30684] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.851538][T30684] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  324.925140][T30656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.943132][T29405] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.049738][T30656] veth0_vlan: entered promiscuous mode
[  325.057636][T30656] veth1_vlan: entered promiscuous mode
[  325.070542][T30656] veth0_macvtap: entered promiscuous mode
[  325.080438][T30656] veth1_macvtap: entered promiscuous mode
[  325.090887][T30656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  325.101348][T30656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  325.112121][T26685] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  325.120986][T26685] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  325.130109][T26685] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  325.138849][T26685] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  325.225969][T30740] loop7: detected capacity change from 0 to 256
[  325.271972][T30746] syzkaller1: entered promiscuous mode
[  325.277612][T30746] syzkaller1: entered allmulticast mode
[  325.432219][T30762] vxcan1 speed is unknown, defaulting to 1000
[  325.450678][T30768] loop8: detected capacity change from 0 to 8192
[  325.463125][T30768] random: crng reseeded on system resumption
[  325.512792][T30771] loop8: detected capacity change from 0 to 256
[  325.718180][T30784] loop8: detected capacity change from 0 to 8192
[  325.737262][T30784]  loop8: p1 p2 p3 p4
[  325.744870][T30784] loop8: p1 size 3523149824 extends beyond EOD, truncated
[  325.766120][T30784] loop8: p2 start 4293394688 is beyond EOD, truncated
[  325.772974][T30784] loop8: p3 start 150994944 is beyond EOD, truncated
[  325.779756][T30784] loop8: p4 size 50331648 extends beyond EOD, truncated
[  326.000707][T30804] loop8: detected capacity change from 0 to 8192
[  326.019842][T26719] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.078313][T26719] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.123268][T26654] ==================================================================
[  326.131412][T26654] BUG: KCSAN: data-race in copy_folio_from_iter_atomic / fat16_ent_put
[  326.139722][T26654] 
[  326.142071][T26654] write to 0xffff88813e81841c of 2 bytes by task 30809 on cpu 1:
[  326.149808][T26654]  fat16_ent_put+0x28/0x60
[  326.154262][T26654]  fat_alloc_clusters+0x4ce/0xa80
[  326.159332][T26654]  fat_get_block+0x258/0x5e0
[  326.163943][T26654]  __block_write_begin_int+0x400/0xf90
SYZFAIL: failed to recv rpc
[  326.169441][T26654]  cont_write_begin+0x5fc/0x970
[  326.174350][T26654]  fat_write_begin+0x4f/0xe0
[  326.178966][T26654]  cont_write_begin+0x1b0/0x970
[  326.183844][T26654]  fat_write_begin+0x4f/0xe0
[  326.188449][T26654]  generic_perform_write+0x181/0x490
[  326.193743][T26654]  __generic_file_write_iter+0x9e/0x120
[  326.199300][T26654]  generic_file_write_iter+0x8d/0x2f0
[  326.204680][T26654]  vfs_write+0x527/0x960
[  326.208927][T26654]  __x64_sys_pwrite64+0xfd/0x150
[  326.213871][T26654]  x64_sys_call+0xc4d/0x2ff0
[  326.218479][T26654]  do_syscall_64+0xd2/0x200
[  326.222995][T26654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.228900][T26654] 
[  326.231228][T26654] read to 0xffff88813e818400 of 512 bytes by task 26654 on cpu 0:
[  326.239035][T26654]  copy_folio_from_iter_atomic+0x7fc/0x1170
[  326.244940][T26654]  generic_perform_write+0x2c2/0x490
[  326.250235][T26654]  shmem_file_write_iter+0xc5/0xf0
[  326.255356][T26654]  lo_rw_aio+0x69d/0x760
[  326.259644][T26654]  loop_process_work+0x52d/0xa60
[  326.264602][T26654]  loop_workfn+0x31/0x40
[  326.268860][T26654]  process_scheduled_works+0x4cb/0x9d0
[  326.274337][T26654]  worker_thread+0x582/0x770
[  326.278976][T26654]  kthread+0x489/0x510
[  326.283069][T26654]  ret_from_fork+0xda/0x150
[  326.287581][T26654]  ret_from_fork_asm+0x1a/0x30
[  326.292380][T26654] 
[  326.294706][T26654] Reported by Kernel Concurrency Sanitizer on:
[  326.300877][T26654] CPU: 0 UID: 0 PID: 26654 Comm: kworker/u8:15 Tainted: G        W           6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  326.315211][T26654] Tainted: [W]=WARN
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  326.319048][T26654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  326.329112][T26654] Workqueue: loop8 loop_workfn
[  326.333898][T26654] ==================================================================
[  326.361411][T26719] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.433246][T26719] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.475852][T30812] vxcan1 speed is unknown, defaulting to 1000
[  326.648677][T26719] bridge_slave_1: left allmulticast mode
[  326.654387][T26719] bridge_slave_1: left promiscuous mode
[  326.660152][T26719] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.672582][T26719] bridge_slave_0: left allmulticast mode
[  326.678283][T26719] bridge_slave_0: left promiscuous mode
[  326.683913][T26719] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.758736][T26719] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  326.770446][T26719] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  326.780561][T26719] bond0 (unregistering): Released all slaves
[  326.874437][T26719] hsr_slave_0: left promiscuous mode
[  326.880363][T26719] hsr_slave_1: left promiscuous mode
[  326.887614][T26719] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  326.895104][T26719] batman_adv: batadv0: Removing interface: batadv_slave_0
[  326.902716][T26719] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  326.910243][T26719] batman_adv: batadv0: Removing interface: batadv_slave_1
[  326.920960][T26719] veth1_macvtap: left promiscuous mode
[  326.926461][T26719] veth0_macvtap: left promiscuous mode
[  326.931974][T26719] veth1_vlan: left promiscuous mode
[  326.937389][T26719] veth0_vlan: left promiscuous mode
[  327.000526][T26719] team0 (unregistering): Port device team_slave_1 removed
[  327.010720][T26719] team0 (unregistering): Port device team_slave_0 removed
[  327.043161][T30795] team0: Port device vlan3 removed
[  327.346618][T26719] IPVS: stop unused estimator thread 0...
[  327.401464][T26719] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.447691][T26719] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.499320][T26719] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.557826][T26719] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.860713][T26719] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.947533][T26719] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.007139][T26719] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.067134][T26719] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.139028][T26719] bridge_slave_1: left allmulticast mode
[  328.144677][T26719] bridge_slave_1: left promiscuous mode
[  328.150418][T26719] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.158236][T26719] bridge_slave_0: left allmulticast mode
[  328.163912][T26719] bridge_slave_0: left promiscuous mode
[  328.169693][T26719] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.177883][T26719] bridge_slave_1: left allmulticast mode
[  328.183639][T26719] bridge_slave_1: left promiscuous mode
[  328.189306][T26719] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.196929][T26719] bridge_slave_0: left allmulticast mode
[  328.202559][T26719] bridge_slave_0: left promiscuous mode
[  328.208392][T26719] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.216627][T26719] bridge_slave_1: left allmulticast mode
[  328.222264][T26719] bridge_slave_1: left promiscuous mode
[  328.228001][T26719] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.235824][T26719] bridge_slave_0: left allmulticast mode
[  328.241482][T26719] bridge_slave_0: left promiscuous mode
[  328.247143][T26719] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.337225][T26719] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  328.347068][T26719] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  328.356655][T26719] bond0 (unregistering): Released all slaves
[  328.407204][T26719] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  328.416754][T26719] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  328.425985][T26719] bond0 (unregistering): Released all slaves
[  328.477219][T26719] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  328.487429][T26719] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  328.497030][T26719] bond0 (unregistering): Released all slaves
[  328.529348][T26719] tipc: Disabling bearer <udp:syz0>
[  328.534583][T26719] tipc: Disabling bearer <udp:s>
[  328.539719][T26719] tipc: Left network mode
[  328.544275][T26719] tipc: Disabling bearer <udp:s>
[  328.549370][T26719] tipc: Left network mode
[  328.647991][T26719] hsr_slave_0: left promiscuous mode
[  328.653801][T26719] hsr_slave_1: left promiscuous mode
[  328.660624][T26719] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  328.668098][T26719] batman_adv: batadv0: Removing interface: batadv_slave_0
[  328.675654][T26719] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  328.683214][T26719] batman_adv: batadv0: Removing interface: batadv_slave_1
[  328.692415][T26719] hsr_slave_0: left promiscuous mode
[  328.698156][T26719] hsr_slave_1: left promiscuous mode
[  328.703652][T26719] batman_adv: batadv0: Removing interface: batadv_slave_0
[  328.711208][T26719] batman_adv: batadv0: Removing interface: batadv_slave_1
[  328.719757][T26719] hsr_slave_0: left promiscuous mode
[  328.726745][T26719] hsr_slave_1: left promiscuous mode
[  328.732420][T26719] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  328.739918][T26719] batman_adv: batadv0: Removing interface: batadv_slave_0
[  328.747544][T26719] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  328.754999][T26719] batman_adv: batadv0: Removing interface: batadv_slave_1
[  328.767719][T26719] veth1_macvtap: left promiscuous mode
[  328.773204][T26719] veth0_macvtap: left promiscuous mode
[  328.778739][T26719] veth1_vlan: left promiscuous mode
[  328.783980][T26719] veth0_vlan: left promiscuous mode
[  328.789881][T26719] veth1_vlan: left promiscuous mode
[  328.795286][T26719] veth0_vlan: left promiscuous mode
[  328.886103][T26719] team0 (unregistering): Port device team_slave_1 removed
[  328.896802][T26719] team0 (unregistering): Port device team_slave_0 removed
[  328.954288][T26719] team0 (unregistering): Port device team_slave_1 removed
[  328.963862][T26719] team0 (unregistering): Port device team_slave_0 removed
[  329.014570][T26719] team0 (unregistering): Port device team_slave_1 removed
[  329.025531][T26719] team0 (unregistering): Port device team_slave_0 removed
[  329.689549][T26719] IPVS: stop unused estimator thread 0...
[  329.758224][T26719] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.807713][T26719] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.847322][T26719] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.887760][T26719] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.968406][T26719] bridge_slave_1: left allmulticast mode
[  329.974078][T26719] bridge_slave_1: left promiscuous mode
[  329.979907][T26719] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.987714][T26719] bridge_slave_0: left allmulticast mode
[  329.993375][T26719] bridge_slave_0: left promiscuous mode
[  329.999122][T26719] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.107528][T26719] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  330.117217][T26719] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  330.126802][T26719] bond0 (unregistering): Released all slaves
[  330.217198][T26719] hsr_slave_0: left promiscuous mode
[  330.223140][T26719] hsr_slave_1: left promiscuous mode
[  330.228923][T26719] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.236454][T26719] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.245751][T26719] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.253289][T26719] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.263383][T26719] veth1_macvtap: left promiscuous mode
[  330.269055][T26719] veth0_macvtap: left promiscuous mode
[  330.274538][T26719] veth1_vlan: left promiscuous mode
[  330.279914][T26719] veth0_vlan: left promiscuous mode
[  330.338981][T26719] team0 (unregistering): Port device team_slave_1 removed
[  330.348238][T26719] team0 (unregistering): Port device team_slave_0 removed