last executing test programs:

1m35.313874399s ago: executing program 4 (id=354):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000240)={[{@grpjquota}, {@lazytime}, {@barrier}, {@barrier}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@grpquota}], [{@seclabel}]}, 0x3, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7ffffffffffffffc, 0x80100000400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47d8780820335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffff000000e8f20000000200", "b73267f0fffffffff2ff00", [0x10000000000004]})
open_by_handle_at(r0, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)

1m35.010339724s ago: executing program 4 (id=358):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000000))

1m34.441751132s ago: executing program 4 (id=367):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000380), &(0x7f0000000200)=r1}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0180000000000000000001000000000000000b00000000030014"], 0x28}}, 0x40000)

1m34.441545662s ago: executing program 32 (id=367):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000380), &(0x7f0000000200)=r1}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0180000000000000000001000000000000000b00000000030014"], 0x28}}, 0x40000)

1m32.418876332s ago: executing program 33 (id=418):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)='%ps    \x00'}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)=ANY=[@ANYBLOB="1c0000003e000701fcfbbb92d5dbdf250150fa5e0800038036"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

1m21.721571553s ago: executing program 34 (id=736):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x1000, 0xffffffff, 0xffdffffe, 0x0, r0}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f4, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000000c0)=0x1)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0x400, 0x3, 0x0, 0x10000, 0x16, "4415264a88b82c521113fb235902af2556c6b6"})

1m19.790950852s ago: executing program 35 (id=784):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x187842, 0x0)
r2 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fallocate(r2, 0x0, 0x0, 0x1001f0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000240)={0x3920e, r0, 0x3, 0x1, 0x5})

1m18.967004395s ago: executing program 36 (id=802):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x39, 0x1, 0x0, 0x0, 0x0, 0x7, 0x594, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x3, 0x4}, 0x0, 0xffff, 0x0, 0x1, 0x9, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r1 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r2 = fcntl$dupfd(r1, 0x406, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

1m7.97514827s ago: executing program 7 (id=1090):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)

1m7.856777841s ago: executing program 7 (id=1094):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x6, 0x10}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000ae0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
setrlimit(0x9, &(0x7f0000000000))
io_setup(0x2004, &(0x7f0000000680))

1m7.816479622s ago: executing program 7 (id=1096):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3}, 0x10)
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)

1m7.737221093s ago: executing program 7 (id=1101):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
sync()
unlink(&(0x7f0000000180)='./file1\x00')

1m7.342467359s ago: executing program 7 (id=1118):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r0}, &(0x7f00000006c0), &(0x7f0000000700)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

1m6.786394128s ago: executing program 7 (id=1129):
r0 = socket$inet6(0xa, 0x3, 0x8)
sendmmsg$inet6(r0, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00'], 0x28}}], 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
recvfrom$inet6(r0, 0x0, 0x0, 0x10000, 0x0, 0x0)

1m6.778640048s ago: executing program 37 (id=1129):
r0 = socket$inet6(0xa, 0x3, 0x8)
sendmmsg$inet6(r0, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00'], 0x28}}], 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
recvfrom$inet6(r0, 0x0, 0x0, 0x10000, 0x0, 0x0)

1m3.679182174s ago: executing program 4 (id=1130):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
sync()
unlink(&(0x7f0000000180)='./file1\x00')

1m3.417913628s ago: executing program 4 (id=1207):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x121c02, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
write$selinux_load(0xffffffffffffffff, 0x0, 0x2000)
ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0xff, 0x2}]})

1m3.403182348s ago: executing program 6 (id=1208):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x30, r3, 0x2cb3b0415539fbbb, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void, @val={0xc, 0x99, {0x2, 0x2a}}}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x2}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xffffff81}]}, 0x30}, 0x1, 0x0, 0x0, 0x801}, 0x0)

1m3.190093581s ago: executing program 6 (id=1211):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8d40, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0xfffffffa)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "00769a7d8200010000001495595915303d6000"})
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000200)={0x1})
r2 = syz_open_pts(r0, 0x0)
ioctl$TCFLSH(r2, 0x540b, 0x2)

1m3.174187101s ago: executing program 6 (id=1215):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}})

1m3.072070233s ago: executing program 6 (id=1218):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
sync()
unlink(&(0x7f0000000180)='./file1\x00')

1m2.807034517s ago: executing program 6 (id=1226):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8008a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001280)=ANY=[@ANYBLOB="b702000001040000bfa30000000000000703000000feffff7a0af0fff8bffffd79a4f0ff00000000b7060000ffffffff2d640500000000006502040001001f000404000001007d60b7030000000000006a0a00fefdff00008500000026000000b7000000000000009500000000000000c743a0c8e3ebbadc20e5a7efcc9ac1467fb2ea80dbcf8df265e1b40e4c8afd5c0c000000008da68076774bbcdb2c769937000090af27db5b56024db96bcbbbd2cb2000ce03000000000000007e357754508535766c80114604a86fe569b05614eab9297eb290a248a120c9c6e39f403ff065fd3052aae80675eeba68562eaeaea5fecf298ca20f274233106eab63ecf772de7b265040b6c50b7420b48a93fe94c756108afcd0b2eb78040000005f02a5a6474ae549070004000000001294fba0ed5020e6474ac921fee1f6d8ad6a80d0947cd6d4a561ced21a0b4a902be6af7ec2d1ba002e57f301000000000000000000000000100000aaf25343063e6581f9e6de14ad72e5ad84309f47f96a576cd20cef7ed951a73ea73d7c7f14e306f1f1d1377e57bbb19700f0077e9d0000b93eb0f2c6f8141e350dc68147e5958128d22d58625cf9dba211bfff9c3709c9b134625d3d2369f516a49eeeb1a662c8dfb875bdf5c6ba73cccdfacb202994c40d322717faff03323dce8a34ee0ca2cf61efb4b30000642735d6d482ba98d252f36c54333a8b1aa736369392b9067665339820f5f1557b0bf7cc06a5a13c714e0b1a1f000000ff3283076cda3d0b1a2905cfc3d04f1db264b530abcbe44bc405f600807970727fb819afa1907228fa9e83433eedb4ac88d0285594ffb0d14c09d5c77f33702822b02488ea570204c8441ced81cacf945dcb2486d65ceec8bcaffbe800a041a378b40dc9e3600e916ae6307bd8325a442095bc9a8b0c95905979f34adddbb26f0d24425c8ab9d937d84b521914f92eed3d3e9de82942a952e86b567aff5bc2e3c1fcc00f618363df5d0d181ee8f4b8fd356c9eb365adc037e443820c05c5db16ff07a9cf471e2ebf91ab00a05f88c1cd55f8c81f5eb1f8d615ca27efb2193bb61665a1ce37f30c2efc9c3b5a4a5d95479fac471ba60fbd0e50225563cd37343d09da72472efc2b2877fbab12a891513e5f0763ae06c0610a2869747c143d7500760600f3ffb2310e19ac58bf29d7f178d09a9f634a3ae492f54649589e3692768a0f3a08ff275df45508ad85950d8e08465fa1067ea8f383b3e7a7ddf5977d46f4bc38f914b4a496426d8468f9ba618b6b2218b50c8fc9efbce3ba799cf70de7e13be871aa7eb402e2b11f440361e18d4e334bfc6ae54e62e67a03b4c756c544189e4519a029674e2a2bbbc7f6600000000000800000e5e30b70b1eb176d3a62660600000030a0af132e680510811d3ab71af5d98e2d3d928a749e8b9402d14655612bd58fb40b4625cb69bf6cea97b447f2d970d99100000000086000001b881afb2cc500003a73562af4878f75b4c98274eeb666aa1f5fcf91990cf0dcfef9540057b8a3fff2bc02c5941626d2015f414546e87835ba18e9101734a9e9c6955fc6b9a25fe2a3dd8bab7f21beccba5493a164c663eceed401737c12c65804712236a9a29a43b1e27e9b6816f2328ea8423121f12b7b35aa721fef26934ccafde573bee5c33ef15309f43cbd5d61aa679a9c402d337ebf57a5eacb569401c1df7b9c45b09743c61d1db37f0000000000020000000061d7d6818db785d8ba13dc577fe61a68eb365de5661f43d4c789bb117a3d208ae44a381b718b3157e218959156ff8e92b7e92bc275d2c9114547351a0d0f2a70d13be0194b6cb68b03000000000000004f153bbc7f52861e4e5df0d19e4e40ac44cfda6f87807e5b5ed7072c04da88afd3d4b79f060e004a0e2f00b9e726ac75d2ac0691314c627e9a8a07bdd607919fd48f01ad6d2f7621d9a75b134f1bc25ed7c33d411a5baa4daa3add16afc502b2b7629541d722e91d631e5ffb9d4beb5aa5a2c4e490a5bd5cf4538ba310b8cbc221af38ea842d4cb908bcd574f794459fd54b58c6a791e6df620047bade4ba41ee0141843958479544619f749ff70088b0fd115077f7eff7c5a3315ca604d110df1c54407f191a78d8362e4dc6e1138391c2af2b96779bb76c9f1daea4f085f38810edef6dd047937c231cba791a4e7713c5b3b0a0b6ba37db5016e02d114d714459d065a79609fea4efebad04edac11aac0e53dd094827453144fa419ee81823d00a90a9058ba740d2f41253a8d01a8c1a7265a084e30ad10d412aee8170a7111d62473e7bd8f3d64fb7ebdd32aada331900000000000000000000000084ef49dd02000000bf48ea48e0e1f463d9dcb285038ec38d5f4969ed0e98a71ac7bf8159a234833a5241722b2d24aa2fa4965d4eb7966fb27d118b6ef3308627e67d42f1041d5e92da28e0a7724ce715854775cbe06c5166f1dac0745f1373156a536cb6394c2c4473e2050cacf693fdf8e305080000001a901ecd90a5f53b8327a485557bc2a147b036477915e600000000034258ebbb6099b597d17ee2fc97ca850b8580b1337016a40566814594c13052b9d2b0741326825f19a24460e545c71e1940c998f39ac04a0c29691a7c8f7a78c1a7590a293c561f304533c638ae635f5ce026f7fa034d8cfe0e11831d4829692beab26891ef583cfcb713a4d3a2d8b958c0875d7e4bdcf98802db086ebcbb9d82fa569a18f06facc2ffe1ea9ae4231e1e503faa2de7f898c97788c4b9c61c70ff92abdf7476cc351156d11c0ada7614f315f4c6cca119d16827d4e864f5a7a9b690272a510c451dc07f391309d02e31e53b2bf0b5f86e776b1bcfe6c85ccd7ddf8a9559d596b5603895f265685fdd11263c946f8ef3ccec1b0d45a47a89b8237cbbdab14e4ca6dc76b2c41e071b93a065c0f5aa718e1cfab29beea78a6bd9a3114f0fb92be9a5862627b4bd99db2c08e4636e43f05f33535d5d1f9bb40e1fd8e5125a3d29b31dd94a6744bbc21722222b976089f073a4d3fcafc6d06518cf0c4fc6c3e3da0000000000000000000000007d3b60775243f2143d9f54804b11102cf0e4c641db1ba8bf75e46ab3a8fdece6562e7ebb3e407f3c7504dfa3da3aecbd49af3d1edeea11cc970416fadeedc8423bfdc85041ac4d8243a1130e6f4cb5bbfed9d095e18c98c7d690e4c491a7ddcd5635bc61dbed719ca28e8ca3f1fbbe588913ed057f1d6e34a79f4dc10df54d1993a5bc5f9ef6dbd339ee4b0b5764169f305e284ef82cc23e9366d4bc7eb45c7230b13433e5240657cb8eba33260147be8620b6d98cc48b000000000000000000000000c1ce872b18984f080100000000000000bd3fded92547d41809b398f36749083a147eb09ff1ed601bd36b873d3947fb223da647052528e0466cb917db7800f7c7000b593fca1903991cca1343882e3a1f60044f11c081dae4fc5bcf20efacdd2c577f4bcda2eea6f75a31dc90eebb6135b6fb824052181b0ad8a49ebf03ccf61d7e39bf6b0762d24d19796016301d1415b5110ba9df7f204aedb2a2e4e621c0553d312b309db67192f98ef7800000d629c04e216afc8fc66616bbf304e452373aa927c2ad6f5417f1b9bc322b802c1a1c42112a92a331cdc113b9ace3ff52ede7a853f9a89002ba070bac2f635a03db3375e5564f1a798bf9c0f8c72725d2eca9b0ec7e453d78ea20eca61530fe574299b393ca144adcb06108dfbb934065a87972739150a8752ac111c4d9062ccb95c54034fbdee131d94dfbaab1854d55665746fb7b47d25e54070b0d14c0a29c57bc4930075e1761913b036d43852c6df9f10e15105b2a1866b598a3577943514db0dce953dcec62139ff3f16066efec5d8cbc0600000000007289be5883aab951ea67cf2ff691d05c1ea91dd569ed9897fe8d88a0a6977dc8955be17e8026aff11c61fa5cc76196c1423cd597345253ba5d5ab46938e8fb23fa7047bc59c4345e912585a8adb5fe2ff51b64a326321b594e3f2d339f4090bdae6b30b62064bacbc155d3c930576f506b093ca7c60957bdfdd6536baaa871cf6a603c736b78761e6463b8ac503e219cc3d98f649602ad24d5667368290ee926fba76ee482a201a03efece3b236f4ee2ffcd5d90d92a2f0c5cea48c87f27c2f1e92988a6508c12f6b7755cc48eb10edafca92cb0260c72295a27a24846d3a2334bd60e94c0fd07e5db0a4964a7fc4e89e11a300510776934e87bb3c21394f46954a012b2a3b0760f5bad1dbd6b466ed7153bd18ee2c0b2353c38df9e0782eb000000000000000000000000001b58cadcc5aaf65e05663985a177aa1d1ea2ad1b8151c7d58f5b92827f550269b3585d98e1394e816a477e52ce2f6de2bd7192f46cf965e774968d151d2bda084b10ec4c8d2c6ab582b1e5e3ed874235ff128c661298ed75879d8a4025ad1c3d9ef6355dc7284c6e648a61da026a777fcc7ae2c60ce64a2f2b0000000000000000000000000000003022110d1230e998429a6fd8f35939a8ae5acc89125539d84b98df6f8ee2ad0b238759bf400ac14c591aefe9660076a494f73b0ea8f3cb4a9c2e4f745a2afb593fabb9481600b2f44e6415153c1f8cf974a226d2700608bb2838ef07d75aed8b082716be3c37f60f48b9995f6325fdaa1c164b1e2bcbde000000000000000000d4fd710a526223440f9df8d22bf9224e4b71b0757dbc8311a2ffbf680a2c09a893ffd79f0a645df3e2dce61e24c28750f50ccb9244fdb344773f79483ec0b6936fd853fda9ee154914a00831cf4bf6f9e6fe6cdfab5ab31de15450e6e703316d9597100d83d0444d511ec95edfc460461eef194209655b2a966078be83da84fe699fa66295c9995c869c18501c3d3bf6b17e5b2211c4903580dcdc7ea2bf9e3b202d7b01ea0b800868eb22cbb86e927b364c9c5642ea6188f53c36dffecbdeda61ceb3b1c1f4a7bc77e39a9ff7e547cef240c3cf78f61d3e000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfe37}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x18000000000002a0, 0xe, 0xa002a0, &(0x7f0000000040)="b907ef19edfff007049e0ff0888e", 0x0, 0x4000, 0x18000000, 0x0, 0x0, 0x0, 0x0}, 0x48)

1m2.685200209s ago: executing program 8 (id=1232):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, 0x0, &(0x7f0000000b00)=""/151}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x200, 0x80, 0x20000, 0x0, 0x0, 0x8}, 0x45)

1m2.596048631s ago: executing program 8 (id=1234):
r0 = epoll_create1(0x0)
r1 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r1, 0x48e9, 0x0, 0x2, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/slabinfo\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r4, &(0x7f0000000080)={0xa0002009})

1m2.579538221s ago: executing program 8 (id=1236):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f00000001c0)='cgroup.max.descendants\x00', 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
write$cgroup_int(r2, &(0x7f0000000000), 0x12)
sendfile(r3, r2, 0x0, 0x1)

1m2.561010111s ago: executing program 8 (id=1238):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
sync()
unlink(&(0x7f0000000180)='./file1\x00')

1m2.385345624s ago: executing program 8 (id=1241):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000380)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x2)
connect$unix(r0, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
sendmmsg$unix(r0, &(0x7f0000004780)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)='A', 0x1}], 0x1, &(0x7f0000000900)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0], 0x18}}], 0x1, 0x0)
accept(r1, 0x0, 0x0)

1m2.282896435s ago: executing program 6 (id=1242):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000380)=0x7ffd)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000180)={0x20, 0x0})

1m2.278454795s ago: executing program 38 (id=1242):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000380)=0x7ffd)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000180)={0x20, 0x0})

1m1.918645331s ago: executing program 8 (id=1247):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000e60000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x4f33}, 0x18)
dup(0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x45, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000001ec0)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f00000080c0)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

1m1.918465931s ago: executing program 39 (id=1247):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000e60000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x4f33}, 0x18)
dup(0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x45, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000001ec0)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f00000080c0)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

1m1.536907906s ago: executing program 4 (id=1252):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000180), &(0x7f0000000840)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r3, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

1m1.516932957s ago: executing program 40 (id=1252):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000180), &(0x7f0000000840)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r3, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

22.320095145s ago: executing program 5 (id=2442):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000500)={{r0}, &(0x7f0000000240), &(0x7f0000000400)='%pi6   \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x2000}, 0x18)
lremovexattr(0x0, 0x0)

22.282375076s ago: executing program 5 (id=2444):
socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

22.162717318s ago: executing program 5 (id=2446):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)='%ps    \x00'}, 0x20)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

22.078951239s ago: executing program 5 (id=2448):
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22004004, &(0x7f0000000140)={[{@jqfmt_vfsold}, {@nojournal_checksum}, {@noload}, {@user_xattr}, {@usrjquota}, {@grpjquota, 0x2e}]}, 0x81, 0x46c, &(0x7f00000004c0)="$eJzs3MtvG8UfAPDvrpP09ctD/ZVHH1BDQUQUkiYU6IELCKRekJDgAMeQhqrUbVETJFpVtCBUjoi/ADgi8RdwggsCTiCucEdIFeqFwgEtWnu3dWIndZwYN/jzkdae2YdnZmcnnp3xJoCBVc1fkogsIn6OiPFGdPkO1cbbjeuX5v+8fmk+iSx7+fekvt8f1y/Nl7uWx+0qIpNpRPpBEvvbpLt44eLpuVpt4XwRn14689b04oWLj586M3dy4eTC2dljx44+MfP0U7NPbko5R/O87nv33IG9x1/7+MX5LF7/7os8v/8rtjeXo2Fiw2lWo7r8XNaN1F8f3vCn31lGm8LJUB8zwrpUIiKvruF6+x+PStyqvPF44f2+Zg7oqSzLsm0taytl4EoG/Icl0e8cAP1RftHn97/l8i92P/ru2rONG6C83DeKpbFlKNL8bXvjjn20R+lXI+LVK399ki/RdhwCAGBzfZX3fx5r1/8bS+5u2m+smBuaiIjDEbE7Iv4fEXsi4q6IyPe9JyLuXWf61RXx1v7Pjzu6KliH8v7fM8Xc1vL+X1ruMlEpYqP18g8nb5yqLRwpzslkDG/L4zNrpPH18z99tNq25v5fvuTpl33BIh+/Da0YoDsxtzS3kTI3u/ZexL6hduVPbs4EJBGxNyL2dfH5+Tk79ejnB/Lw2K7W7QduW/41bMI8U/ZZxCON+r8SK8pfShoprTY/Ob09agtHpsurotX3P1x9qTk+3BS+ff33Vl7/O9te/0X5y2ZQztcurj+Nq798uOo9TbfX/0jySj08Uqx7Z25p6fxMxEixYtn62VvHlvFy/7z8k4falX8s2R3x96fFcfuLa/W+iLg/Ig4WeX8gIh6MiENrlP/b5x56c+0z1N/6P7FW/UdMJM3z9V0EKqe/+XK19Dur/6P10GSxppO/f51mcCPnDgAAALaKtP4b+CSduhlO06mpxm/498TOtHZucelwNd4+e6LxW/mJGE7Lka7xpvHQmWJsuIzProiXY15ZtqMen5o/V+vVnDrQmV2rtP/cr5V+5w7ouXXNo7U+0QZsYZ7XhMGl/cPg0v5hcGn/MLjatf/LETeaoj19CAPoH9//MLi0fxhc2j8MLu0fBlLrI/HlSF83T/rfCuw+vqHDByhQ6dEnR/M/7ehBINK+n7ruA+mdkI2DRWBbRHR61OWe1unK6wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDr+ycAAP//ENre5A==")
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000540))
ptrace$cont(0x20, r0, 0x0, 0x0)

21.9977264s ago: executing program 5 (id=2453):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x1, 0x4, 0xb, 0x6, @vifc_lcl_ifindex, @dev={0xac, 0x14, 0x14, 0x44}}, 0x10)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd4, &(0x7f0000000040)=0x6, 0x4)

21.679023095s ago: executing program 5 (id=2465):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000200850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)

21.676371935s ago: executing program 41 (id=2465):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000200850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)

1.914545242s ago: executing program 0 (id=3221):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {}, {0x8, 0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x4c, 0x2, [@TCA_FLOW_POLICE={0x48, 0xa, 0x0, 0x1, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x3ff}, @TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x0, 0x0, 0x1, 0x5, {0x9, 0x0, 0x401, 0xfffb, 0x8000}, {0x9, 0x0, 0x4, 0x2, 0x66f, 0x5}, 0x6, 0x4, 0x3c2}}]}]}}, @TCA_RATE={0x6, 0x5, {0xff, 0x5}}]}, 0x84}}, 0x0)

1.655258336s ago: executing program 0 (id=3232):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000c00)=0xc, 0x6, 0x2)

1.267730202s ago: executing program 3 (id=3246):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xb)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0xff)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000040)={0xfffffff8, 0x401, 0xfffffffd, 0xc4cf, 0x7, "0441920887e87fcb367800000000080100", 0x4, 0x200})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140)=0x8)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x7f)

1.243900212s ago: executing program 3 (id=3247):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f0000000140)=[{0x6, 0x9, 0x8, 0xa}]}, 0x10)
r1 = dup(r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x111, 0x6}}, 0x20)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x71, 0x30}, &(0x7f0000000200)=0xc)

1.166474143s ago: executing program 0 (id=3252):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105500, &(0x7f0000000040)=@usbdevfs_connect={0x6a3})

1.118703194s ago: executing program 0 (id=3255):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0xffffffffffd, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000340)='cpu-&0&&\t')

1.064193545s ago: executing program 0 (id=3257):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0x6, 0x0, 0x0, 0x2, 0x1})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)

1.030983045s ago: executing program 1 (id=3258):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xa, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000061"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000000)=0xa)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000300)=0x100001, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x5, @remote, 0x1}, 0x1c)

1.027751675s ago: executing program 1 (id=3259):
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=rdma'])

1.025219555s ago: executing program 1 (id=3260):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x38, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x0, @private2={0xfc, 0x2, '\x00', 0xff}}, @in6={0xa, 0x4e21, 0xf, @loopback, 0x6}]}, &(0x7f0000000180)=0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={r2, @in={{0x2, 0x4e24, @empty}}, 0x27c0}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f00000001c0)={r2, @in={{0x2, 0x4e24, @empty}}}, 0x90)

960.804687ms ago: executing program 1 (id=3262):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r2, 0x0, 0x40000000, 0x0)

793.321139ms ago: executing program 1 (id=3267):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f00000004c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b0ffffffbfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r3, 0x702, 0x86, 0x0, &(0x7f0000000580)="e460334470d8d400eb00c15286dd4b3547f2cbfad47001bd34d04351caf1f9a07be047c25d7670ea4a41b8a6800c0de87b6f8e6a725643f7b3ab502617b472091a730e36aabb2f2426a24a29edbed9463081eef61aa7fab052ffcc89b4bac5bae255a31da7c7b87aca6e0a240ce57daf09b305e2cd418404d54cdca435ab392d48aa01019845", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

642.395521ms ago: executing program 2 (id=3274):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

618.095401ms ago: executing program 1 (id=3275):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x11000)
writev(r1, &(0x7f0000000640)=[{&(0x7f0000000440)="ac", 0x1}], 0x1)

576.670112ms ago: executing program 2 (id=3276):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000640)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@discard}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020662a, &(0x7f0000000580)={0x0, 0x8000000003ff, 0x5, 0x100})

479.703054ms ago: executing program 2 (id=3280):
socket(0x25, 0x1, 0x0)
syz_io_uring_setup(0x9e, &(0x7f0000000000)={0x0, 0xec25, 0x0, 0x2, 0x40000333}, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[], 0x5, 0x267, &(0x7f0000000740)="$eJzs3b9rVFkUAOAzmcmvbSYsCwvLLjuwLGw1JIHtsyy7bNigYhgkIsGJmUjIhICBgBZJrAQrG0vLdBFBCzv9HwQbG7ERS9NZSJ4kL0xmzEQTMfMk833NPbx7znv33vDeyxRz5/LPiwuzS8tzW1uvY2AgF4Wxq9tJkouh6Il8pNYDADhN3iVJvE1SWY8FAOgM738A6D6Hvf//60nb3rQ5l8XYAICT8eWf/+9OPXlZrY39eYTUpL8Rvpg+/hgBgK9rcuri/9tPfx8cj0d3IhZvrVRWKmmb9v81F/NRj1oMRzHeRyQNafzv+MQ/w6UdgxGVxbW9+rWVSr61fiSKMRRx4czB+pFSqrW+N75rrh+NYvzQ/vqjbev74o/fmurLUYxnV2Ip6jG78y9JU/3qSKn099mJj+r7d/NiI5/p3wcAAAAAAAAAAAAAAAAAAAAAgNOpXGoYard/T7l8WH9af/T9gfb357m9W1+InwpxM9vZAwAAAAAAAAAAAAAAAAAAwLdh+fqNhWq9XrvWCGbOz3/feuRzQa5NV37v/Mc5T9cEOwtzgpf4NSJOehYPN2vPN6YvTWa/mB0M2q/qg8wHNvOJnJ6I2A1+vDdWfbz66s3BnFhvupcL6X1bradtX/PDotThhxMAAAAAAAAAAAAAAAAAAHSZ/a8BH5aRdHZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCB/d//P3bQ1ziyOZierNH1y0Bzctp5v+W6ufUMJgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNf6EAAA//9rIKjm")
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x10000802, 0x80, 0x0, 0x40000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000005200010004000000000000001c0000001400", @ANYRES16=r0], 0x28}}, 0x0)

448.200374ms ago: executing program 9 (id=3281):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {}, {0x8, 0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x4c, 0x2, [@TCA_FLOW_POLICE={0x48, 0xa, 0x0, 0x1, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x3ff}, @TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x0, 0x0, 0x1, 0x5, {0x9, 0x0, 0x401, 0xfffb, 0x8000}, {0x9, 0x0, 0x4, 0x2, 0x66f, 0x5}, 0x6, 0x4, 0x3c2}}]}]}}, @TCA_RATE={0x6, 0x5, {0xff, 0x5}}]}, 0x84}}, 0x0)

431.544605ms ago: executing program 3 (id=3282):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000880)={[{@data_err_abort}, {@nojournal_checksum}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@data_err_ignore}, {@lazytime}, {@data_err_ignore}, {@journal_dev={'journal_dev', 0x3d, 0x800}}, {@nobh}, {@inlinecrypt}, {@data_err_ignore}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r2, 0x0, 0xa20, 0x8000c64)

368.754455ms ago: executing program 9 (id=3283):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xffffffffffffffa8}, 0x18)
r2 = syz_io_uring_setup(0x254c, &(0x7f0000000000)={0x0, 0x7c87, 0x800, 0x0, 0x39}, &(0x7f0000000080), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x3}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r2, 0x17, &(0x7f0000000f40)={0x0, 0x0, 0x3}, 0x1)

245.724497ms ago: executing program 9 (id=3284):
r0 = syz_io_uring_setup(0x1109, &(0x7f0000000300)={0x0, 0x974, 0x1000, 0x2, 0xbf7ffffa}, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
io_uring_enter(r0, 0x1c3a, 0xe176, 0x22, 0x0, 0x0)

224.960117ms ago: executing program 3 (id=3285):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "0002002000", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "00f8ff00", "8ce63ecbc640735f"}, 0x38)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="ca", 0x1}], 0x1)
close(r0)

224.175017ms ago: executing program 2 (id=3286):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socket$kcm(0x11, 0xa, 0x300)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f260006d2688a84c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

196.788808ms ago: executing program 9 (id=3287):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x80000}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffff963}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

172.212558ms ago: executing program 0 (id=3288):
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
r0 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0x7005, 0x0)
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5867, 0x10, 0xfffffffc, 0x24d}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x100847c0, 0x0, 0x1, 0x0, 0x0)

114.285019ms ago: executing program 9 (id=3289):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
clock_gettime(0x1, &(0x7f0000000000)={<r2=>0x0, <r3=>0x0})
clock_settime(0x0, &(0x7f0000000040)={r2, r3+10000000})

95.092189ms ago: executing program 3 (id=3290):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000010080)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000012c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r0}, &(0x7f0000000080), &(0x7f0000000680)}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

65.63593ms ago: executing program 9 (id=3291):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmmsg$sock(r3, &(0x7f000000bb40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000011)

34.05642ms ago: executing program 2 (id=3292):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd26, 0x8000, {0x0, 0x0, 0x0, r3, {0x8, 0x1}, {}, {0xffff, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x10, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x6}]}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

18.10574ms ago: executing program 3 (id=3293):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x80240, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x18)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x2)

0s ago: executing program 2 (id=3294):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000080)='kmem_cache_free\x00', r0, 0x0, 0x800}, 0x18)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r1, &(0x7f0000000780)=[{{&(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

kernel console output (not intermixed with test programs):

8] loop9: detected capacity change from 0 to 512
[   97.639043][ T7598] EXT4-fs: Ignoring removed nobh option
[   97.658397][ T7598] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #3: comm syz.9.1507: corrupted inode contents
[   97.670568][ T7598] EXT4-fs error (device loop9): ext4_dirty_inode:6459: inode #3: comm syz.9.1507: mark_inode_dirty error
[   97.690913][ T7598] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #3: comm syz.9.1507: corrupted inode contents
[   97.706057][ T7598] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #3: comm syz.9.1507: mark_inode_dirty error
[   97.720914][ T7598] __quota_error: 94 callbacks suppressed
[   97.720929][ T7598] Quota error (device loop9): write_blk: dquota write failed
[   97.734852][ T7598] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[   97.745113][ T7598] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.1507: Failed to acquire dquot type 0
[   97.758111][ T7598] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #16: comm syz.9.1507: corrupted inode contents
[   97.772528][ T7598] EXT4-fs error (device loop9): ext4_dirty_inode:6459: inode #16: comm syz.9.1507: mark_inode_dirty error
[   97.784384][ T7598] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #16: comm syz.9.1507: corrupted inode contents
[   97.799833][ T7598] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #16: comm syz.9.1507: mark_inode_dirty error
[   97.825153][ T7598] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #16: comm syz.9.1507: corrupted inode contents
[   97.840634][ T7598] EXT4-fs error (device loop9) in ext4_orphan_del:305: Corrupt filesystem
[   97.849679][ T7598] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #16: comm syz.9.1507: corrupted inode contents
[   97.863602][ T7598] EXT4-fs error (device loop9): ext4_truncate:4597: inode #16: comm syz.9.1507: mark_inode_dirty error
[   97.877233][ T7598] EXT4-fs error (device loop9) in ext4_process_orphan:347: Corrupt filesystem
[   97.886608][ T7598] EXT4-fs (loop9): 1 truncate cleaned up
[   97.891054][ T7576] syz.5.1496 invoked oom-killer: gfp_mask=0x402d02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[   97.893083][ T7598] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.906785][ T7576] CPU: 1 UID: 0 PID: 7576 Comm: syz.5.1496 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[   97.906833][ T7576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.906848][ T7576] Call Trace:
[   97.906855][ T7576]  <TASK>
[   97.906864][ T7576]  __dump_stack+0x1d/0x30
[   97.906891][ T7576]  dump_stack_lvl+0xe8/0x140
[   97.906988][ T7576]  dump_stack+0x15/0x1b
[   97.907014][ T7576]  dump_header+0x81/0x220
[   97.907061][ T7576]  oom_kill_process+0x334/0x3f0
[   97.907100][ T7576]  out_of_memory+0x979/0xb80
[   97.907155][ T7576]  try_charge_memcg+0x5e6/0x9e0
[   97.907208][ T7576]  obj_cgroup_charge_pages+0xa6/0x150
[   97.907250][ T7576]  __memcg_kmem_charge_page+0x9f/0x170
[   97.907289][ T7576]  __alloc_frozen_pages_noprof+0x188/0x360
[   97.907397][ T7576]  alloc_pages_mpol+0xb3/0x250
[   97.907435][ T7576]  alloc_pages_noprof+0x90/0x130
[   97.907521][ T7576]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   97.907695][ T7576]  __kvmalloc_node_noprof+0x30f/0x4e0
[   97.907734][ T7576]  ? ip_set_alloc+0x1f/0x30
[   97.907775][ T7576]  ? ip_set_alloc+0x1f/0x30
[   97.907866][ T7576]  ? __kmalloc_cache_noprof+0x189/0x320
[   97.907906][ T7576]  ip_set_alloc+0x1f/0x30
[   97.908013][ T7576]  hash_netiface_create+0x282/0x740
[   97.908058][ T7576]  ? __pfx_hash_netiface_create+0x10/0x10
[   97.908102][ T7576]  ip_set_create+0x3c9/0x960
[   97.908158][ T7576]  ? __nla_parse+0x40/0x60
[   97.908205][ T7576]  nfnetlink_rcv_msg+0x4c3/0x590
[   97.908272][ T7576]  ? selinux_capable+0x1f9/0x270
[   97.908346][ T7576]  netlink_rcv_skb+0x120/0x220
[   97.908390][ T7576]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   97.908496][ T7576]  nfnetlink_rcv+0x16b/0x1690
[   97.908531][ T7576]  ? __kfree_skb+0x109/0x150
[   97.908572][ T7576]  ? nlmon_xmit+0x4f/0x60
[   97.908645][ T7576]  ? consume_skb+0x49/0x150
[   97.908728][ T7576]  ? nlmon_xmit+0x4f/0x60
[   97.908765][ T7576]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   97.908813][ T7576]  ? __dev_queue_xmit+0x11c0/0x1fb0
[   97.908857][ T7576]  ? __dev_queue_xmit+0x182/0x1fb0
[   97.908961][ T7576]  ? ref_tracker_free+0x37d/0x3e0
[   97.909012][ T7576]  ? __netlink_deliver_tap+0x4dc/0x500
[   97.909064][ T7576]  netlink_unicast+0x5a5/0x680
[   97.909128][ T7576]  netlink_sendmsg+0x58b/0x6b0
[   97.909156][ T7576]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.909217][ T7576]  __sock_sendmsg+0x145/0x180
[   97.909258][ T7576]  ____sys_sendmsg+0x31e/0x4e0
[   97.909387][ T7576]  ___sys_sendmsg+0x17b/0x1d0
[   97.909543][ T7576]  __x64_sys_sendmsg+0xd4/0x160
[   97.909593][ T7576]  x64_sys_call+0x2999/0x2fb0
[   97.909699][ T7576]  do_syscall_64+0xd2/0x200
[   97.909748][ T7576]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.909785][ T7576]  ? clear_bhb_loop+0x40/0x90
[   97.909853][ T7576]  ? clear_bhb_loop+0x40/0x90
[   97.909883][ T7576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.909914][ T7576] RIP: 0033:0x7f9bab26e929
[   97.909945][ T7576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.909971][ T7576] RSP: 002b:00007f9ba98d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   97.910013][ T7576] RAX: ffffffffffffffda RBX: 00007f9bab495fa0 RCX: 00007f9bab26e929
[   97.910026][ T7576] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[   97.910044][ T7576] RBP: 00007f9bab2f0ca1 R08: 0000000000000000 R09: 0000000000000000
[   97.910060][ T7576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   97.910129][ T7576] R13: 0000000000000000 R14: 00007f9bab495fa0 R15: 00007ffcf40e7fa8
[   97.910155][ T7576]  </TASK>
[   97.910164][ T7576] memory: usage 307200kB, limit 307200kB, failcnt 84
[   98.274020][ T7576] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[   98.281978][ T7576] kmem: usage 306984kB, limit 9007199254740988kB, failcnt 0
[   98.289414][ T7576] Memory cgroup stats for /syz5:
[   98.290255][ T7576] cache 8192
[   98.292914][ T7610] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1511'.
[   98.295232][ T7576] rss 192512
[   98.295242][ T7576] shmem 0
[   98.314181][ T7576] mapped_file 8192
[   98.318010][ T7576] dirty 0
[   98.321037][ T7576] writeback 0
[   98.324424][ T7576] workingset_refault_anon 1076
[   98.329271][ T7576] workingset_refault_file 0
[   98.333798][ T7576] swap 0
[   98.336696][ T7576] swapcached 0
[   98.340091][ T7576] pgpgin 30599
[   98.343477][ T7576] pgpgout 30549
[   98.347048][ T7576] pgfault 31935
[   98.350539][ T7576] pgmajfault 140
[   98.354124][ T7576] inactive_anon 192512
[   98.358250][ T7576] active_anon 0
[   98.361721][ T7576] inactive_file 0
[   98.365483][ T7576] active_file 12288
[   98.369464][ T7576] unevictable 0
[   98.372955][ T7576] hierarchical_memory_limit 314572800
[   98.378420][ T7576] hierarchical_memsw_limit 9223372036854771712
[   98.384606][ T7576] total_cache 8192
[   98.388571][ T7576] total_rss 192512
[   98.392312][ T7576] total_shmem 0
[   98.395837][ T7576] total_mapped_file 8192
[   98.400172][ T7576] total_dirty 0
[   98.403718][ T7576] total_writeback 0
[   98.407647][ T7576] total_workingset_refault_anon 1076
[   98.412980][ T7576] total_workingset_refault_file 0
[   98.418018][ T7576] total_swap 0
[   98.421398][ T7576] total_swapcached 0
[   98.425312][ T7576] total_pgpgin 30599
[   98.429237][ T7576] total_pgpgout 30549
[   98.433215][ T7576] total_pgfault 31935
[   98.437217][ T7576] total_pgmajfault 140
[   98.441331][ T7576] total_inactive_anon 192512
[   98.445977][ T7576] total_active_anon 0
[   98.449973][ T7576] total_inactive_file 0
[   98.454120][ T7576] total_active_file 12288
[   98.458510][ T7576] total_unevictable 0
[   98.462552][ T7576] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.1496,pid=7575,uid=0
[   98.477290][ T7576] Memory cgroup out of memory: Killed process 7576 (syz.5.1496) total-vm:95676kB, anon-rss:1072kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   98.496161][ T7612] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.544632][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.586545][ T7612] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.623928][   T29] audit: type=1400 audit(98.603:1464): avc:  denied  { write } for  pid=7622 comm="syz.9.1517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   98.648394][ T7612] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.673034][   T29] audit: type=1400 audit(354.654:1465): avc:  denied  { bind } for  pid=7625 comm="syz.9.1518" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   98.722016][ T7612] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.744213][ T7632] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[   98.768493][ T7576] syz.5.1496 (7576) used greatest stack depth: 7872 bytes left
[   98.785193][ T7612] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.797250][ T7612] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.809858][ T7612] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.828608][ T7612] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.841558][ T7643] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1525'.
[   98.866109][ T7640] netlink: 'syz.9.1524': attribute type 10 has an invalid length.
[   98.883416][ T7640] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1524'.
[   98.925062][ T7650] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1527'.
[   98.937682][   T29] audit: type=1400 audit(354.904:1466): avc:  denied  { bind } for  pid=7649 comm="syz.0.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   99.017205][   T29] audit: type=1400 audit(354.954:1467): avc:  denied  { create } for  pid=7649 comm="syz.0.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   99.036883][   T29] audit: type=1400 audit(354.964:1468): avc:  denied  { connect } for  pid=7649 comm="syz.0.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   99.133964][   T29] audit: type=1400 audit(355.104:1469): avc:  denied  { mount } for  pid=7669 comm="syz.9.1537" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   99.197393][   T29] audit: type=1400 audit(355.124:1470): avc:  denied  { name_bind } for  pid=7666 comm="syz.2.1536" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   99.197440][   T29] audit: type=1400 audit(355.144:1471): avc:  denied  { unmount } for  pid=5573 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   99.533280][ T7705] syzkaller1: entered promiscuous mode
[   99.538943][ T7705] syzkaller1: entered allmulticast mode
[   99.573425][ T7713] netlink: 'syz.1.1557': attribute type 10 has an invalid length.
[   99.581636][ T7713] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.588856][ T7713] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.605133][ T7713] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.612256][ T7713] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.619624][ T7713] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.626752][ T7713] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.637131][ T7717] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1557'.
[   99.649656][ T7713] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   99.663036][ T7717] bridge_slave_1: left allmulticast mode
[   99.668967][ T7717] bridge_slave_1: left promiscuous mode
[   99.674657][ T7717] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.697924][ T7717] bridge_slave_0: left allmulticast mode
[   99.703632][ T7717] bridge_slave_0: left promiscuous mode
[   99.709421][ T7717] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.731637][ T7717] bond0: (slave bridge0): Releasing backup interface
[   99.852325][ T7733] loop5: detected capacity change from 0 to 512
[   99.865803][ T7733] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[   99.885198][ T7733] EXT4-fs: error: could not find journal device path
[   99.933623][ T7739] loop9: detected capacity change from 0 to 256
[   99.966537][ T7739] FAT-fs (loop9): Directory bread(block 64) failed
[   99.980761][ T7739] FAT-fs (loop9): Directory bread(block 65) failed
[   99.989535][ T7739] FAT-fs (loop9): Directory bread(block 66) failed
[   99.997736][ T7739] FAT-fs (loop9): Directory bread(block 67) failed
[  100.004639][ T7739] FAT-fs (loop9): Directory bread(block 68) failed
[  100.017571][ T7739] FAT-fs (loop9): Directory bread(block 69) failed
[  100.026563][ T7739] FAT-fs (loop9): Directory bread(block 70) failed
[  100.033164][ T7739] FAT-fs (loop9): Directory bread(block 71) failed
[  100.043237][ T7739] FAT-fs (loop9): Directory bread(block 72) failed
[  100.052068][ T7739] FAT-fs (loop9): Directory bread(block 73) failed
[  100.098756][ T7739] syz.9.1568: attempt to access beyond end of device
[  100.098756][ T7739] loop9: rw=524288, sector=1736, nr_sectors = 32 limit=256
[  100.118142][ T7739] syz.9.1568: attempt to access beyond end of device
[  100.118142][ T7739] loop9: rw=0, sector=1736, nr_sectors = 8 limit=256
[  100.137838][ T7764] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  100.183506][ T7771] netlink: 60 bytes leftover after parsing attributes in process `syz.9.1578'.
[  100.240649][ T7779] loop9: detected capacity change from 0 to 512
[  100.250198][ T7779] EXT4-fs error (device loop9): ext4_orphan_get:1419: comm syz.9.1580: bad orphan inode 15
[  100.260587][ T7779] ext4_test_bit(bit=14, block=5) = 0
[  100.268665][ T7779] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.294023][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.314374][ T7788] batadv_slave_0: entered promiscuous mode
[  100.321877][ T7788] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1581'.
[  100.331542][ T7788] batadv_slave_0 (unregistering): left promiscuous mode
[  100.339891][ T7788] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.437223][ T7796] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1586'.
[  100.931366][ T7814] netlink: 'syz.0.1593': attribute type 10 has an invalid length.
[  100.941805][ T7814] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.949116][ T7814] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.969137][ T7814] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.976258][ T7814] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.983645][ T7814] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.990773][ T7814] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.013250][ T7819] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1593'.
[  101.029241][ T7814] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  101.057610][ T7819] bridge_slave_1: left allmulticast mode
[  101.063366][ T7819] bridge_slave_1: left promiscuous mode
[  101.069459][ T7819] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.086296][ T7819] bridge_slave_0: left allmulticast mode
[  101.092039][ T7819] bridge_slave_0: left promiscuous mode
[  101.097813][ T7819] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.148597][ T7819] bond0: (slave bridge0): Releasing backup interface
[  101.368540][ T7839] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[  101.630845][ T7860] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1614'.
[  102.379306][ T7881] loop9: detected capacity change from 0 to 512
[  102.397860][ T7881] EXT4-fs (loop9): 1 orphan inode deleted
[  102.403998][ T7881] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.417852][ T6520] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:26: Failed to release dquot type 1
[  102.439496][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.459516][ T7886] team0: Port device team_slave_0 removed
[  102.870326][   T29] kauditd_printk_skb: 51 callbacks suppressed
[  102.870346][   T29] audit: type=1400 audit(358.854:1522): avc:  denied  { read write } for  pid=7893 comm="syz.9.1628" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  102.900175][   T29] audit: type=1400 audit(358.854:1523): avc:  denied  { open } for  pid=7893 comm="syz.9.1628" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  102.977101][ T7903] loop2: detected capacity change from 0 to 1024
[  102.983937][ T7903] EXT4-fs: Ignoring removed nomblk_io_submit option
[  102.992060][   T29] audit: type=1400 audit(358.974:1524): avc:  denied  { write } for  pid=7904 comm="syz.9.1633" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  103.010619][   T29] audit: type=1400 audit(358.974:1525): avc:  denied  { tracepoint } for  pid=7904 comm="syz.9.1633" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  103.052121][ T7911] netlink: 'syz.5.1635': attribute type 1 has an invalid length.
[  103.062769][ T7903] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.116146][   T29] audit: type=1400 audit(359.074:1526): avc:  denied  { lock } for  pid=7902 comm="syz.2.1631" path="/53/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  103.162953][ T7925] loop9: detected capacity change from 0 to 512
[  103.171360][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.193246][ T7925] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.211514][   T29] audit: type=1400 audit(359.194:1527): avc:  denied  { write } for  pid=7928 comm="syz.2.1640" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  103.244309][   T29] audit: type=1400 audit(359.224:1528): avc:  denied  { map } for  pid=7928 comm="syz.2.1640" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  103.245067][ T7929] vhci_hcd: invalid port number 96
[  103.273672][ T7929] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[  103.310035][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.367555][ T7941] SELinux: failed to load policy
[  103.367599][   T29] audit: type=1400 audit(359.354:1529): avc:  denied  { load_policy } for  pid=7936 comm="syz.9.1643" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  103.401580][ T7934] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  103.409813][ T7945] loop2: detected capacity change from 0 to 1024
[  103.424299][ T7943] bridge0: port 3(syz_tun) entered blocking state
[  103.431677][ T7943] bridge0: port 3(syz_tun) entered disabled state
[  103.442310][ T7943] syz_tun: entered allmulticast mode
[  103.448792][ T7943] syz_tun: entered promiscuous mode
[  103.454281][ T7943] bridge0: port 3(syz_tun) entered blocking state
[  103.460929][ T7943] bridge0: port 3(syz_tun) entered forwarding state
[  103.471243][ T7945] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.488101][   T29] audit: type=1400 audit(359.454:1530): avc:  denied  { append } for  pid=7947 comm="syz.0.1650" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  103.497287][ T7945] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  103.564769][ T7957] loop9: detected capacity change from 0 to 1024
[  103.571727][ T7957] EXT4-fs: Ignoring removed nomblk_io_submit option
[  103.590076][ T7957] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.633211][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.645159][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.824355][   T29] audit: type=1400 audit(359.804:1531): avc:  denied  { setopt } for  pid=7979 comm="syz.1.1660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  104.091722][ T7993] loop5: detected capacity change from 0 to 1024
[  104.109681][ T7993] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.143199][ T7993] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  104.200995][ T6874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.281200][ T8012] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  104.309883][ T8013] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1675'.
[  104.597056][ T8068] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1703'.
[  104.606278][ T8069] netlink: 14593 bytes leftover after parsing attributes in process `syz.0.1701'.
[  104.683374][ T8075] loop2: detected capacity change from 0 to 4096
[  104.694672][ T8075] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.727774][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.806320][ T8095] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1715'.
[  104.815736][ T8095] netlink: 'syz.9.1715': attribute type 1 has an invalid length.
[  104.850039][ T8100] loop9: detected capacity change from 0 to 512
[  104.856888][ T8100] EXT4-fs: Ignoring removed nomblk_io_submit option
[  104.863570][ T8100] ext4: Unknown parameter 'noacl'
[  104.893137][ T8105] loop9: detected capacity change from 0 to 512
[  104.900363][ T8105] EXT4-fs: Ignoring removed mblk_io_submit option
[  104.907515][ T8105] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  104.919252][ T8105] EXT4-fs (loop9): 1 truncate cleaned up
[  104.925250][ T8105] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.974356][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.983592][ T8109] loop5: detected capacity change from 0 to 1024
[  104.998437][ T8109] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.027364][ T6874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.141898][ T8131] netlink: 40107 bytes leftover after parsing attributes in process `syz.9.1729'.
[  105.165879][ T8129] Falling back ldisc for ttyS3.
[  105.171940][ T8133] loop9: detected capacity change from 0 to 1024
[  105.180319][ T8133] EXT4-fs: Ignoring removed nobh option
[  105.186039][ T8133] EXT4-fs: Ignoring removed bh option
[  105.208659][ T8133] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.234910][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.647906][ T8165] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1744'.
[  105.799664][ T8184] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1753'.
[  105.813952][ T8187] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1750'.
[  106.080548][ T8222] SELinux: failed to load policy
[  106.088972][ T8226] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1773'.
[  106.098170][ T8226] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1773'.
[  106.107175][ T8226] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1773'.
[  106.119243][ T8226] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1773'.
[  106.128330][ T8226] netlink: 'syz.0.1773': attribute type 6 has an invalid length.
[  106.273732][ T8251] netlink: 240 bytes leftover after parsing attributes in process `syz.2.1785'.
[  106.282881][ T8251] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1785'.
[  106.319345][ T8255] program syz.2.1787 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  106.708468][ T8286] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  106.761066][ T8293] netlink: 332 bytes leftover after parsing attributes in process `syz.9.1804'.
[  106.823534][ T8300] netlink: 'syz.9.1808': attribute type 1 has an invalid length.
[  106.947657][ T8312] netem: unknown loss type 0
[  106.952381][ T8312] netem: change failed
[  106.957521][ T8295] netlink: 'syz.1.1805': attribute type 1 has an invalid length.
[  107.142545][ T8338] serio: Serial port ptm0
[  107.989984][   T29] kauditd_printk_skb: 278 callbacks suppressed
[  107.989999][   T29] audit: type=1400 audit(363.974:1810): avc:  denied  { name_connect } for  pid=8362 comm="syz.1.1832" dest=19999 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  107.998222][ T8363] syz_tun: entered allmulticast mode
[  108.053668][ T8363] syz_tun: left allmulticast mode
[  108.072446][   T29] audit: type=1400 audit(364.054:1811): avc:  denied  { ioctl } for  pid=8371 comm="syz.5.1837" path="socket:[24047]" dev="sockfs" ino=24047 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  108.097174][   T29] audit: type=1400 audit(364.054:1812): avc:  denied  { bind } for  pid=8371 comm="syz.5.1837" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  108.116039][   T29] audit: type=1400 audit(364.054:1813): avc:  denied  { read } for  pid=8371 comm="syz.5.1837" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  108.147202][   T29] audit: type=1400 audit(364.134:1814): avc:  denied  { write } for  pid=8371 comm="syz.5.1837" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  108.169792][   T29] audit: type=1400 audit(364.134:1815): avc:  denied  { sys_module } for  pid=8373 comm="syz.2.1838" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  108.190439][   T29] audit: type=1326 audit(364.134:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8377 comm="syz.0.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807d82e929 code=0x7ffc0000
[  108.213413][   T29] audit: type=1326 audit(364.134:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8377 comm="syz.0.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807d82e929 code=0x7ffc0000
[  108.237304][   T29] audit: type=1326 audit(364.154:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8377 comm="syz.0.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f807d82e929 code=0x7ffc0000
[  108.260356][   T29] audit: type=1326 audit(364.154:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8377 comm="syz.0.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807d82e929 code=0x7ffc0000
[  108.480470][ T8404] bond0: entered promiscuous mode
[  108.486257][ T8404] bond_slave_0: entered promiscuous mode
[  108.492002][ T8404] bond_slave_1: entered promiscuous mode
[  108.704532][ T8434] 9p: Unknown access argument �: -22
[  108.864988][ T8446] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  108.874965][ T8446] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.928166][ T8446] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  108.938123][ T8446] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.976593][ T8453] xt_hashlimit: max too large, truncated to 1048576
[  109.007694][ T8446] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  109.017625][ T8446] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.078412][ T8446] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  109.088405][ T8446] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.511722][ T8446] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  109.520746][ T8446] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.533948][ T8446] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  109.542334][ T8446] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.569388][ T8446] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  109.577763][ T8446] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.600160][ T8446] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  109.608574][ T8446] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.647376][ T8520] loop9: detected capacity change from 0 to 7
[  109.675188][ T8520]  loop9:
[  109.872351][ T8534] loop9: detected capacity change from 0 to 8192
[  109.881277][ T8534] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  110.283251][ T8588] tipc: Failed to remove unknown binding: 66,1,1/0:1934771872/1934771874
[  110.291907][ T8588] tipc: Failed to remove unknown binding: 66,1,1/0:1934771872/1934771874
[  110.333545][ T8593] netlink: 'syz.2.1933': attribute type 4 has an invalid length.
[  110.551517][ T8619] tipc: Failed to remove unknown binding: 66,1,1/0:4693739/4693741
[  110.559639][ T8619] tipc: Failed to remove unknown binding: 66,1,1/0:4693739/4693741
[  110.678110][ T8640] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  110.688736][ T8640] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.737076][ T8640] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  110.747670][ T8640] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.797277][ T8640] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  110.807773][ T8640] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.847551][ T8640] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  110.857499][ T8640] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.173924][ T8661] __nla_validate_parse: 17 callbacks suppressed
[  111.173945][ T8661] netlink: 16402 bytes leftover after parsing attributes in process `syz.9.1963'.
[  111.190187][ T8660] netlink: 16402 bytes leftover after parsing attributes in process `syz.9.1963'.
[  111.470163][ T8688] netlink: 'syz.9.1976': attribute type 1 has an invalid length.
[  111.478049][ T8688] netlink: 199820 bytes leftover after parsing attributes in process `syz.9.1976'.
[  111.531373][ T8694] Cannot find del_set index 4 as target
[  111.561605][ T8698] loop2: detected capacity change from 0 to 512
[  111.569003][ T8698] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  111.578432][ T8698] EXT4-fs (loop2): orphan cleanup on readonly fs
[  111.595143][ T8698] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1980: bg 0: block 248: padding at end of block bitmap is not set
[  111.621445][ T8698] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1980: Failed to acquire dquot type 1
[  111.636528][ T8698] EXT4-fs (loop2): 1 truncate cleaned up
[  111.642929][ T8698] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  111.711182][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.743388][ T8712] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1987'.
[  111.992877][ T8740] loop5: detected capacity change from 0 to 128
[  112.121323][ T8765] atomic_op ffff88810c102128 conn xmit_atomic 0000000000000000
[  112.136685][ T8761] loop2: detected capacity change from 0 to 1024
[  112.143771][ T8761] EXT4-fs: Ignoring removed nobh option
[  112.180853][ T8761] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.213752][ T8761] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.2007: Allocating blocks 385-513 which overlap fs metadata
[  112.252241][ T8761] EXT4-fs (loop2): pa ffff888106a5d310: logic 16, phys. 129, len 24
[  112.261026][ T8761] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  112.293319][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.408474][ T8791] loop9: detected capacity change from 0 to 512
[  112.415230][ T8791] EXT4-fs: Ignoring removed nomblk_io_submit option
[  112.423691][ T8791] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  112.439330][ T8791] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.457281][ T8791] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  112.468206][ T8791] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  112.499758][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.515555][ T3408] kernel read not supported for file /vga_arbiter (pid: 3408 comm: kworker/0:4)
[  113.827005][ T8640] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  113.835256][ T8640] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.939703][ T8640] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  113.948083][ T8640] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.997531][ T8640] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  114.005924][ T8640] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.022166][ T8640] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  114.030513][ T8640] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.050268][ T8852] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2047'.
[  114.066865][   T29] kauditd_printk_skb: 177 callbacks suppressed
[  114.066880][   T29] audit: type=1400 audit(370.054:1995): avc:  denied  { unmount } for  pid=3307 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  114.112221][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[  114.120007][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[  114.130056][   T29] audit: type=1400 audit(370.094:1996): avc:  denied  { read write } for  pid=8862 comm="syz.1.2050" name="uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  114.153063][   T29] audit: type=1400 audit(370.094:1997): avc:  denied  { open } for  pid=8862 comm="syz.1.2050" path="/dev/uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  114.182074][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.189830][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.197625][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.205300][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.213000][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.220885][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.228601][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.236322][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.244044][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.251771][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.259463][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.267220][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.274919][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.282657][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  114.306277][   T29] audit: type=1400 audit(370.274:1998): avc:  denied  { write } for  pid=8871 comm="syz.2.2055" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  114.335378][   T36] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  114.361433][ T8878] netlink: 'syz.0.2057': attribute type 1 has an invalid length.
[  114.399148][   T29] audit: type=1400 audit(370.384:1999): avc:  denied  { connect } for  pid=8885 comm="syz.5.2060" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  114.414845][ T8878] bond1: (slave gretap1): making interface the new active one
[  114.428388][ T8878] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  114.437173][   T29] audit: type=1400 audit(370.384:2000): avc:  denied  { read } for  pid=8885 comm="syz.5.2060" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  114.480583][   T29] audit: type=1400 audit(370.464:2001): avc:  denied  { ioctl } for  pid=8886 comm="syz.1.2061" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  114.547752][   T29] audit: type=1326 audit(370.534:2002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8897 comm="syz.9.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc6389e929 code=0x7ffc0000
[  114.571441][   T29] audit: type=1326 audit(370.534:2003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8897 comm="syz.9.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc6389e929 code=0x7ffc0000
[  114.602347][ T8901] loop2: detected capacity change from 0 to 1024
[  114.609568][ T8901] EXT4-fs: Ignoring removed orlov option
[  114.618173][   T29] audit: type=1326 audit(370.604:2004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8897 comm="syz.9.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efc6389e929 code=0x7ffc0000
[  114.660225][ T8901] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.680859][ T8909] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2070'.
[  114.766729][ T8916] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.803466][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.839307][ T8916] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.861910][ T8930] loop2: detected capacity change from 0 to 164
[  114.871655][ T8930] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  114.892018][ T8930] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  114.901475][ T8930] rock: directory entry would overflow storage
[  114.907711][ T8930] rock: sig=0x4f50, size=4, remaining=3
[  114.913332][ T8930] iso9660: Corrupted directory entry in block 4 of inode 1792
[  114.929547][ T8916] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.977865][ T8940] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2084'.
[  114.987098][ T8940] netlink: 'syz.0.2084': attribute type 7 has an invalid length.
[  114.994937][ T8940] netlink: 'syz.0.2084': attribute type 8 has an invalid length.
[  115.002773][ T8940] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2084'.
[  115.029099][ T8916] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.049550][ T8947] tipc: Started in network mode
[  115.054575][ T8947] tipc: Node identity 7f000001, cluster identity 4711
[  115.065058][ T8947] tipc: Enabled bearer <udp:syz2>, priority 10
[  115.118989][ T8916] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.153659][ T8916] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.182945][ T8916] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.212909][ T8916] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.283097][ T8972] SELinux:  Context system_u:object_r:ldconfig_cache_t:s0 is not valid (left unmapped).
[  115.406538][ T8979] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2100'.
[  115.426880][ T8974] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2100'.
[  115.605780][ T8998] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8998 comm=syz.2.2111
[  115.618345][ T8998] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8998 comm=syz.2.2111
[  115.691748][ T9008] loop2: detected capacity change from 0 to 164
[  115.718838][ T9008] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  115.737871][ T9008] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  115.758184][ T9008] Symlink component flag not implemented
[  115.763879][ T9008] Symlink component flag not implemented
[  115.780263][ T9008] Symlink component flag not implemented (7)
[  115.786395][ T9008] Symlink component flag not implemented (116)
[  115.793152][ T9017] SELinux:  policydb magic number 0x6d656d6b does not match expected magic number 0xf97cff8c
[  115.814138][ T9017] SELinux: failed to load policy
[  115.969280][ T9025] loop5: detected capacity change from 0 to 4096
[  116.011372][ T9025] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.026790][ T9024] loop2: detected capacity change from 0 to 8192
[  116.137088][ T9051] loop2: detected capacity change from 0 to 2048
[  116.151000][ T6874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.179867][ T9051] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.192257][   T23] tipc: Node number set to 2130706433
[  116.221348][ T9058] loop5: detected capacity change from 0 to 512
[  116.243526][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.268619][ T9058] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  116.285402][ T9058] EXT4-fs (loop5): mount failed
[  116.347038][ T9070] loop2: detected capacity change from 0 to 512
[  116.365352][ T9074] __nla_validate_parse: 2 callbacks suppressed
[  116.365365][ T9074] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2141'.
[  116.382130][ T9070] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  116.392487][ T9070] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.2139: invalid indirect mapped block 2683928664 (level 1)
[  116.430641][ T9070] EXT4-fs (loop2): Remounting filesystem read-only
[  116.438751][ T9070] EXT4-fs (loop2): 1 truncate cleaned up
[  116.444825][ T9070] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.490362][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.541081][ T9094] ALSA: seq fatal error: cannot create timer (-22)
[  116.608461][ T9105] IPVS: Error connecting to the multicast addr
[  116.740696][ T9123] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2164'.
[  116.851164][ T9143] 9pnet: p9_errstr2errno: server reported unknown error ��p��A���
��;��
[  116.918266][ T9151] program syz.2.2178 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  117.018122][ T9167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2186'.
[  117.027208][ T9167] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2186'.
[  117.036457][ T9167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2186'.
[  117.045616][ T9167] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2186'.
[  117.072064][ T9171] ALSA: seq fatal error: cannot create timer (-22)
[  117.392449][ T9195] loop5: detected capacity change from 0 to 512
[  117.409186][ T9195] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  117.433878][ T9195] EXT4-fs (loop5): 1 truncate cleaned up
[  117.440397][ T9195] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.488932][ T6874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.625127][ T9210] loop5: detected capacity change from 0 to 512
[  117.649969][ T9210] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  117.683645][ T9210] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.2205: invalid indirect mapped block 2683928664 (level 1)
[  117.702674][ T9210] EXT4-fs (loop5): Remounting filesystem read-only
[  117.719971][ T9210] EXT4-fs (loop5): 1 truncate cleaned up
[  117.727029][ T9210] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.759646][ T6874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.799993][ T9219] syzkaller0: entered promiscuous mode
[  117.805752][ T9219] syzkaller0: entered allmulticast mode
[  117.855354][ T9223] loop9: detected capacity change from 0 to 512
[  117.879700][ T9223] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.918546][ T9223] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2211'.
[  117.954397][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.973278][ T9233] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  117.983481][ T9233] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  118.019436][ T9187] syz.2.2195 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  118.034340][ T9187] CPU: 0 UID: 0 PID: 9187 Comm: syz.2.2195 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  118.034414][ T9187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.034426][ T9187] Call Trace:
[  118.034432][ T9187]  <TASK>
[  118.034438][ T9187]  __dump_stack+0x1d/0x30
[  118.034482][ T9187]  dump_stack_lvl+0xe8/0x140
[  118.034508][ T9187]  dump_stack+0x15/0x1b
[  118.034568][ T9187]  dump_header+0x81/0x220
[  118.034609][ T9187]  oom_kill_process+0x334/0x3f0
[  118.034642][ T9187]  out_of_memory+0x979/0xb80
[  118.034680][ T9187]  try_charge_memcg+0x5e6/0x9e0
[  118.034791][ T9187]  obj_cgroup_charge_pages+0xa6/0x150
[  118.034838][ T9187]  __memcg_kmem_charge_page+0x9f/0x170
[  118.034914][ T9187]  __alloc_frozen_pages_noprof+0x188/0x360
[  118.034952][ T9187]  alloc_pages_mpol+0xb3/0x250
[  118.035032][ T9187]  alloc_pages_noprof+0x90/0x130
[  118.035060][ T9187]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  118.035131][ T9187]  __kvmalloc_node_noprof+0x30f/0x4e0
[  118.035167][ T9187]  ? ip_set_alloc+0x1f/0x30
[  118.035240][ T9187]  ? ip_set_alloc+0x1f/0x30
[  118.035279][ T9187]  ip_set_alloc+0x1f/0x30
[  118.035312][ T9187]  hash_netiface_create+0x282/0x740
[  118.035358][ T9187]  ? __pfx_hash_netiface_create+0x10/0x10
[  118.035487][ T9187]  ip_set_create+0x3c9/0x960
[  118.035542][ T9187]  ? __nla_parse+0x40/0x60
[  118.035627][ T9187]  nfnetlink_rcv_msg+0x4c3/0x590
[  118.035698][ T9187]  ? selinux_capable+0x1f9/0x270
[  118.035735][ T9187]  netlink_rcv_skb+0x120/0x220
[  118.035767][ T9187]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  118.035823][ T9187]  nfnetlink_rcv+0x16b/0x1690
[  118.035848][ T9187]  ? __kfree_skb+0x109/0x150
[  118.035885][ T9187]  ? nlmon_xmit+0x4f/0x60
[  118.035909][ T9187]  ? consume_skb+0x49/0x150
[  118.036000][ T9187]  ? nlmon_xmit+0x4f/0x60
[  118.036023][ T9187]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  118.036068][ T9187]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  118.036108][ T9187]  ? __dev_queue_xmit+0x182/0x1fb0
[  118.036235][ T9187]  ? ref_tracker_free+0x37d/0x3e0
[  118.036274][ T9187]  ? __netlink_deliver_tap+0x4dc/0x500
[  118.036328][ T9187]  netlink_unicast+0x5a5/0x680
[  118.036435][ T9187]  netlink_sendmsg+0x58b/0x6b0
[  118.036526][ T9187]  ? __pfx_netlink_sendmsg+0x10/0x10
[  118.036600][ T9187]  __sock_sendmsg+0x145/0x180
[  118.036625][ T9187]  ____sys_sendmsg+0x31e/0x4e0
[  118.036680][ T9187]  ___sys_sendmsg+0x17b/0x1d0
[  118.036783][ T9187]  __x64_sys_sendmsg+0xd4/0x160
[  118.036831][ T9187]  x64_sys_call+0x2999/0x2fb0
[  118.036859][ T9187]  do_syscall_64+0xd2/0x200
[  118.036934][ T9187]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.036967][ T9187]  ? clear_bhb_loop+0x40/0x90
[  118.037034][ T9187]  ? clear_bhb_loop+0x40/0x90
[  118.037056][ T9187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.037079][ T9187] RIP: 0033:0x7f0b7f1be929
[  118.037170][ T9187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.037192][ T9187] RSP: 002b:00007f0b7d81f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  118.037214][ T9187] RAX: ffffffffffffffda RBX: 00007f0b7f3e5fa0 RCX: 00007f0b7f1be929
[  118.037229][ T9187] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000005
[  118.037243][ T9187] RBP: 00007f0b7f240ca1 R08: 0000000000000000 R09: 0000000000000000
[  118.037256][ T9187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  118.037340][ T9187] R13: 0000000000000000 R14: 00007f0b7f3e5fa0 R15: 00007ffc8e0e3b48
[  118.037421][ T9187]  </TASK>
[  118.378087][ T9187] memory: usage 307200kB, limit 307200kB, failcnt 144
[  118.384908][ T9187] memory+swap: usage 307376kB, limit 9007199254740988kB, failcnt 0
[  118.392984][ T9187] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  118.400389][ T9187] Memory cgroup stats for /syz2:
[  118.402990][ T9187] cache 0
[  118.411675][ T9187] rss 4096
[  118.414779][ T9187] shmem 0
[  118.417879][ T9187] mapped_file 0
[  118.421448][ T9187] dirty 0
[  118.424415][ T9187] writeback 0
[  118.427748][ T9187] workingset_refault_anon 1569
[  118.432588][ T9187] workingset_refault_file 0
[  118.437813][ T9187] swap 180224
[  118.441334][ T9187] swapcached 12288
[  118.445271][ T9187] pgpgin 68163
[  118.448857][ T9187] pgpgout 68159
[  118.452348][ T9187] pgfault 90243
[  118.455874][ T9187] pgmajfault 207
[  118.459471][ T9187] inactive_anon 4096
[  118.463430][ T9187] active_anon 8192
[  118.467982][ T9187] inactive_file 0
[  118.471656][ T9187] active_file 4096
[  118.475625][ T9187] unevictable 0
[  118.479307][ T9187] hierarchical_memory_limit 314572800
[  118.484773][ T9187] hierarchical_memsw_limit 9223372036854771712
[  118.490978][ T9187] total_cache 0
[  118.494458][ T9187] total_rss 4096
[  118.498647][ T9187] total_shmem 0
[  118.502133][ T9187] total_mapped_file 0
[  118.506167][ T9187] total_dirty 0
[  118.509642][ T9187] total_writeback 0
[  118.513464][ T9187] total_workingset_refault_anon 1569
[  118.518802][ T9187] total_workingset_refault_file 0
[  118.523923][ T9187] total_swap 180224
[  118.528551][ T9187] total_swapcached 12288
[  118.532824][ T9187] total_pgpgin 68163
[  118.536776][ T9187] total_pgpgout 68159
[  118.540895][ T9187] total_pgfault 90243
[  118.545036][ T9187] total_pgmajfault 207
[  118.549225][ T9187] total_inactive_anon 4096
[  118.553675][ T9187] total_active_anon 8192
[  118.558473][ T9187] total_inactive_file 0
[  118.562636][ T9187] total_active_file 4096
[  118.567004][ T9187] total_unevictable 0
[  118.570981][ T9187] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2195,pid=9186,uid=0
[  118.586218][ T9187] Memory cgroup out of memory: Killed process 9186 (syz.2.2195) total-vm:93628kB, anon-rss:1072kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  118.664096][ T9248] netlink: 44 bytes leftover after parsing attributes in process `syz.9.2221'.
[  118.743411][ T9253] loop5: detected capacity change from 0 to 128
[  118.761143][ T9253] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  118.769202][ T9253] FAT-fs (loop5): Filesystem has been set read-only
[  118.786247][ T9253] syz.5.2224: attempt to access beyond end of device
[  118.786247][ T9253] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  118.800168][ T9253] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  118.808103][ T9253] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  118.816282][ T9253] syz.5.2224: attempt to access beyond end of device
[  118.816282][ T9253] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  118.837596][ T9254] loop9: detected capacity change from 0 to 8192
[  118.844471][ T9253] syz.5.2224: attempt to access beyond end of device
[  118.844471][ T9253] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  118.858077][ T9253] syz.5.2224: attempt to access beyond end of device
[  118.858077][ T9253] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  118.871898][ T9253] syz.5.2224: attempt to access beyond end of device
[  118.871898][ T9253] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  118.885473][ T9253] syz.5.2224: attempt to access beyond end of device
[  118.885473][ T9253] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  118.899255][ T9253] syz.5.2224: attempt to access beyond end of device
[  118.899255][ T9253] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  118.912859][ T9253] syz.5.2224: attempt to access beyond end of device
[  118.912859][ T9253] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  118.926617][ T9253] syz.5.2224: attempt to access beyond end of device
[  118.926617][ T9253] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  118.940454][ T9253] syz.5.2224: attempt to access beyond end of device
[  118.940454][ T9253] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  119.104340][ T9264] @: renamed from vlan0 (while UP)
[  119.109692][   T29] kauditd_printk_skb: 192 callbacks suppressed
[  119.109704][   T29] audit: type=1400 audit(375.084:2196): avc:  denied  { ioctl } for  pid=9263 comm="syz.0.2229" path="socket:[26999]" dev="sockfs" ino=26999 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  119.141005][ T9187] syz.2.2195 (9187) used greatest stack depth: 6840 bytes left
[  119.212323][   T29] audit: type=1326 audit(375.194:2197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9273 comm="syz.2.2232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7f1be929 code=0x7ffc0000
[  119.257072][   T29] audit: type=1326 audit(375.194:2198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9273 comm="syz.2.2232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7f1be929 code=0x7ffc0000
[  119.280764][   T29] audit: type=1326 audit(375.224:2199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9273 comm="syz.2.2232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f0b7f1be929 code=0x7ffc0000
[  119.303509][   T29] audit: type=1326 audit(375.224:2200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9273 comm="syz.2.2232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7f1be929 code=0x7ffc0000
[  119.327087][   T29] audit: type=1326 audit(375.224:2201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9273 comm="syz.2.2232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7f1be929 code=0x7ffc0000
[  119.360097][ T9280] netlink: 'syz.9.2234': attribute type 1 has an invalid length.
[  119.368020][ T9280] netlink: 'syz.9.2234': attribute type 4 has an invalid length.
[  119.375881][ T9280] netlink: 9462 bytes leftover after parsing attributes in process `syz.9.2234'.
[  119.472531][ T9291] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2240'.
[  119.476636][   T29] audit: type=1400 audit(375.454:2202): avc:  denied  { append } for  pid=9287 comm="syz.0.2238" name="qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  119.497315][ T9291] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  119.563624][   T29] audit: type=1400 audit(375.534:2203): avc:  denied  { bind } for  pid=9292 comm="syz.0.2241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  119.583274][   T29] audit: type=1400 audit(375.534:2204): avc:  denied  { name_bind } for  pid=9292 comm="syz.0.2241" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  119.603709][   T29] audit: type=1400 audit(375.534:2205): avc:  denied  { node_bind } for  pid=9292 comm="syz.0.2241" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  119.777232][ T9320] loop2: detected capacity change from 0 to 512
[  119.822321][ T9320] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.843725][ T9330] loop9: detected capacity change from 0 to 512
[  119.852284][ T9320] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm syz.2.2251: corrupted inode contents
[  119.867215][ T9320] EXT4-fs (loop2): Remounting filesystem read-only
[  119.874190][ T9320] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -30)
[  119.897284][ T9330] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  119.918483][ T9339] syzkaller0: entered promiscuous mode
[  119.924073][ T9339] syzkaller0: entered allmulticast mode
[  119.934843][ T9330] EXT4-fs (loop9): mount failed
[  119.960222][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.034425][ T9349] syzkaller0: entered promiscuous mode
[  120.040132][ T9349] syzkaller0: entered allmulticast mode
[  120.058289][ T9349] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 65487
[  120.156747][ T9364] loop5: detected capacity change from 0 to 128
[  120.223495][ T9364] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  120.232114][ T9364] FAT-fs (loop5): Filesystem has been set read-only
[  120.257217][ T9364] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  120.265175][ T9364] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  120.593939][ T9429] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  120.603915][ T9429] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.661752][ T9429] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  120.671707][ T9429] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.778046][ T9429] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  120.788123][ T9429] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.804251][ T9443] loop2: detected capacity change from 0 to 1024
[  120.829197][ T9443] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.856450][ T9429] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  120.866407][ T9429] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.897154][ T9443] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.2305: Allocating blocks 481-513 which overlap fs metadata
[  120.940280][ T9443] EXT4-fs (loop2): pa ffff8881069be930: logic 352, phys. 465, len 3
[  120.948480][ T9443] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  120.974594][ T9429] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  120.983628][ T9429] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.997439][ T9429] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  121.005713][ T9429] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.020054][ T9429] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  121.028488][ T9429] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.041347][ T9429] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  121.049766][ T9429] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.092756][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.703104][ T9481] loop9: detected capacity change from 0 to 1024
[  121.771281][ T9481] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.860706][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.931074][ T9493] lo speed is unknown, defaulting to 1000
[  121.953861][ T9495] loop5: detected capacity change from 0 to 1024
[  121.974516][ T9493] lo speed is unknown, defaulting to 1000
[  121.993644][ T9493] lo speed is unknown, defaulting to 1000
[  122.014134][ T9500] __nla_validate_parse: 1 callbacks suppressed
[  122.014148][ T9500] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2330'.
[  122.015233][ T9495] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.031118][ T9500] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2330'.
[  122.044222][ T9493] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  122.096378][ T9493] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  122.118773][ T9495] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.2327: Allocating blocks 481-513 which overlap fs metadata
[  122.143171][ T9493] lo speed is unknown, defaulting to 1000
[  122.143729][ T9508] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2332'.
[  122.160576][ T9493] lo speed is unknown, defaulting to 1000
[  122.163615][ T9508] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2332'.
[  122.181058][ T9508] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2332'.
[  122.193516][ T9493] lo speed is unknown, defaulting to 1000
[  122.199860][ T9493] lo speed is unknown, defaulting to 1000
[  122.201065][ T9508] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2332'.
[  122.217842][ T9493] lo speed is unknown, defaulting to 1000
[  122.224441][ T9493] lo speed is unknown, defaulting to 1000
[  122.228043][ T9495] EXT4-fs (loop5): pa ffff8881069be9a0: logic 352, phys. 465, len 3
[  122.238314][ T9495] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  122.311569][ T6874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.426082][ T9527] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  122.433369][ T9532] loop9: detected capacity change from 0 to 1024
[  122.440276][ T1032] IPVS: starting estimator thread 0...
[  122.447427][ T9532] EXT4-fs: Ignoring removed oldalloc option
[  122.458718][ T9532] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.492013][ T9540] Cannot find add_set index 0 as target
[  122.509320][ T9542] loop5: detected capacity change from 0 to 256
[  122.516644][ T9542] FAT-fs (loop5): bogus number of FAT sectors
[  122.522788][ T9542] FAT-fs (loop5): Can't find a valid FAT filesystem
[  122.536523][ T9534] IPVS: using max 2448 ests per chain, 122400 per kthread
[  122.600624][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.837873][ T9577] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  122.844471][ T9577] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  122.852174][ T9577] vhci_hcd vhci_hcd.0: Device attached
[  122.863545][ T9577] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.872854][ T9577] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.874962][ T9583] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2364'.
[  122.956859][ T9590] loop9: detected capacity change from 0 to 1024
[  122.981478][ T9590] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.009960][ T9590] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4113: comm syz.9.2367: Allocating blocks 497-513 which overlap fs metadata
[  123.024956][ T9590] EXT4-fs (loop9): pa ffff8881069bea10: logic 256, phys. 369, len 9
[  123.033133][ T9590] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  123.058853][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.082959][ T9578] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 0
[  123.090523][ T6511] vhci_hcd: stop threads
[  123.094807][ T6511] vhci_hcd: release socket
[  123.099400][ T6511] vhci_hcd: disconnect device
[  123.115657][ T3409] usb 1-1: new low-speed USB device number 2 using vhci_hcd
[  123.131592][ T9612] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  123.131760][ T9611] IPVS: stopping master sync thread 9612 ...
[  123.148343][ T3409] usb 1-1: enqueue for inactive port 0
[  123.159188][ T3409] usb 1-1: enqueue for inactive port 0
[  123.164884][ T9613] loop9: detected capacity change from 0 to 1024
[  123.172895][ T3409] usb 1-1: enqueue for inactive port 0
[  123.177473][ T9613] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.207902][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.246010][ T3409] vhci_hcd: vhci_device speed not set
[  123.666454][ T9627] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2383'.
[  123.675484][ T9627] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2383'.
[  123.716660][ T9631] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2385'.
[  123.728861][ T9631] erspan0: entered promiscuous mode
[  123.734155][ T9631] macvtap1: entered promiscuous mode
[  123.739751][ T9631] macvtap1: entered allmulticast mode
[  123.745157][ T9631] erspan0: entered allmulticast mode
[  123.754997][ T9631] erspan0: left allmulticast mode
[  123.760237][ T9631] erspan0: left promiscuous mode
[  123.830391][ T9637] siw: device registration error -23
[  124.164633][ T9661] loop9: detected capacity change from 0 to 1024
[  124.187178][ T9661] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.201635][   T29] kauditd_printk_skb: 212 callbacks suppressed
[  124.201650][   T29] audit: type=1400 audit(380.184:2417): avc:  denied  { setattr } for  pid=9659 comm="syz.9.2399" name="file1" dev="loop9" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  124.243222][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.344165][   T29] audit: type=1400 audit(380.324:2418): avc:  denied  { execute } for  pid=9678 comm="syz.2.2407" name="mnt" dev="tmpfs" ino=1179 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  124.366006][   T29] audit: type=1400 audit(380.324:2419): avc:  denied  { execute_no_trans } for  pid=9678 comm="syz.2.2407" path="/225/mnt" dev="tmpfs" ino=1179 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  124.410607][ T9682] Cannot find add_set index 0 as target
[  124.451477][   T29] audit: type=1400 audit(380.434:2420): avc:  denied  { name_bind } for  pid=9687 comm="syz.5.2411" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  124.481133][ T9690] loop5: detected capacity change from 0 to 1764
[  124.496314][   T29] audit: type=1400 audit(380.474:2421): avc:  denied  { mount } for  pid=9689 comm="syz.5.2412" name="/" dev="loop5" ino=1920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  124.518456][   T29] audit: type=1400 audit(380.494:2422): avc:  denied  { unmount } for  pid=6874 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  124.574844][ T9696] loop5: detected capacity change from 0 to 128
[  124.581356][   T29] audit: type=1400 audit(380.554:2423): avc:  denied  { tracepoint } for  pid=9693 comm="syz.9.2414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  124.601684][ T9696] EXT4-fs: Ignoring removed nobh option
[  124.609056][ T9696] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  124.610451][ T9695] kernel profiling enabled (shift: 17)
[  124.631321][   T29] audit: type=1400 audit(380.614:2424): avc:  denied  { append } for  pid=9694 comm="syz.5.2415" path="/204/mnt/file1" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  124.664071][   T29] audit: type=1400 audit(380.644:2425): avc:  denied  { firmware_load } for  pid=9700 comm="syz.2.2417" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  124.691433][ T6874] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  124.715344][   T29] audit: type=1400 audit(380.694:2426): avc:  denied  { create } for  pid=9702 comm="syz.9.2418" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  124.889202][ T9717] futex_wake_op: syz.5.2434 tries to shift op by -1; fix this program
[  124.889236][ T9716] loop9: detected capacity change from 0 to 1764
[  125.152636][ T9744] loop2: detected capacity change from 0 to 256
[  125.171023][ T9744] FAT-fs (loop2): bogus number of FAT sectors
[  125.177225][ T9744] FAT-fs (loop2): Can't find a valid FAT filesystem
[  125.432705][ T9757] netlink: 'syz.0.2443': attribute type 10 has an invalid length.
[  125.469894][ T9757] ipvlan0: entered allmulticast mode
[  125.475333][ T9757] veth0_vlan: entered allmulticast mode
[  125.482946][ T9757] team0: Device ipvlan0 failed to register rx_handler
[  125.619724][ T9769] loop5: detected capacity change from 0 to 512
[  125.621212][ T9769] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -13
[  125.621351][ T9769] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #13: comm syz.5.2448: iget: bad i_size value: 12154757448730
[  125.621485][ T9769] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.2448: couldn't read orphan inode 13 (err -117)
[  125.622011][ T9769] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.759846][ T9773] bridge0: port 3(syz_tun) entered disabled state
[  125.761510][ T9773] syz_tun (unregistering): left allmulticast mode
[  125.761547][ T9773] syz_tun (unregistering): left promiscuous mode
[  125.761631][ T9773] bridge0: port 3(syz_tun) entered disabled state
[  125.941202][ T9802] IPVS: stopping master sync thread 9803 ...
[  125.971506][ T9773] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.024890][   T37] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.067162][   T37] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.135627][   T37] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.147745][ T9818] smc: net device bond0 applied user defined pnetid SYZ2
[  126.147837][ T9818] smc: net device bond0 erased user defined pnetid SYZ2
[  126.171981][   T37] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.246769][   T37] bridge_slave_1: left allmulticast mode
[  126.246788][   T37] bridge_slave_1: left promiscuous mode
[  126.246947][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.247856][   T37] bridge_slave_0: left allmulticast mode
[  126.247874][   T37] bridge_slave_0: left promiscuous mode
[  126.248025][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.427185][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  126.437634][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  126.448147][   T37] bond0 (unregistering): Released all slaves
[  126.489323][ T9811] lo speed is unknown, defaulting to 1000
[  126.512917][   T37] hsr_slave_0: left promiscuous mode
[  126.523667][   T37] hsr_slave_1: left promiscuous mode
[  126.540661][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.548223][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[  126.572000][   T37] veth1_macvtap: left promiscuous mode
[  126.580945][   T37] veth0_macvtap: left promiscuous mode
[  126.589936][   T37] veth1_vlan: left promiscuous mode
[  126.595679][   T37] veth0_vlan: left promiscuous mode
[  126.728523][   T37] team0 (unregistering): Port device team_slave_1 removed
[  126.738627][   T37] team0 (unregistering): Port device team_slave_0 removed
[  126.776624][ T9870] pim6reg1: entered promiscuous mode
[  126.782091][ T9870] pim6reg1: entered allmulticast mode
[  126.865499][ T9811] chnl_net:caif_netlink_parms(): no params data found
[  126.927948][ T9811] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.935168][ T9811] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.944276][ T9811] bridge_slave_0: entered allmulticast mode
[  126.950943][ T9811] bridge_slave_0: entered promiscuous mode
[  126.959767][ T9811] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.967083][ T9811] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.974623][ T9811] bridge_slave_1: entered allmulticast mode
[  126.981320][ T9811] bridge_slave_1: entered promiscuous mode
[  127.009002][ T9811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  127.019954][ T9811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.041450][ T9811] team0: Port device team_slave_0 added
[  127.048710][ T9811] team0: Port device team_slave_1 added
[  127.075232][ T9811] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.082317][ T9811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.108486][ T9811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  127.122239][   T37] IPVS: stop unused estimator thread 0...
[  127.143677][ T9811] batman_adv: batadv0: Adding interface: batadv_slave_1
[  127.150703][ T9811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.176824][ T9811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  127.210732][ T9811] hsr_slave_0: entered promiscuous mode
[  127.217411][ T9811] hsr_slave_1: entered promiscuous mode
[  127.295715][ T9811] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.332692][ T9811] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.389376][ T9811] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.433323][ T9941] xt_hashlimit: max too large, truncated to 1048576
[  127.453968][ T9811] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.523739][ T9811] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  127.533712][ T9811] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  127.542980][ T9811] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  127.552414][ T9811] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  127.590685][ T9811] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.603786][ T9811] 8021q: adding VLAN 0 to HW filter on device team0
[  127.613588][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.620738][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.640501][ T6524] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.647713][ T6524] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.756174][ T9811] 8021q: adding VLAN 0 to HW filter on device batadv0
[  127.814721][ T9983] loop2: detected capacity change from 0 to 512
[  127.825236][ T9983] EXT4-fs (loop2): orphan cleanup on readonly fs
[  127.834056][ T9983] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2529: bg 0: block 248: padding at end of block bitmap is not set
[  127.849418][ T9983] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2529: Failed to acquire dquot type 1
[  127.876725][ T9811] veth0_vlan: entered promiscuous mode
[  127.885221][ T9983] EXT4-fs (loop2): 1 truncate cleaned up
[  127.886235][ T9811] veth1_vlan: entered promiscuous mode
[  127.899519][ T9983] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  127.913202][ T9992] loop9: detected capacity change from 0 to 512
[  127.920880][ T9811] veth0_macvtap: entered promiscuous mode
[  127.928584][ T9811] veth1_macvtap: entered promiscuous mode
[  127.939413][ T9992] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.950595][ T9811] batman_adv: batadv0: Interface activated: batadv_slave_0
[  127.955356][ T9983] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  127.983592][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.993247][ T9811] batman_adv: batadv0: Interface activated: batadv_slave_1
[  128.003029][ T9983] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  128.006329][ T9811] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.020214][ T9811] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.029155][ T9811] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.038015][ T9811] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.118515][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.187019][T10016] loop9: detected capacity change from 0 to 7
[  128.194180][T10016] Buffer I/O error on dev loop9, logical block 0, async page read
[  128.214653][T10019] lo speed is unknown, defaulting to 1000
[  128.220500][T10016] Buffer I/O error on dev loop9, logical block 0, async page read
[  128.220542][T10016]  loop9: unable to read partition table
[  128.220567][T10016] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  128.220567][T10016] 
) failed (rc=-5)
[  128.258627][T10021] __nla_validate_parse: 6 callbacks suppressed
[  128.258659][T10021] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2539'.
[  128.324419][T10021] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  128.337200][T10021] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  128.357148][T10021] bond0 (unregistering): Released all slaves
[  128.391964][T10035] lo speed is unknown, defaulting to 1000
[  128.412885][T10039] netlink: 'syz.2.2548': attribute type 1 has an invalid length.
[  128.430005][T10039] 8021q: adding VLAN 0 to HW filter on device bond1
[  128.453080][T10039] bond1: (slave gretap1): making interface the new active one
[  128.461401][T10039] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  128.825552][T10072] SELinux: ebitmap: truncated map
[  128.837564][T10072] SELinux: failed to load policy
[  128.869446][T10080] loop2: detected capacity change from 0 to 1024
[  128.906568][T10080] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #15: block 1: comm syz.2.2566: lblock 1 mapped to illegal pblock 1 (length 7)
[  128.927405][T10080] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 7 with error 117
[  128.939774][T10080] EXT4-fs (loop2): This should not happen!! Data will be lost
[  128.939774][T10080] 
[  128.968689][ T6511] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm kworker/u8:22: bg 0: block 3: invalid block bitmap
[  128.985473][ T6511] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 4 with error 117
[  128.998037][ T6511] EXT4-fs (loop2): This should not happen!! Data will be lost
[  128.998037][ T6511] 
[  129.038387][   T29] kauditd_printk_skb: 239 callbacks suppressed
[  129.038403][   T29] audit: type=1400 audit(1153.242:2663): avc:  denied  { create } for  pid=10093 comm="syz.9.2573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  129.081596][   T29] audit: type=1400 audit(1153.284:2664): avc:  denied  { connect } for  pid=10093 comm="syz.9.2573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  129.101448][   T29] audit: type=1400 audit(1153.284:2665): avc:  denied  { read } for  pid=10093 comm="syz.9.2573" path="socket:[30407]" dev="sockfs" ino=30407 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  129.129913][   T29] audit: type=1400 audit(1153.337:2666): avc:  denied  { write } for  pid=10093 comm="syz.9.2573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  129.173230][   T29] audit: type=1326 audit(1153.379:2667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10102 comm="syz.0.2576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807d82e929 code=0x7ffc0000
[  129.197044][   T29] audit: type=1326 audit(1153.379:2668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10102 comm="syz.0.2576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807d82e929 code=0x7ffc0000
[  129.264051][   T29] audit: type=1326 audit(1153.379:2669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10102 comm="syz.0.2576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f807d82e929 code=0x7ffc0000
[  129.287935][   T29] audit: type=1326 audit(1153.379:2670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10102 comm="syz.0.2576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807d82e929 code=0x7ffc0000
[  129.311056][   T29] audit: type=1326 audit(1153.379:2671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10102 comm="syz.0.2576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f807d82e929 code=0x7ffc0000
[  129.334678][   T29] audit: type=1326 audit(1153.379:2672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10102 comm="syz.0.2576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807d82e929 code=0x7ffc0000
[  129.484586][T10124] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2584'.
[  129.657241][T10142] hub 6-0:1.0: USB hub found
[  129.662272][T10142] hub 6-0:1.0: 8 ports detected
[  129.699295][T10154] 9pnet: p9_errstr2errno: server reported unknown error 
[  129.877462][T10178] loop9: detected capacity change from 0 to 1024
[  129.997140][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.004870][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.017755][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.025236][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.032910][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.040996][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.048492][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.055991][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.064078][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.071492][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.078922][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.086444][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.104924][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.112543][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.119954][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.128048][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.135547][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.143028][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.151219][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.158740][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.166367][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.173830][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.182052][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.189628][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.197121][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.204546][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.206408][T10178] EXT4-fs error (device loop9): mb_free_blocks:1948: group 0, inode 18: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  130.212824][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.274440][    T9] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  130.408884][T10220] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  130.743542][T10237] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2636'.
[  130.842862][T10244] netlink: 'syz.1.2640': attribute type 21 has an invalid length.
[  130.850881][T10244] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2640'.
[  130.933854][T10252] netlink: 'syz.9.2643': attribute type 10 has an invalid length.
[  130.938527][T10254] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2644'.
[  130.944398][T10252] team0: Port device dummy0 added
[  131.100550][T10275] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2650'.
[  131.100629][T10273] macvtap0: entered promiscuous mode
[  131.116466][T10273] macvtap0: left promiscuous mode
[  131.128285][T10275] bridge0: port 1(macvlan2) entered blocking state
[  131.135068][T10275] bridge0: port 1(macvlan2) entered disabled state
[  131.144274][T10275] macvlan2: entered allmulticast mode
[  131.149721][T10275] bridge0: entered allmulticast mode
[  131.156447][T10275] macvlan2: left allmulticast mode
[  131.161747][T10275] bridge0: left allmulticast mode
[  131.257388][T10281] atomic_op ffff88810337cd28 conn xmit_atomic 0000000000000000
[  131.716907][T10337] loop2: detected capacity change from 0 to 1024
[  131.757070][T10337] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2683: Failed to acquire dquot type 0
[  131.797366][T10337] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  131.817539][T10337] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.2683: corrupted inode contents
[  131.849181][T10337] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #13: comm syz.2.2683: mark_inode_dirty error
[  131.884758][T10359] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2691'.
[  131.887281][T10337] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.2683: corrupted inode contents
[  131.910240][T10337] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #13: comm syz.2.2683: mark_inode_dirty error
[  131.960298][T10337] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.2683: corrupted inode contents
[  131.984538][T10337] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  132.003621][T10337] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.2683: corrupted inode contents
[  132.032772][T10337] EXT4-fs error (device loop2): ext4_truncate:4597: inode #13: comm syz.2.2683: mark_inode_dirty error
[  132.045893][T10337] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  132.056721][T10337] EXT4-fs (loop2): 1 truncate cleaned up
[  132.065139][T10337] EXT4-fs mount: 4 callbacks suppressed
[  132.065175][T10337] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.099528][T10379] SELinux:  Context � is not valid (left unmapped).
[  132.127914][T10383] netlink: 'syz.1.2702': attribute type 10 has an invalid length.
[  132.145252][T10383] team0: Device dummy0 is up. Set it down before adding it as a team port
[  132.159293][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.170922][T10385] serio: Serial port ptm0
[  132.386003][T10414] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10414 comm=syz.2.2717
[  132.398775][T10414] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=10414 comm=syz.2.2717
[  132.464918][T10419] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  132.769651][T10458] unsupported nlmsg_type 40
[  133.052295][T10482] loop2: detected capacity change from 0 to 2048
[  133.079296][T10482] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  133.117497][T10490] netlink: 'syz.9.2747': attribute type 1 has an invalid length.
[  133.196304][T10486] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  133.247114][T10482] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1096 with error 28
[  133.259782][T10482] EXT4-fs (loop2): This should not happen!! Data will be lost
[  133.259782][T10482] 
[  133.269573][T10482] EXT4-fs (loop2): Total free blocks count 0
[  133.275608][T10482] EXT4-fs (loop2): Free/Dirty block details
[  133.281627][T10482] EXT4-fs (loop2): free_blocks=2415919104
[  133.287379][T10482] EXT4-fs (loop2): dirty_blocks=1104
[  133.292745][T10482] EXT4-fs (loop2): Block reservation details
[  133.298750][T10482] EXT4-fs (loop2): i_reserved_data_blocks=69
[  133.346809][T10500] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2751'.
[  133.529753][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  133.591319][T10522] serio: Serial port ptm0
[  133.632538][T10520] SELinux: ebitmap: truncated map
[  133.638179][T10520] SELinux: failed to load policy
[  133.732211][T10537] netlink: 'syz.3.2770': attribute type 10 has an invalid length.
[  133.756618][T10535] serio: Serial port ptm0
[  133.802354][   T29] kauditd_printk_skb: 183 callbacks suppressed
[  133.802436][   T29] audit: type=1400 audit(1158.284:2854): avc:  denied  { write } for  pid=10528 comm="syz.9.2766" path="socket:[31571]" dev="sockfs" ino=31571 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  133.860461][T10549] loop9: detected capacity change from 0 to 1024
[  133.881642][T10549] Quota error (device loop9): do_check_range: Getting block 64 out of range 1-5
[  133.891639][T10549] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[  133.901127][T10549] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.2773: Failed to acquire dquot type 0
[  133.913401][T10549] EXT4-fs error (device loop9): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  133.928476][T10549] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #13: comm syz.9.2773: corrupted inode contents
[  133.940879][T10549] EXT4-fs error (device loop9): ext4_dirty_inode:6459: inode #13: comm syz.9.2773: mark_inode_dirty error
[  133.952818][T10549] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #13: comm syz.9.2773: corrupted inode contents
[  133.965211][T10549] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #13: comm syz.9.2773: mark_inode_dirty error
[  133.976847][T10549] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #13: comm syz.9.2773: corrupted inode contents
[  133.988877][T10549] EXT4-fs error (device loop9) in ext4_orphan_del:305: Corrupt filesystem
[  133.997559][T10549] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #13: comm syz.9.2773: corrupted inode contents
[  134.009917][T10549] EXT4-fs error (device loop9): ext4_truncate:4597: inode #13: comm syz.9.2773: mark_inode_dirty error
[  134.021163][T10549] EXT4-fs error (device loop9) in ext4_process_orphan:347: Corrupt filesystem
[  134.030585][T10549] EXT4-fs (loop9): 1 truncate cleaned up
[  134.036695][T10549] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.069498][   T29] audit: type=1326 audit(1158.558:2855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10556 comm="syz.1.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  134.092995][   T29] audit: type=1326 audit(1158.558:2856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10556 comm="syz.1.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  134.116170][   T29] audit: type=1326 audit(1158.558:2857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10556 comm="syz.1.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  134.139150][   T29] audit: type=1326 audit(1158.558:2858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10556 comm="syz.1.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  134.162241][   T29] audit: type=1326 audit(1158.558:2859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10556 comm="syz.1.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  134.185250][   T29] audit: type=1326 audit(1158.558:2860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10556 comm="syz.1.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  134.208330][   T29] audit: type=1400 audit(1158.558:2861): avc:  denied  { bind } for  pid=10554 comm="syz.2.2775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  134.247002][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.276459][T10563] SELinux: failed to load policy
[  134.305427][T10565] hub 9-0:1.0: USB hub found
[  134.311796][T10565] hub 9-0:1.0: 8 ports detected
[  134.317466][T10567] vlan0: entered allmulticast mode
[  134.322691][T10567] bond0: entered allmulticast mode
[  134.327831][T10567] bond_slave_0: entered allmulticast mode
[  134.333693][T10567] bond_slave_1: entered allmulticast mode
[  134.532350][T10589] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2789'.
[  135.025919][T10644] netlink: 'syz.1.2813': attribute type 6 has an invalid length.
[  135.087090][T10654] loop9: detected capacity change from 0 to 128
[  135.107937][T10654] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  135.210352][ T5573] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  135.265491][T10683] loop9: detected capacity change from 0 to 2048
[  135.302686][T10683] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  135.318477][T10688] netlink: 'syz.3.2834': attribute type 10 has an invalid length.
[  135.331296][T10688] geneve1: entered promiscuous mode
[  135.397028][T10683] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  135.415680][T10683] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1806 with error 28
[  135.429133][T10683] EXT4-fs (loop9): This should not happen!! Data will be lost
[  135.429133][T10683] 
[  135.438995][T10683] EXT4-fs (loop9): Total free blocks count 0
[  135.445016][T10683] EXT4-fs (loop9): Free/Dirty block details
[  135.451047][T10683] EXT4-fs (loop9): free_blocks=2415919104
[  135.456790][T10683] EXT4-fs (loop9): dirty_blocks=1808
[  135.462822][T10683] EXT4-fs (loop9): Block reservation details
[  135.468876][T10683] EXT4-fs (loop9): i_reserved_data_blocks=113
[  135.663918][ T6500] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  135.711215][T10726] wireguard0: entered promiscuous mode
[  135.717584][T10726] wireguard0: entered allmulticast mode
[  135.891322][T10755] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  135.905384][T10755] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  136.211486][T10789] netlink: 96 bytes leftover after parsing attributes in process `syz.9.2875'.
[  136.286417][T10794] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2878'.
[  136.295508][T10794] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2878'.
[  136.304605][T10794] netlink: 204 bytes leftover after parsing attributes in process `syz.2.2878'.
[  136.313768][T10794] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2878'.
[  136.339689][T10797] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2879'.
[  136.553999][T10815] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2887'.
[  136.564920][T10815] bridge_slave_1: left allmulticast mode
[  136.570613][T10815] bridge_slave_1: left promiscuous mode
[  136.576400][T10815] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.585673][T10815] bridge_slave_0: left allmulticast mode
[  136.591462][T10815] bridge_slave_0: left promiscuous mode
[  136.597247][T10815] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.664746][T10821] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2891'.
[  136.910550][T10850] netem: incorrect gi model size
[  136.915691][T10850] netem: change failed
[  136.989548][T10858] SELinux: failed to load policy
[  137.076125][T10872] pim6reg: entered allmulticast mode
[  137.083962][T10872] pim6reg: left allmulticast mode
[  137.267797][T10897] lo speed is unknown, defaulting to 1000
[  137.383648][T10887] loop2: detected capacity change from 0 to 512
[  137.390795][T10887] EXT4-fs: Ignoring removed mblk_io_submit option
[  137.397310][T10887] EXT4-fs: Ignoring removed bh option
[  137.412719][T10887] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  137.424769][T10887] EXT4-fs (loop2): 1 truncate cleaned up
[  137.432187][T10887] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.465132][T10919] ALSA: seq fatal error: cannot create timer (-19)
[  137.513037][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.668454][T10946] sctp: [Deprecated]: syz.2.2949 (pid 10946) Use of struct sctp_assoc_value in delayed_ack socket option.
[  137.668454][T10946] Use struct sctp_sack_info instead
[  137.702670][T10948] loop2: detected capacity change from 0 to 512
[  137.711347][T10948] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.2950: casefold flag without casefold feature
[  137.724328][T10948] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2950: couldn't read orphan inode 15 (err -117)
[  137.736902][T10948] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.807040][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.986452][T10962] pim6reg: entered allmulticast mode
[  137.993440][T10962] pim6reg: left allmulticast mode
[  138.080162][T10966] loop2: detected capacity change from 0 to 4096
[  138.090299][T10966] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.127454][T10966] SELinux: ebitmap: truncated map
[  138.132946][T10966] SELinux: failed to load policy
[  138.178652][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.509085][T11002] __nla_validate_parse: 2 callbacks suppressed
[  138.509099][T11002] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2973'.
[  138.560413][   T29] kauditd_printk_skb: 167 callbacks suppressed
[  138.560439][   T29] audit: type=1400 audit(1163.302:3029): avc:  denied  { mount } for  pid=11008 comm="syz.1.2976" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  138.650582][T11017] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2980'.
[  138.661006][T11017] IPVS: Error joining to the multicast group
[  138.688322][   T29] audit: type=1400 audit(1163.439:3030): avc:  denied  { name_bind } for  pid=11020 comm="syz.1.2982" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  138.745037][T11029] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2986'.
[  138.754067][T11029] Unsupported xt match
[  138.754079][T11029] unable to load match
[  138.780830][T11033] 9pnet: p9_errstr2errno: server reported unknown error 18446744
[  138.825142][   T29] audit: type=1400 audit(1163.587:3031): avc:  denied  { override_creds } for  pid=11038 comm="syz.1.2991" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  138.860909][   T29] audit: type=1326 audit(1163.629:3032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11040 comm="syz.1.2992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  138.898299][   T29] audit: type=1326 audit(1163.650:3033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11040 comm="syz.1.2992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  138.922045][   T29] audit: type=1326 audit(1163.650:3034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11040 comm="syz.1.2992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  138.945327][   T29] audit: type=1326 audit(1163.650:3035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11040 comm="syz.1.2992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  138.969191][   T29] audit: type=1326 audit(1163.650:3036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11040 comm="syz.1.2992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  138.992371][   T29] audit: type=1326 audit(1163.650:3037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11040 comm="syz.1.2992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  139.016316][   T29] audit: type=1326 audit(1163.650:3038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11040 comm="syz.1.2992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ecf0ee929 code=0x7ffc0000
[  139.161179][T11060] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3000'.
[  139.236854][T11063] Falling back ldisc for ttyS3.
[  139.251649][T11070] SELinux: syz.0.3004 (11070) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  139.512210][T11109] pim6reg1: entered promiscuous mode
[  139.517585][T11109] pim6reg1: entered allmulticast mode
[  139.563786][T11111] netlink: 268 bytes leftover after parsing attributes in process `syz.3.3022'.
[  139.572944][T11111] unsupported nla_type 65024
[  139.689461][T11122] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  139.766351][T11132] loop9: detected capacity change from 0 to 2048
[  139.791171][T11132] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.885652][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.905946][T11145] loop2: detected capacity change from 0 to 2048
[  139.913245][T11145] EXT4-fs: Ignoring removed bh option
[  139.923096][T11145] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.968697][T11145] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  139.984869][T11145] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 640 with error 28
[  139.997402][T11145] EXT4-fs (loop2): This should not happen!! Data will be lost
[  139.997402][T11145] 
[  140.007102][T11145] EXT4-fs (loop2): Total free blocks count 0
[  140.013792][T11145] EXT4-fs (loop2): Free/Dirty block details
[  140.019730][T11145] EXT4-fs (loop2): free_blocks=2415919104
[  140.025524][T11145] EXT4-fs (loop2): dirty_blocks=656
[  140.030809][T11145] EXT4-fs (loop2): Block reservation details
[  140.037509][T11145] EXT4-fs (loop2): i_reserved_data_blocks=41
[  140.084583][ T6500] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  140.170740][T11165] xt_hashlimit: max too large, truncated to 1048576
[  140.401938][T11205] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3061'.
[  140.447297][T11205] IPVS: Error joining to the multicast group
[  140.521092][T11210] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3063'.
[  140.555235][T11210] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3063'.
[  140.602527][ T3156] kernel write not supported for file bpf-prog (pid: 3156 comm: kworker/1:2)
[  140.671252][T11224] vlan2: entered allmulticast mode
[  140.681943][T11224] dummy0: entered allmulticast mode
[  140.703906][T11226] vlan0: entered allmulticast mode
[  140.715806][T11226] dummy0: entered allmulticast mode
[  140.765781][T11230] lo speed is unknown, defaulting to 1000
[  140.808910][T11234] hub 9-0:1.0: USB hub found
[  140.813815][T11234] hub 9-0:1.0: 8 ports detected
[  140.902018][T11244] loop3: detected capacity change from 0 to 1024
[  140.917964][T11248] all: renamed from lo
[  140.925182][T11244] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.946043][T11244] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3081: Allocating blocks 385-513 which overlap fs metadata
[  140.964868][T11244] EXT4-fs (loop3): pa ffff8881069bea80: logic 16, phys. 129, len 24
[  140.973001][T11244] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  140.997535][T11256] lo speed is unknown, defaulting to 1000
[  141.044866][ T9811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.064681][T11262] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  141.064681][T11262]    program syz.0.3089 not setting count and/or reply_len properly
[  141.104142][T11260] SELinux: failed to load policy
[  141.142703][T11268] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.152309][T11268] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.161116][T11266] loop3: detected capacity change from 0 to 2048
[  141.180936][T11266] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.215294][T11279] SELinux:  Context system_u:object_r:usr_t:s0 is not valid (left unmapped).
[  141.326481][T11290] loop9: detected capacity change from 0 to 128
[  141.340023][T11290] EXT4-fs (loop9): couldn't mount as ext3 due to feature incompatibilities
[  141.389305][ T9811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.487340][T11311] vlan2: entered allmulticast mode
[  141.492767][T11311] dummy0: entered allmulticast mode
[  141.606402][T11325] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3117'.
[  141.898862][T11348] lo speed is unknown, defaulting to 1000
[  141.965195][T11348] chnl_net:caif_netlink_parms(): no params data found
[  142.015775][T11348] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.023102][T11348] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.035817][T11348] bridge_slave_0: entered allmulticast mode
[  142.046610][T11348] bridge_slave_0: entered promiscuous mode
[  142.055985][T11348] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.063159][T11348] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.077691][T11348] bridge_slave_1: entered allmulticast mode
[  142.084709][T11348] bridge_slave_1: entered promiscuous mode
[  142.106761][T11348] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  142.124187][T11348] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  142.162095][T11348] team0: Port device team_slave_0 added
[  142.170512][T11348] team0: Port device team_slave_1 added
[  142.191704][T11348] batman_adv: batadv0: Adding interface: batadv_slave_0
[  142.198727][T11348] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.225515][T11348] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.239030][T11348] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.246222][T11348] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.273066][T11348] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.288940][T11372] netlink: 96 bytes leftover after parsing attributes in process `syz.9.3132'.
[  142.324146][T11348] hsr_slave_0: entered promiscuous mode
[  142.330416][T11348] hsr_slave_1: entered promiscuous mode
[  142.336728][T11348] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  142.349447][T11348] Cannot create hsr debugfs directory
[  142.439556][T11348] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  142.441791][ T6542] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  142.449424][T11348] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.522986][T11348] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  142.532991][T11348] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.601506][T11348] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  142.611351][T11348] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.678071][T11348] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  142.688600][T11348] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.151021][T11348] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  143.181157][T11348] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  143.194298][T11348] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  143.204109][T11348] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  143.246007][T11348] 8021q: adding VLAN 0 to HW filter on device bond0
[  143.260900][T11348] 8021q: adding VLAN 0 to HW filter on device team0
[  143.272190][ T6529] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.279300][ T6529] bridge0: port 1(bridge_slave_0) entered forwarding state
[  143.296914][ T6529] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.304037][ T6529] bridge0: port 2(bridge_slave_1) entered forwarding state
[  143.324116][T11348] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  143.334535][T11348] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  143.389231][T11348] 8021q: adding VLAN 0 to HW filter on device batadv0
[  143.464068][T11348] veth0_vlan: entered promiscuous mode
[  143.473527][T11348] veth1_vlan: entered promiscuous mode
[  143.489670][T11348] veth0_macvtap: entered promiscuous mode
[  143.496838][T11348] veth1_macvtap: entered promiscuous mode
[  143.507691][T11348] batman_adv: batadv0: Interface activated: batadv_slave_0
[  143.519098][T11348] batman_adv: batadv0: Interface activated: batadv_slave_1
[  143.528537][T11348] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  143.537381][T11348] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  143.546170][T11348] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  143.554969][T11348] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  143.573989][   T29] kauditd_printk_skb: 139 callbacks suppressed
[  143.574007][   T29] audit: type=1400 audit(1182.579:3178): avc:  denied  { mounton } for  pid=11348 comm="syz-executor" path="/root/syzkaller.W43EwU/syz-tmp" dev="sda1" ino=2067 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  143.604497][   T29] audit: type=1400 audit(1182.579:3179): avc:  denied  { mount } for  pid=11348 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  143.626294][   T29] audit: type=1400 audit(1182.579:3180): avc:  denied  { mounton } for  pid=11348 comm="syz-executor" path="/root/syzkaller.W43EwU/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  143.652770][   T29] audit: type=1400 audit(1182.579:3181): avc:  denied  { mounton } for  pid=11348 comm="syz-executor" path="/root/syzkaller.W43EwU/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=34711 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  143.680157][   T29] audit: type=1400 audit(1182.600:3182): avc:  denied  { mounton } for  pid=11348 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  143.702681][   T29] audit: type=1400 audit(1182.600:3183): avc:  denied  { mount } for  pid=11348 comm="syz-executor" name="/" dev="gadgetfs" ino=4018 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  143.960868][T11446] netlink: 620 bytes leftover after parsing attributes in process `syz.2.3153'.
[  143.982845][T11448] netlink: 4 bytes leftover after parsing attributes in process `wg1'.
[  143.994292][T11448] netlink: 4 bytes leftover after parsing attributes in process `wg1'.
[  144.027159][   T29] audit: type=1400 audit(1183.041:3184): avc:  denied  { read write } for  pid=11451 comm="syz.2.3156" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  144.051403][   T29] audit: type=1400 audit(1183.041:3185): avc:  denied  { open } for  pid=11451 comm="syz.2.3156" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  144.077849][   T29] audit: type=1400 audit(1183.104:3186): avc:  denied  { setopt } for  pid=11453 comm="syz.9.3157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  144.102688][   T29] audit: type=1400 audit(1183.104:3187): avc:  denied  { write } for  pid=11453 comm="syz.9.3157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  144.193195][T11461] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3160'.
[  144.204152][T11459] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3160'.
[  144.369379][T11476] loop2: detected capacity change from 0 to 2048
[  144.381524][T11476] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.496189][T11475] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  144.515963][T11475] EXT4-fs (loop2): Remounting filesystem read-only
[  144.538067][T11490] loop9: detected capacity change from 0 to 1024
[  144.545422][T11490] EXT4-fs: Ignoring removed orlov option
[  144.605330][T11496] loop3: detected capacity change from 0 to 128
[  144.612890][T11490] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.617459][T11496] FAT-fs (loop3): Directory bread(block 162) failed
[  144.632680][T11496] FAT-fs (loop3): Directory bread(block 163) failed
[  144.641483][T11496] FAT-fs (loop3): Directory bread(block 164) failed
[  144.648453][T11496] FAT-fs (loop3): Directory bread(block 165) failed
[  144.655081][T11496] FAT-fs (loop3): Directory bread(block 166) failed
[  144.662524][T11496] FAT-fs (loop3): Directory bread(block 167) failed
[  144.669315][T11496] FAT-fs (loop3): Directory bread(block 168) failed
[  144.670767][T11501] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3173'.
[  144.676026][T11496] FAT-fs (loop3): Directory bread(block 169) failed
[  144.676337][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.699409][T11496] FAT-fs (loop3): Directory bread(block 162) failed
[  144.702155][T11494] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3173'.
[  144.718794][T11496] FAT-fs (loop3): Directory bread(block 163) failed
[  144.725880][T11496] bio_check_eod: 13177 callbacks suppressed
[  144.725893][T11496] syz.3.3174: attempt to access beyond end of device
[  144.725893][T11496] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[  144.746110][T11496] syz.3.3174: attempt to access beyond end of device
[  144.746110][T11496] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[  144.770098][ T5573] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.934625][T11530] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  144.945510][T11530] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.069721][T11549] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11549 comm=syz.3.3199
[  145.082486][T11549] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11549 comm=syz.3.3199
[  145.280905][T11564] loop2: detected capacity change from 0 to 512
[  145.296849][T11564] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.311409][T11564] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.349235][T11568] loop2: detected capacity change from 0 to 1024
[  145.356301][T11568] EXT4-fs: Ignoring removed orlov option
[  145.372575][T11568] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.409462][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.471674][T11582] SELinux: failed to load policy
[  145.765212][T11601] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  145.821196][T11603] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.828489][T11603] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.898261][T11603] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  145.908571][T11603] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  145.941708][T11603] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  145.950752][T11603] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  145.959930][T11603] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  145.968874][T11603] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.525375][T11679] xt_hashlimit: max too large, truncated to 1048576
[  146.554591][T11681] vhci_hcd: invalid port number 23
[  146.559852][T11681] vhci_hcd: default hub control req: a306 v0000 i0017 l0
[  146.601150][T11685] SELinux: failed to load policy
[  147.043483][T11727] syzkaller0: entered allmulticast mode
[  147.119620][T11733] loop2: detected capacity change from 0 to 1024
[  147.129233][T11733] EXT4-fs: inline encryption not supported
[  147.138430][T11733] EXT4-fs: Ignoring removed bh option
[  147.155775][T11733] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.225689][ T6895] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.281120][T11743] loop2: detected capacity change from 0 to 256
[  147.292581][T11747] loop3: detected capacity change from 0 to 1024
[  147.301436][T11747] EXT4-fs: Ignoring removed nobh option
[  147.307234][T11747] EXT4-fs: inline encryption not supported
[  147.323281][T11743] FAT-fs (loop2): Directory bread(block 64) failed
[  147.330110][T11743] FAT-fs (loop2): Directory bread(block 65) failed
[  147.339554][T11743] FAT-fs (loop2): Directory bread(block 66) failed
[  147.350598][T11743] FAT-fs (loop2): Directory bread(block 67) failed
[  147.360693][T11747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.373770][T11743] FAT-fs (loop2): Directory bread(block 68) failed
[  147.380681][T11743] FAT-fs (loop2): Directory bread(block 69) failed
[  147.383222][T11747] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3282: Allocating blocks 385-513 which overlap fs metadata
[  147.387400][T11743] FAT-fs (loop2): Directory bread(block 70) failed
[  147.408339][T11743] FAT-fs (loop2): Directory bread(block 71) failed
[  147.417490][T11743] FAT-fs (loop2): Directory bread(block 72) failed
[  147.424757][T11743] FAT-fs (loop2): Directory bread(block 73) failed
[  147.440443][T11746] EXT4-fs (loop3): pa ffff8881069bea80: logic 16, phys. 129, len 24
[  147.448630][T11746] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  147.521859][ T9811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.539370][T11761] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  147.560347][T11761] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.717040][T11761] ==================================================================
[  147.725275][T11761] BUG: KCSAN: data-race in rtc_dev_poll / rtc_pie_update_irq
[  147.732688][T11761] 
[  147.735022][T11761] read-write to 0xffff88810326cb80 of 8 bytes by interrupt on cpu 1:
[  147.743094][T11761]  rtc_pie_update_irq+0x93/0xf0
[  147.747961][T11761]  __hrtimer_run_queues+0x20f/0x5a0
[  147.753167][T11761]  hrtimer_interrupt+0x21a/0x460
[  147.758112][T11761]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  147.764023][T11761]  sysvec_apic_timer_interrupt+0x6f/0x80
[  147.769675][T11761]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  147.775685][T11761]  __rcu_read_unlock+0x56/0x70
[  147.780465][T11761]  xa_load+0xb1/0xe0
[  147.784385][T11761]  memcg_list_lru_alloc+0xb8/0x490
[  147.789522][T11761]  __memcg_slab_post_alloc_hook+0x1a7/0x580
[  147.795462][T11761]  kmem_cache_alloc_lru_noprof+0x229/0x310
[  147.801302][T11761]  sock_alloc_inode+0x34/0xa0
[  147.805990][T11761]  alloc_inode+0x3d/0x170
[  147.810338][T11761]  __sock_create+0x122/0x5b0
[  147.814944][T11761]  __sys_socket+0xb0/0x180
[  147.819378][T11761]  __x64_sys_socket+0x3f/0x50
[  147.824069][T11761]  x64_sys_call+0x285a/0x2fb0
[  147.828759][T11761]  do_syscall_64+0xd2/0x200
[  147.833271][T11761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.839195][T11761] 
[  147.841528][T11761] read to 0xffff88810326cb80 of 8 bytes by task 11761 on cpu 0:
[  147.849163][T11761]  rtc_dev_poll+0x78/0xb0
[  147.853524][T11761]  __io_read+0x2e4/0xc20
[  147.857784][T11761]  io_read+0x1c/0x60
[  147.861693][T11761]  __io_issue_sqe+0xfe/0x2e0
[  147.866304][T11761]  io_issue_sqe+0x53/0x970
[  147.870737][T11761]  io_req_task_submit+0x6b/0xc0
[  147.875604][T11761]  io_handle_tw_list+0x18d/0x1c0
[  147.880561][T11761]  tctx_task_work_run+0x6d/0x1a0
[  147.885519][T11761]  tctx_task_work+0x3f/0x80
[  147.890036][T11761]  task_work_run+0x131/0x1a0
[  147.894641][T11761]  get_signal+0xe13/0xf70
[  147.898987][T11761]  arch_do_signal_or_restart+0x96/0x480
[  147.904543][T11761]  exit_to_user_mode_loop+0x7a/0x100
[  147.909847][T11761]  do_syscall_64+0x1d6/0x200
[  147.914447][T11761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.920359][T11761] 
[  147.922689][T11761] value changed: 0x00000000000095c0 -> 0x00000000000096c0
[  147.929813][T11761] 
[  147.932140][T11761] Reported by Kernel Concurrency Sanitizer on:
[  147.938295][T11761] CPU: 0 UID: 0 PID: 11761 Comm: syz.0.3288 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  147.950809][T11761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  147.960873][T11761] ==================================================================
[  148.010354][T11779] loop3: detected capacity change from 0 to 1024
[  148.019618][T11779] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  148.029896][T11779] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  148.040955][T11779] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  148.051710][T11779] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  148.061897][T11779] EXT4-fs error (device loop3): ext4_get_journal_inode:5796: comm syz.3.3295: inode #1: comm syz.3.3295: iget: illegal inode #
[  148.079663][T11779] EXT4-fs (loop3): Remounting filesystem read-only
[  148.086272][T11779] EXT4-fs (loop3): no journal found