last executing test programs:

48.960540031s ago: executing program 32 (id=1201):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41101, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

30.192826965s ago: executing program 4 (id=1653):
setresuid(0xee00, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000300)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000180)='%+9llu \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000001680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000c40)='sys_enter\x00', r2}, 0x18)
prlimit64(0x0, 0xd, &(0x7f00000000c0)={0x200000000005, 0x8000000000200003}, 0x0)
setpriority(0x2, 0x0, 0xffffffffffffffcd)

30.125421511s ago: executing program 4 (id=1656):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffc}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1b, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6}]})

29.820549105s ago: executing program 4 (id=1671):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

29.136616039s ago: executing program 4 (id=1663):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000a40), 0x1, 0x55e, &(0x7f0000000a80)="$eJzs3c1rHOUfAPDvbJK+/35NoRQVkUAPVmo3TeJLBQ/1KFos6L0uyTSUbLoluylNLNge7MWLFEHEgnjXu8fiP+BfUdBCkRL04CUym9k0L7vJNt2ajfP5wITn2Znd5/nuzPfJMzuzbACFNZL9KUW8GBFfJRFHIyLJ1w1GvnJkZbulxzcnsyWJ5eWP/0ia22X11mu1nnc4r7wQEb98EXG6tLnd+sLiTKVaTefy+mhj9tpofWHxzJXZynQ6nV4dn5g49+bE+Dtvv9WzWF+7+Ne3H91//9yXJ5e++enhsbtJnI8j+bq1cTyDW2srIzGSvydDcX7DhmM9aKyfJLvdAXZkIM/zocjGgKMxkGc98N/3eUQsAwWVyH8oqNY8oHVu36Pz4D3j0XsrJ0Cb4x9c+WwkDjTPjQ4tJevOjLLz3eEetJ+18fPv9+5mS2z4HOJAD14foJNbtyPi7ODg5vEvyce/nTvbxTYb2yja/x/YTfez+c/r7eY/pdX5T7SZ/xxuk7s7sX3+lx72oJmOsvnfu23nv6sXrYYH8tr/mnO+oeTylWqajW3/j4hTMbQ/q291Pefc0oPlTuvWzv+yJWu/NRfM+/FwcP/650xVGpVniXmtR7cjXmo7/01W93/SZv9n78fFLts4kd57pdO67eN/vpZ/iHi17f5/ckUr2fr65GjzeBhtHRWb/XnnxK+d2t/t+LP9f2jr+IeTtddr60/fxvcH/k47rVsXf3R//O9LPmmW9+WP3ag0GnNjEfuSDzc/Pv7kua16a/ss/lMntx7/2h3/ByPi0y7jv3P8x5e7in+X9v/UU+3/py88+OCz7zq1393490azdCp/pJvxr9sOPst7BwAAAAAAAP2mFBFHIimVV8ulUrm8cn/H8ThUqtbqjdOXa/NXp6L5XdnhGCq1rnQfXXM/xFh+P2yrPr6hPhERxyLi64GDzXp5slad2u3gAQAAAAAAAAAAAAAAAAAAoE8c7vD9/8xvA7vdO+C585PfUFzb5n8vfukJ6Ev+/0NxyX8oLvkPxSX/objkPxSX/Ifikv9QXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeurihQvZsrz0+OZkVp+6vjA/U7t+Ziqtz5Rn5yfLk7W5a+XpWm26mpYna7PbvV61Vrs2Nh7zN0Ybab0xWl9YvDRbm7/auHRltjKdXkqH/pWoAAAAAAAAAAAAAAAAAAAAYG+pLyzOVKrVdE5BYUeFwf7oxp4vZNnYB91Y1x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6A//BAAA//8iuzYD")
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x400000]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
fallocate(r1, 0x10, 0x800, 0x8000)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)

29.061305896s ago: executing program 4 (id=1669):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2, 0x96)
pwrite64(r0, &(0x7f0000000140)='2', 0x155c2, 0x8000c64)
truncate(0x0, 0xc1a)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r2 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x1)
sendfile(r2, r1, 0x0, 0x80000000)

28.860968592s ago: executing program 2 (id=1675):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x52, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xbb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r2}, 0x10)
r3 = socket$inet(0x2, 0x1, 0x0)
listen(r3, 0x0)

28.805679056s ago: executing program 2 (id=1676):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
r2 = socket$tipc(0x1e, 0x5, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0xfffffffc, 0x3, 0x3}, 0x10)

28.741821991s ago: executing program 2 (id=1678):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
io_setup(0x3, &(0x7f0000000340))

28.672914906s ago: executing program 4 (id=1679):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000880)=@ipv6_newnexthop={0x1c, 0x68, 0x309, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NHA_GROUP={0x4}]}, 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

28.669995067s ago: executing program 33 (id=1679):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000880)=@ipv6_newnexthop={0x1c, 0x68, 0x309, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NHA_GROUP={0x4}]}, 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

28.602425172s ago: executing program 2 (id=1681):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000a40), 0x1, 0x55e, &(0x7f0000000a80)="$eJzs3c1rHOUfAPDvbJK+/35NoRQVkUAPVmo3TeJLBQ/1KFos6L0uyTSUbLoluylNLNge7MWLFEHEgnjXu8fiP+BfUdBCkRL04CUym9k0L7vJNt2ajfP5wITn2Znd5/nuzPfJMzuzbACFNZL9KUW8GBFfJRFHIyLJ1w1GvnJkZbulxzcnsyWJ5eWP/0ia22X11mu1nnc4r7wQEb98EXG6tLnd+sLiTKVaTefy+mhj9tpofWHxzJXZynQ6nV4dn5g49+bE+Dtvv9WzWF+7+Ne3H91//9yXJ5e++enhsbtJnI8j+bq1cTyDW2srIzGSvydDcX7DhmM9aKyfJLvdAXZkIM/zocjGgKMxkGc98N/3eUQsAwWVyH8oqNY8oHVu36Pz4D3j0XsrJ0Cb4x9c+WwkDjTPjQ4tJevOjLLz3eEetJ+18fPv9+5mS2z4HOJAD14foJNbtyPi7ODg5vEvyce/nTvbxTYb2yja/x/YTfez+c/r7eY/pdX5T7SZ/xxuk7s7sX3+lx72oJmOsvnfu23nv6sXrYYH8tr/mnO+oeTylWqajW3/j4hTMbQ/q291Pefc0oPlTuvWzv+yJWu/NRfM+/FwcP/650xVGpVniXmtR7cjXmo7/01W93/SZv9n78fFLts4kd57pdO67eN/vpZ/iHi17f5/ckUr2fr65GjzeBhtHRWb/XnnxK+d2t/t+LP9f2jr+IeTtddr60/fxvcH/k47rVsXf3R//O9LPmmW9+WP3ag0GnNjEfuSDzc/Pv7kua16a/ss/lMntx7/2h3/ByPi0y7jv3P8x5e7in+X9v/UU+3/py88+OCz7zq1393490azdCp/pJvxr9sOPst7BwAAAAAAAP2mFBFHIimVV8ulUrm8cn/H8ThUqtbqjdOXa/NXp6L5XdnhGCq1rnQfXXM/xFh+P2yrPr6hPhERxyLi64GDzXp5slad2u3gAQAAAAAAAAAAAAAAAAAAoE8c7vD9/8xvA7vdO+C585PfUFzb5n8vfukJ6Ev+/0NxyX8oLvkPxSX/objkPxSX/Ifikv9QXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeurihQvZsrz0+OZkVp+6vjA/U7t+Ziqtz5Rn5yfLk7W5a+XpWm26mpYna7PbvV61Vrs2Nh7zN0Ybab0xWl9YvDRbm7/auHRltjKdXkqH/pWoAAAAAAAAAAAAAAAAAAAAYG+pLyzOVKrVdE5BYUeFwf7oxp4vZNnYB91Y1x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6A//BAAA//8iuzYD")
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x400000]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
fallocate(r1, 0x10, 0x800, 0x8000)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)

28.465453373s ago: executing program 2 (id=1683):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x11)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000009c0000000b"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
pwritev2(r0, &(0x7f0000000cc0)=[{&(0x7f0000000240)=';', 0xffffffbc}], 0x1, 0xfff, 0xc, 0x4)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)

27.952826004s ago: executing program 2 (id=1694):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa0677"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

27.950147534s ago: executing program 34 (id=1694):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa0677"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

23.295605144s ago: executing program 5 (id=1790):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x14, r2, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x10)

23.259863888s ago: executing program 5 (id=1791):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x66, &(0x7f00000002c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x30, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '\x00', 0x0, 0x3a, 0x0, @mcast1, @private2={0xfc, 0x2, '\x00', 0x1}}}}}}}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="080086dd00011100"], 0xfdef)

23.192193903s ago: executing program 7 (id=1794):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r2}, 0x3d)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfeffffffffffffff, 0xffffffffffffffff, 0x0)

23.176116064s ago: executing program 7 (id=1795):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x59258ff9b13802e4, 0x103)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = dup(r2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000002240)='9p_client_req\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

23.139670237s ago: executing program 5 (id=1797):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x1a2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa4c42, 0x108)
fallocate(r2, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000040)={0xc, r2, 0x0, 0x0, 0x0, 0xfffffffffe000001})

23.088124321s ago: executing program 7 (id=1799):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
ppoll(&(0x7f00000005c0)=[{r0}], 0x1, 0x0, 0x0, 0x0)

23.051672144s ago: executing program 5 (id=1800):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x80000, 0x0)

23.021671937s ago: executing program 5 (id=1802):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x8f, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000002001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
io_setup(0x3, &(0x7f0000000340))

22.792928395s ago: executing program 5 (id=1806):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x82, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r2], 0x50}, 0x1, 0xba01}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x404c080)
write(r3, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)

22.792794045s ago: executing program 35 (id=1806):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x82, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r2], 0x50}, 0x1, 0xba01}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x404c080)
write(r3, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)

22.406729085s ago: executing program 7 (id=1813):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x80000, 0x0)

22.367695929s ago: executing program 7 (id=1816):
syz_open_dev$sg(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000580)='kfree\x00', r0}, 0x18)
unshare(0x64000600)

18.412785883s ago: executing program 7 (id=1911):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="180100000080161600000000ef0000af000000006d0000feff"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x8, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x1400e, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x7, 0x2, 0x0, 0x0, 0x0, 0x2, 0x20000, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x9}, 0x2000, 0x0, 0x9, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f00000001c0)='cpu<20\t&|')

18.412597643s ago: executing program 36 (id=1911):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="180100000080161600000000ef0000af000000006d0000feff"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x8, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x1400e, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x7, 0x2, 0x0, 0x0, 0x0, 0x2, 0x20000, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x9}, 0x2000, 0x0, 0x9, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f00000001c0)='cpu<20\t&|')

11.68454225s ago: executing program 8 (id=2139):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x2000008, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {0xfff1, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}]}, 0x38}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmmsg(r3, &(0x7f0000000000), 0x4000000000001f2, 0x0)

11.594836407s ago: executing program 8 (id=2141):
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, 0x0, 0x20008000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe8e, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)

11.562760129s ago: executing program 8 (id=2143):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x5)
fchdir(r2)
r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x2)
close_range(r3, 0xffffffffffffffff, 0x0)

11.526944662s ago: executing program 8 (id=2145):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x80000, 0x0)

11.492237215s ago: executing program 8 (id=2147):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
write$binfmt_script(r0, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r0, 0x0)

11.236925675s ago: executing program 8 (id=2157):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41101, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r0)

11.223712796s ago: executing program 37 (id=2157):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41101, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r0)

2.176479157s ago: executing program 9 (id=2383):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000000))
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x100000000000000)

2.146849639s ago: executing program 9 (id=2375):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x50)
unshare(0x2040400)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000080)=[{&(0x7f0000000500)="7c15b6bce0568bdbef75e4667376c6507c51094765fcc21aa8810d5a760327a50bc67e6f84d202", 0x27}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)

1.690770105s ago: executing program 1 (id=2394):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x2008002, &(0x7f0000000080)={[{@errors_remount}]}, 0x4, 0x54e, &(0x7f0000000fc0)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s1f0bQAKJE/AfcEDigNQTB24ckTggpHJACmCBYiSQFs3s2Nk6a7y117ut9/ORJjPvvZ35vmdn/N6+tecFMLauRsRORExHxBsRMVfkJ8UWr3S27HUPd7cX93a3F5Not1//e5KXZ3nRdU7myeKasxHxja9GfCd5PG5zc+v+Qq1WXS/S5VZ9rdzc3LqxUl9Yri5XVyuV2/O3b75464XKwNp6pf7LB19ZefWbv/n1p9/7/c6Xf5BV62JR1t2OQeo0feogTmYyIl49i2AjMFHsp0dcD04mjYiPRcTn8vt/Liby/50AwHnWbs9Fe647DQCcd2k+B5akpYhI02IQUOrM4T0TF9Jao9m6fq+xsbrUmSu7FFPpvZVa9eblmT9+L3/xVJKl5/OyvDxPVw6lb0XE5Yj40cwTebq02KgtjWbIAwBj78nu/j8i/jWTpqVSX6f2+FQPAPjImB11BQCAodP/A8D40f8DwPjpo/8vPuzfOfO6AADD4f0/AIwf/T8AjB/9PwCMla+/9lq2tfeK518vvbm5cb/x5o2lavN+qb6xWFpsrK+VlhuN5fyZPfXjrldrNNbmn4+Nt8qtarNVbm5u3a03NlZbd/Pnet+tTg2lVQDA/3P5yrt/SCJi56Un8i261nLQV8P5lo66AsDITJzmZAME+EjrtdrXL0ZQD2D4+urC80HC7868LsBo9HyY92zPw/f7yQcI4veM4EPl2if7n/+3xjOcL+b/YXydbP7/5YHXAxi+XvP/wHhot5PDa/5PHxQBAOfSKX6Fr/32oAYhwEgdt5j3QD7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHPmYkR8N5K0lK8Fnmb/pqVSxFMRcSmmknsrterNiHg6rkTE1EyWnh91pQGAU0r/mhTrf12be+7i4dLp5N8z+T4ivv/T13/81kKrtT6f5f/jIH9mf/mwyqPzTrGuIAAwYHn/XSn2XW/kH+5uL+5vw6zPgzvx32Ip4sW93e18y/KLvLcjZvOxxIV/JjFZnDMbEc9GxMQA4u+8ExGf6NX+JJ8buVSsfNodP4rYTw01fvq++Gle1tlng6+PD6AuMG7evRMRr/S6/9K4mu973/9Z7uQA4j+407nY/s++va74k0WkiR7xs3v+ar8xnv/t1x7LbM91yt6JeHayV/zkIH5yRPzn+oz/p0995ocvH1HW/lnEtegdvztWuVVfKzc3t26s1BeWq8vV1Url9vztmy/eeqFSzueoy/sz1Y/720vXnz6qbln7L3TF318XP4s627P90wfnfqHP9v/8P298+7OPkjOH43/p872//8/0jN+R9Ylf7DP+woVfHbl8dxZ/6Yiv/3Hf/+t9xn/vL1tLfb4UABiC5ubW/YVarbr+gQ6y3r87J3sXepLrHHuQVbG/F+8PF08X9M9xFq044cHUWX1Vz/xg8mCsONgrfyu74pCbkw68Fac6eDisWKP7mQQMx6ObftQ1AQAAAAAAAAAAAAAAjjKMP10adRsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4v/4XAAD//xnx1GQ=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x3, &(0x7f0000000140), 0x1, 0x25f, &(0x7f0000000b00)="$eJzs3U1oHGUYB/Bn9oOYZJGoF0FQQUQkEOJN8BIvCgEJ4kFQISLiRUkETfC268mLF88iOXkJpbemPZZeQi8thZ7SNof00tKGHhoK/YAp+xXSdttsupuZNvP7wWZmknfmeQfm/74T2GECKKyJiJiJiHJETEZENSKSvQ3ebX8mOpsro+vzEWn61a2k1a693dbdbzwiGhHxcUScKSXxcyViee3brTsbn3/w91L1/f/XvhnN9CQ7trc2v9j5b+6vE7MfLZ+/eGMuiZmoPXJew5f0+F0liXj9MIq9IJJK3j2gH1/+cfxSM/dvRMR7rfzfTdsiHuyu9ZLW/7l54a2s+wsMV5pWm3NgIwUKpxQRtc5Nams9SqWpqfY9/OXyWOmXxd9+n/xpcWnhx7xHKmBYahGbn50aOTneWk9KU538Xyu38w8cVfXOcvVK8+dOOd/eAMO0f6Cb8//k9/UPQ/6hcA6U/1ey6ROQjU7+W8l+LP/X8+oTkI0Dzf9P+xoA8FLy/z8U1zPzX82nT0A2zP9QXPIPxSX/UFzyD8W1N/8AQLGkI30+KNzo7gAcFTkPPwAAAAAAAAAAAAAAAAAAQA8ro+vz3U9WNc/+G7H9aURUetUvt95H3H352NjtpNlsV9LebSDfvTPgAQZ0LOenr1+9mm/9c2/nW7++ENH4MyKmK5Unr7+kc/09v9f2+Xv1hwELDOiTrw/ryLW+Wt1fPaz6/ZndiDjdHH+me40/pXiztew9/tSG8JqEX+8NeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAy8zAAAP//JS12Fg==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x284)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r2, 0x8004587d, &(0x7f00000007c0)={@desc={0x1, 0x0, @desc4}})

1.605045812s ago: executing program 1 (id=2397):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x3c00, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0)
shutdown(r0, 0x1)

1.533515968s ago: executing program 3 (id=2399):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000080)=0x4)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
pwritev(r0, &(0x7f0000000280)=[{&(0x7f0000000580)='\x00!', 0x2}], 0x1, 0x101, 0x49d)

1.527185018s ago: executing program 1 (id=2400):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffa}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

1.461815723s ago: executing program 1 (id=2402):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x24b9)

1.460883763s ago: executing program 3 (id=2412):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x78)
sendfile(r0, r1, &(0x7f00000001c0), 0x8)
fcntl$addseals(r1, 0x409, 0x8)
fallocate(r1, 0x3, 0x9100, 0x3)
mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)

1.422856247s ago: executing program 0 (id=2407):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
r2 = socket(0x1e, 0x4, 0x0)
r3 = socket(0x1e, 0x2, 0x0)
dup3(r3, r2, 0x0)

1.402165058s ago: executing program 0 (id=2409):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f00000001c0), 0x6, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f00000000c0)=ANY=[])

1.356789772s ago: executing program 6 (id=2410):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

1.356490152s ago: executing program 0 (id=2411):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x80000}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r2, 0x0)

1.356222102s ago: executing program 6 (id=2413):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000001740)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = io_uring_setup(0x77da, &(0x7f0000000240)={0x0, 0xdb5e, 0x40, 0x0, 0x12f})
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r2, 0xb, &(0x7f0000000480)=[@ioring_restriction_sqe_flags_allowed={0x2, 0x11}], 0x1)

1.334958013s ago: executing program 6 (id=2414):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
write$binfmt_script(r2, 0x0, 0x0)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xd8ef}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

1.300603386s ago: executing program 6 (id=2415):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0xd9f7, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f16713d", 0x11)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

1.290394277s ago: executing program 9 (id=2416):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$tipc(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811dbf40b3a7da5a8a64db04ed6dd26eea2e37229c339b1f91201c2796173864", 0x3d}], 0x1}, 0x20000000)
recvmsg(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)
close(r0)

1.241750701s ago: executing program 3 (id=2417):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r2)
sendmsg$TIPC_CMD_SHOW_PORTS(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001640)={0x1c, r3, 0x1, 0xfffffffd}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.176866006s ago: executing program 9 (id=2418):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r2, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
sendfile(r2, r1, 0x0, 0x3ffff)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000002140)=""/4088, 0xff8}], 0x4, 0x4, 0x300)

624.43183ms ago: executing program 1 (id=2419):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000002c0)='./file0\x00', 0x98)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
r2 = syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x29cc, 0x10100}, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000001480)=[{&(0x7f00000002c0)=""/185, 0xb9}], 0x1})
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)

624.19236ms ago: executing program 3 (id=2420):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000ab3dc9350000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)

619.930071ms ago: executing program 0 (id=2429):
socket$packet(0x11, 0x2, 0x300)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f00000001c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@grpquota}, {@nobh}, {@abort}, {@lazytime}, {@usrquota}, {@resgid}, {@bh}]}, 0x1, 0x58d, &(0x7f00000005c0)="$eJzs3UtoHGUcAPD/zGZNn6aCgkoPRYUKpZukD62e0qtYKPQgeKlhsw0hm2zIbrQJOaT3Ivbgi17qTQ8eFQ8exItHr14Uz4JoUGh6kJV9pWmyG7c1r2Z/P5js981M5v99M/v/dmeYYQPoWSdqf9KI5yLichIxsGZZXzQXnmist7K8mL+3vJhPolq98kcSSUTcXV7Mt9ZPmq+HI2IpIp6NiO+zEafSjXHL8wuTo8ViYbZZH6xMzQyW5xdOT0yNjhfGC9NnX33t/IVz54fPDG9ZX2/+cuv9mz++cefWF18eX8p/OJrESBxpLlvbj63U2CfZGFk3/9x2BNtFSYf5H53f4YbwUDLNPM9GxDMxEJlm1gP7X7U/orqp1si++VrA4yiJteXGN7ndbA+wU1rfA2rnv61pJ79//H6xcQJytz8ilhfzK6vx+xrXJuJA/dzk0F/JA2cmtVHq2E42lH1p6UZEDPX1bXz/J83336Mb2ooGsq2+u9g4UBuPf7o6/sS68edoRP264f99f8Sa8W+lOfattImf6TD+Xe4yxj9v//ppx/g3Ip5vGz9ZjZ+0iZ9GxDtdxr/91jcXOi2rfhZxMtrHb0k2vz48eG2iWBhq/G0b49uTx1/vdIWy1v9DHeI3rtkeqH/MtNv/M132/+sfvnphqcOyWvyXX9z8+Lfb/wcj4oMu4z919/M3Oy2rxR/r0P/N4tfm3eky/isjJ37uclUAAAAAAAAAAOAhpPV72ZI0t1pO01yu8Qzv03EoLZbKlVPXSnPTY4173o5FNm3daTXQqCe1+nDzftxW/cy6+tlMM2DmYL2ey5eKY7vcdwAAAAAAAAAAAAAAAAAAANgrDq97/v/vTOP5f6BH+Mlv6F3yH3rXg/nf/ocSgf3J5z/0rKr8h94l/6F3yX/oXfIfepf8h94l/6F3yX8AAAAAAAAAAAAAAAAAAAAAAAAAANgWly9dqk3Ve8uL+Vp9rG9+brL07umxQnkyNzWXz+VLszO58VJpvFjI5UtT/7W9Yqk0MxTTc9cHK4VyZbA8v3B1qjQ3Xbk6MTU6XrhayO5IrwAAAAAAAAAAAAAAAAAAAODxcqQ+JWkuItJ6OU1zuYijEXEsssm1iWJhKCKejIifMtn+Wn14txsNAAAAAAAAAAAAAAAAAAAA+0x5fmFytFgszCpsLETE0tZuubbFh/6vbPNYbWUHR5rb3BP7eW8Vqv17ohm7XdjFQQkAAAAAAAAAAAAAAAAAAHrU/Yd+u1g53YEGAQAAAAAAAAAAAAAAAAAAQE9Kf0siojadHHjpyPqlTyQrmfprRLx3+8rH10crldnh2vw/V+dXPmnOP9M+wsH+be8E0IVWnrbyGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALivPL8wOVosFma3sbDbfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FP8GAAD//wbmv/Y=")
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)

548.334496ms ago: executing program 1 (id=2421):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0x20)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x804000, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x12, r2, 0x200000000000000)

296.916036ms ago: executing program 6 (id=2422):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)=0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x6}, 0x18)
memfd_create(0x0, 0x5)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x6, 0xfc}]})

290.877767ms ago: executing program 9 (id=2423):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)={0x1c, r4, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
write$nci(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="414601", @ANYRES32=r3], 0x4)

282.110908ms ago: executing program 3 (id=2424):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x1}, 0x18)
r2 = add_key$user(&(0x7f0000000000), &(0x7f0000000a80)={'syz', 0x0}, &(0x7f0000000ac0)="cd", 0x1, 0xffffffffffffffff)
r3 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000002c0)=@chain={'key_or_keyring:', r2})
keyctl$KEYCTL_MOVE(0x1e, r2, 0xffffffffffffffff, r3, 0x0)

281.471408ms ago: executing program 0 (id=2425):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

134.078469ms ago: executing program 9 (id=2426):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x50)
unshare(0x2040400)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000080)=[{&(0x7f0000000500)="7c15b6bce0568bdbef75e4667376c6507c51094765fcc21aa8810d5a760327a50bc67e6f84d202", 0x27}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)

133.87034ms ago: executing program 3 (id=2427):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x4000, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
fallocate(r1, 0x0, 0x9, 0x2000406)

92.139853ms ago: executing program 6 (id=2428):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb7e, &(0x7f0000000c40)="$eJzs3M1rVFcbAPDn3nwYNb6JL/LyWkoNtGChOBrFSl2py9ZFof0DHOJEQq4fZFIwwUVsF9JVLXTTRaFdlP4Bha6z0UJXpZtWWuheKkV0n3InM8lgZpJUZzx+/H5w555zz2Se55lL5p4DcyeAl9ZE+ZBH7I+Ic1nEWPN4HhHDjdZIxNLq8x7cvzb18P61qSxWVj74O4useaz1Wllzv7vZGYmIX85k8d9PNsatLyzOVouiNtfsH56/eOVwfWHx0MzF6oXahdqlyROTx46fOHb87SM9q/XdvTfPfjV5as/3Z25dfe3G719mcSpGm2PtdfTKREysvSftBiOi2utgiQw062mvMxtMmBAAAJvK2+Zw/4uxGIj1ydtY3Po1aXIAAABAT6wMRKwAAAAAL7jM+h8AAABecK3vATy4f22qtaX9RsLTde90RIx3qn8wlhr7kRiKiF0Psmi/rTVb/bMnNhER+34a/7Hcok/3IW9m6XpE/L9T/Vmj/vHGXdwb688johd3Zk880n+e6j/Vg/ip6wfg5bR8evVCtvH6l6/Nf6LD9W+ww7XrcaS+/nWf/63XP9Bl/vf+NmPUDnz6ebex9vlf8e2rt8v45f6JivoX7l2PeGWw+/ynrD/rUv+5bcYY+uPnH7qNlfWX9ba2p13/yjcRBzuuf9Z/0Sbb/PeJDk/PFLXmY8cYN25/t69b/PbzX25l/NZa4Gkoz/+uLvVvdf6vbDPG8l8H/+w2tnX9+d3h7MNGa7h55Gp1fn5uMmI4O7vx+NHNc2k9p/UaZf1vvr75/3+n+svPhKXm+1CuBa4392X/40diHnrvnTcev/7+Kus//5jn/+Y2Y3z92dzdbmOp6wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+ZBHxGhkeWWtneeVSsTuiNgXu/Licn3+renLH106X45FjMdQPj1T1I5ExNhqPyv7k432ev/oI/1jEbE3Ir4Y29noV6YuF+dTFw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCa3RExGlleiYg8Ih6O5XmlkjorAAAAoOfGUycAAAAA9J31PwAAALz4rP8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADos70Hlu9kEbF0cmdjKw03x4aSZgb0W546ASCZgdQJAMkMpk4ASMYaH8i2GB/pOrKj57kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Ow6uH/5ThYRSyd3NrbScHNsKGlmQL/lqRMAkhlInQCQzGDqBIBkrPGBbIvxka4jO3qeCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPrtHGluWViMgb7TyvVCL2RMR4DGXTM0XtSET8JyJ+GxvaUfYnUycNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAz9UXFmerRVGb09DQ0FhrpP5kAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAghfrC4my1KGpz9dSZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKnVFxZnq0VRm+tjI3WNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACk808AAAD///qbAaI=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
ptrace(0x10, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x8004587d, &(0x7f0000000080)={0x0, r1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)

0s ago: executing program 0 (id=2430):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c757466383d302c696f636861727365743d63703836302c696f636861727365743d6d616363726f617469616e2c756e695f786c6174653d312c747a3d5554432c6e6f6e756d7461696c3d302c756e695f786c6174653d312c696f636861727365743d63703433372c73686f72746e616d653d77696e6e742c726f6469722c73686f72746e616d653d6d697865642c6e6f636173652c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c736d61636b66736465663d757466383d302c64697273796e632c736d61636b66736861743d262c657569643e807d6dc634ae06b292a3825c7626caa45b7a39a81660437a556646a082c54e8cf9c81260f6a760b9f06d5738818ee5a4503b0364b0f4c56abfe2", @ANYRESDEC=0x0, @ANYBLOB="2c6f626a5f726f6c653d2c686173682ca8ea26de004d2208fc414d630834ec2191519244adb53cec31ddc7b9b58f32238fac4fbdc332b1719e34"], 0x25, 0x34f, &(0x7f0000000840)="$eJzs3T9sG2UUAPDnXhKnESUekCqYDBsSqpogBpgSVUWqyABFFv8WLJryJzaVYmEpDHG8gComEAsSTGwdYOyMGBBiY2ClSKiAWOhWqRGHbJ/tc+xQZ3Boxe83RE/v+9597y6n3CVKvrzeiq1L83H51q2bsbhYiLm1c2txuxClOBFJ9OzFRB8tTM4DAPe422kaf6U9d5/9yVI/8uwHgPtX9/n/5qlhoniE4qsPzKIlAGDGpvz+//mJ2SszawsAmKGx5/9jI8MHfsw/N/idAADg/vXiK68+t74RcbFcXoyof9isNCvxzHB8/XK8HbXYjLOxHPsRvReF3ttC5+OzFzbOny13/FaKSqeiWYmot5qV3pvCetKtL8ZKLEcpq08H9UmnfqVbX46IvVZ3/agXmpX5WMrW/3kpNmM1luOhsfqICxvnV8vZASr1fn0roh2L/ZPo9H8mluPHN+JK1OJSdGqH/e+ulMvn0o2R+ua1YnceAAAAAAAAAAAAAAAAAAAAAADMwpnyQGmw/01abzU/uHhwQmlkf5xKbzjbH6jd2x8oLfZ357maHNwfaHR/nmZlLk78p2cOAAAAAAAAAAAAAAAAAAAA947GzkJUa7XN7cbO+1v5oJXLvPv9V9+ejP7QXFb6TjKsiiw5cpz+xNyRkxgskQ7K02RkThYkEf3Je9Vr1wcd5+cUB2cxVt4JimNDhaynaq126tFfP59U9Xcn2Otmkhi7LKNBIVs/N1R/sJNYjIj9w6oOD1bvMudGmqaHle9+Nl4VhYi5OHIbUwTf3Xzr4Scbp5/qZr7JNn14/Inll258+uUfW9VatHtXplZb2G7sp1McudPr+FCSu38K2XUuTLgTJgftYaa93dipJj/9+fIjH/9wYHIy+f5J85n3Dl/r64OZhV5QiCj1L8K/tTo/4eafHLx2Z3D3Hv0Td/qLter13V9+n7Yq90XCRh0AAAAAAAAAAAAAAAAAAHAscn8rfgRPvzC7jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+A3//38uaI9lpgnutGJ8qLi53Th08ZPHeqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyP/RMAAP//rShzCQ==")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r2, r2, 0x0, 0x800000009)

kernel console output (not intermixed with test programs):

 capacity change from 0 to 512
[   79.927279][ T6863] loop0: detected capacity change from 0 to 1024
[   79.934198][ T6863] EXT4-fs: Ignoring removed oldalloc option
[   79.936701][ T6859] EXT4-fs (loop3): orphan cleanup on readonly fs
[   79.940681][ T6863] EXT4-fs: Ignoring removed orlov option
[   79.949235][ T6860] __quota_error: 150 callbacks suppressed
[   79.949346][ T6860] Quota error (device loop5): v2_read_file_info: Free block number 1 out of range (1, 6).
[   79.953524][ T6859] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.1371: bad orphan inode 13
[   79.958579][ T6860] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   79.969282][ T6859] ext4_test_bit(bit=12, block=18) = 1
[   79.981686][ T6861] vlan2: entered allmulticast mode
[   79.992661][ T6859] is_bad_inode(inode)=0
[   79.999956][ T6860] EXT4-fs (loop5): mount failed
[   80.003235][ T6859] NEXT_ORPHAN(inode)=2130706432
[   80.010199][ T6863] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.012254][ T6859] max_ino=32
[   80.032526][ T6859] i_nlink=1
[   80.036188][ T6859] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   80.077563][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.108656][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.187091][ T6877] bridge0: entered promiscuous mode
[   80.194206][ T6877] bridge0: port 3(macsec2) entered blocking state
[   80.200707][ T6877] bridge0: port 3(macsec2) entered disabled state
[   80.208135][ T6877] macsec2: entered allmulticast mode
[   80.213478][ T6877] bridge0: entered allmulticast mode
[   80.222012][ T6875] loop3: detected capacity change from 0 to 512
[   80.225240][ T6880] loop4: detected capacity change from 0 to 764
[   80.231682][ T6875] journal_path: Non-blockdev passed as './bus'
[   80.241052][ T6875] EXT4-fs: error: could not find journal device path
[   80.251360][   T29] audit: type=1326 audit(80.214:2208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6871 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc02b7ebe9 code=0x7ffc0000
[   80.256216][ T6877] macsec2: left allmulticast mode
[   80.274325][   T29] audit: type=1326 audit(80.214:2209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6871 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc02b7ebe9 code=0x7ffc0000
[   80.274359][   T29] audit: type=1326 audit(80.214:2210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6871 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fcc02b7ebe9 code=0x7ffc0000
[   80.274428][   T29] audit: type=1326 audit(80.214:2211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6871 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc02b7ebe9 code=0x7ffc0000
[   80.279518][ T6877] bridge0: left allmulticast mode
[   80.353099][   T29] audit: type=1326 audit(80.214:2212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6871 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc02b7ebe9 code=0x7ffc0000
[   80.375951][   T29] audit: type=1326 audit(80.214:2213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6871 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7fcc02b7ebe9 code=0x7ffc0000
[   80.398896][   T29] audit: type=1326 audit(80.214:2214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6871 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc02b7ebe9 code=0x7ffc0000
[   80.421968][   T29] audit: type=1326 audit(80.214:2215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6871 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc02b7ebe9 code=0x7ffc0000
[   80.478460][ T6877] bridge0: left promiscuous mode
[   80.549240][ T6893] geneve2: entered promiscuous mode
[   80.554508][ T6893] geneve2: entered allmulticast mode
[   80.593349][ T6895] loop3: detected capacity change from 0 to 128
[   80.603550][ T6895] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[   80.612381][ T6898] loop2: detected capacity change from 0 to 512
[   80.618865][ T6895] System zones: 1-3, 19-19, 35-36
[   80.624236][ T6898] EXT4-fs: Ignoring removed nobh option
[   80.630452][ T6895] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[   80.632516][ T6898] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.1385: iget: bad i_size value: 38620345925642
[   80.658458][ T6898] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1385: couldn't read orphan inode 15 (err -117)
[   80.684771][ T6898] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.703693][ T3306] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   80.748682][ T6908] loop4: detected capacity change from 0 to 512
[   80.756527][ T6908] EXT4-fs (loop4): orphan cleanup on readonly fs
[   80.764819][ T6908] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.1389: bad orphan inode 13
[   80.785689][ T6908] ext4_test_bit(bit=12, block=18) = 1
[   80.791165][ T6908] is_bad_inode(inode)=0
[   80.795451][ T6908] NEXT_ORPHAN(inode)=2130706432
[   80.800341][ T6908] max_ino=32
[   80.803574][ T6908] i_nlink=1
[   80.807249][ T6908] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   80.834640][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.857961][ T6913] tipc: Started in network mode
[   80.862978][ T6913] tipc: Node identity ac14140f, cluster identity 4711
[   80.870243][ T6913] tipc: New replicast peer: 255.255.255.255
[   80.871324][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.876345][ T6913] tipc: Enabled bearer <udp:syz2>, priority 10
[   80.899442][ T6913] netlink: 340 bytes leftover after parsing attributes in process `syz.0.1402'.
[   81.025748][ T6918] loop0: detected capacity change from 0 to 1024
[   81.033726][ T6918] EXT4-fs: Ignoring removed orlov option
[   81.042089][ T6918] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.153237][   T29] audit: type=1400 audit(81.124:2216): avc:  denied  { mount } for  pid=6932 comm="syz.4.1396" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   81.225227][ T6938] hub 8-0:1.0: USB hub found
[   81.236905][ T6938] hub 8-0:1.0: 8 ports detected
[   81.281073][ T6944] loop4: detected capacity change from 0 to 512
[   81.292100][ T6944] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   81.304014][ T6944] EXT4-fs (loop4): 1 truncate cleaned up
[   81.311149][ T6944] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.335336][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.385371][ T6951] loop0: detected capacity change from 0 to 1024
[   81.402042][ T6951] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.425289][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.477637][ T6366] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 1: comm kworker/u8:43: lblock 1 mapped to illegal pblock 1 (length 15)
[   81.493601][ T6366] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117
[   81.506104][ T6366] EXT4-fs (loop0): This should not happen!! Data will be lost
[   81.506104][ T6366] 
[   81.520243][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.589291][ T6966] loop3: detected capacity change from 0 to 1024
[   81.596177][ T6966] EXT4-fs: Ignoring removed oldalloc option
[   81.602801][ T6966] EXT4-fs: Ignoring removed orlov option
[   81.621260][ T6966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.694941][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.716130][ T6982] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1413'.
[   81.726199][ T6982] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1413'.
[   81.998692][ T1037] tipc: Node number set to 2886997007
[   82.249921][ T6995] loop2: detected capacity change from 0 to 128
[   82.269554][ T6995] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[   82.346406][ T3304] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   82.433810][ T7002] loop2: detected capacity change from 0 to 164
[   82.443812][ T7002] syz.2.1432: attempt to access beyond end of device
[   82.443812][ T7002] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   82.459097][ T7002] syz.2.1432: attempt to access beyond end of device
[   82.459097][ T7002] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[   82.622251][ T1037] hid_parser_main: 36 callbacks suppressed
[   82.622266][ T1037] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   82.635524][ T1037] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   82.643068][ T1037] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   82.650492][ T1037] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   82.657901][ T1037] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   82.665532][ T1037] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   82.672958][ T1037] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   82.680473][ T1037] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   82.687885][ T1037] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   82.695382][ T1037] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   82.712737][ T1037] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   82.857352][ T7026] loop3: detected capacity change from 0 to 1024
[   82.869634][ T7027] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1444'.
[   82.869943][ T7026] EXT4-fs: Ignoring removed orlov option
[   82.910498][ T7026] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.223084][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.238271][ T7035] loop4: detected capacity change from 0 to 1024
[   83.246730][ T7035] EXT4-fs: Ignoring removed orlov option
[   83.272097][ T7035] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.523410][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.121601][ T7052] geneve2: entered promiscuous mode
[   84.126887][ T7052] geneve2: entered allmulticast mode
[   84.217553][ T7066] netlink: 'syz.5.1445': attribute type 1 has an invalid length.
[   84.312317][ T7075] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1451'.
[   84.321564][ T7075] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1451'.
[   84.331010][ T7075] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1451'.
[   84.340219][ T7075] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1451'.
[   84.349414][ T7075] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1451'.
[   84.727621][ T7086] loop5: detected capacity change from 0 to 1024
[   84.740478][ T7086] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.766434][ T6404] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.172943][   T29] kauditd_printk_skb: 18 callbacks suppressed
[   85.172961][   T29] audit: type=1326 audit(85.144:2235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.2.1461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3900ebe9 code=0x7ffc0000
[   85.207440][   T29] audit: type=1326 audit(85.154:2236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.2.1461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f5d3900ebe9 code=0x7ffc0000
[   85.230485][   T29] audit: type=1326 audit(85.154:2237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.2.1461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3900ebe9 code=0x7ffc0000
[   85.253372][   T29] audit: type=1326 audit(85.154:2238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.2.1461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3900ebe9 code=0x7ffc0000
[   85.281713][   T29] audit: type=1326 audit(85.174:2239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.2.1461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f5d3900ebe9 code=0x7ffc0000
[   85.304700][   T29] audit: type=1326 audit(85.174:2240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.2.1461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3900ebe9 code=0x7ffc0000
[   85.327597][   T29] audit: type=1326 audit(85.184:2241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.2.1461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d3900ebe9 code=0x7ffc0000
[   85.350422][   T29] audit: type=1326 audit(85.184:2242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.2.1461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3900ebe9 code=0x7ffc0000
[   85.373148][   T29] audit: type=1326 audit(85.184:2243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.2.1461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3900ebe9 code=0x7ffc0000
[   85.395994][   T29] audit: type=1326 audit(85.184:2244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.2.1461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f5d3900ebe9 code=0x7ffc0000
[   85.419842][ T7100] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1462'.
[   85.606490][ T7119] batman_adv: batadv0: Removing interface: batadv_slave_0
[   85.615151][ T7121] rdma_op ffff88810b8a1d80 conn xmit_rdma 0000000000000000
[   85.647329][ T7119] batman_adv: batadv0: Removing interface: batadv_slave_1
[   85.667179][ T7123] SELinux: ebitmap: truncated map
[   85.677765][ T7123] SELinux: failed to load policy
[   85.814958][ T7138] netlink: 'syz.4.1480': attribute type 1 has an invalid length.
[   85.829364][ T7138] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.856713][ T7138] bond0: (slave veth11): Enslaving as an active interface with a down link
[   85.892854][ T7138] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.902010][ T7138] bond0: (slave batadv0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[   85.956329][ T7149] loop3: detected capacity change from 0 to 128
[   85.967567][ T7149] FAT-fs (loop3): Directory bread(block 32) failed
[   85.974525][ T7149] FAT-fs (loop3): Directory bread(block 33) failed
[   85.981285][ T7149] FAT-fs (loop3): Directory bread(block 34) failed
[   85.987818][ T7149] FAT-fs (loop3): Directory bread(block 35) failed
[   85.995783][ T7149] FAT-fs (loop3): Directory bread(block 36) failed
[   86.002412][ T7149] FAT-fs (loop3): Directory bread(block 37) failed
[   86.009451][ T7149] FAT-fs (loop3): Directory bread(block 38) failed
[   86.016011][ T7149] FAT-fs (loop3): Directory bread(block 39) failed
[   86.022989][ T7149] FAT-fs (loop3): Directory bread(block 40) failed
[   86.032900][ T7149] FAT-fs (loop3): Directory bread(block 41) failed
[   86.070686][ T7154] loop0: detected capacity change from 0 to 512
[   86.083369][ T7154] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.102112][ T7149] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[   86.110724][ T7149] FAT-fs (loop3): Filesystem has been set read-only
[   86.125027][ T7156] SELinux: ebitmap: truncated map
[   86.127264][ T7149] syz.3.1493: attempt to access beyond end of device
[   86.127264][ T7149] loop3: rw=2049, sector=4184, nr_sectors = 8 limit=128
[   86.134335][ T7156] SELinux: failed to load policy
[   86.166290][ T7149] syz.3.1493: attempt to access beyond end of device
[   86.166290][ T7149] loop3: rw=2049, sector=4200, nr_sectors = 4 limit=128
[   86.180043][ T7149] Buffer I/O error on dev loop3, logical block 1050, lost async page write
[   86.190827][ T7149] syz.3.1493: attempt to access beyond end of device
[   86.190827][ T7149] loop3: rw=2049, sector=4208, nr_sectors = 4 limit=128
[   86.195526][ T7163] loop4: detected capacity change from 0 to 1024
[   86.204366][ T7149] Buffer I/O error on dev loop3, logical block 1052, lost async page write
[   86.220442][ T7149] syz.3.1493: attempt to access beyond end of device
[   86.220442][ T7149] loop3: rw=2049, sector=4220, nr_sectors = 4 limit=128
[   86.234090][ T7149] Buffer I/O error on dev loop3, logical block 1055, lost async page write
[   86.242999][ T7149] syz.3.1493: attempt to access beyond end of device
[   86.242999][ T7149] loop3: rw=2049, sector=4228, nr_sectors = 4 limit=128
[   86.256501][ T7149] Buffer I/O error on dev loop3, logical block 1057, lost async page write
[   86.258415][ T7163] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.265383][ T7149] syz.3.1493: attempt to access beyond end of device
[   86.265383][ T7149] loop3: rw=2049, sector=4240, nr_sectors = 4 limit=128
[   86.291134][ T7149] Buffer I/O error on dev loop3, logical block 1060, lost async page write
[   86.299925][ T7149] syz.3.1493: attempt to access beyond end of device
[   86.299925][ T7149] loop3: rw=2049, sector=4248, nr_sectors = 4 limit=128
[   86.313474][ T7149] Buffer I/O error on dev loop3, logical block 1062, lost async page write
[   86.322296][ T7149] syz.3.1493: attempt to access beyond end of device
[   86.322296][ T7149] loop3: rw=2049, sector=4252, nr_sectors = 4 limit=128
[   86.356838][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.367909][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.496492][ T7188] __nla_validate_parse: 1 callbacks suppressed
[   86.496506][ T7188] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1500'.
[   86.512827][ T7188] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   86.520377][ T7188] batman_adv: batadv0: Removing interface: batadv_slave_0
[   86.533851][ T7188] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   86.541344][ T7188] batman_adv: batadv0: Removing interface: batadv_slave_1
[   86.553299][ T7195] loop2: detected capacity change from 0 to 512
[   86.591486][ T7195] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.674262][ T7206] netlink: 'syz.3.1505': attribute type 4 has an invalid length.
[   86.682282][ T7204] netlink: 'syz.4.1506': attribute type 1 has an invalid length.
[   86.685452][ T7206] netlink: 'syz.3.1505': attribute type 4 has an invalid length.
[   87.055036][ T7235] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1518'.
[   87.205669][ T7255] loop2: detected capacity change from 0 to 2048
[   87.233339][ T7255] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   87.258254][ T7255] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28
[   87.270675][ T7255] EXT4-fs (loop2): This should not happen!! Data will be lost
[   87.270675][ T7255] 
[   87.280357][ T7255] EXT4-fs (loop2): Total free blocks count 0
[   87.286387][ T7255] EXT4-fs (loop2): Free/Dirty block details
[   87.292343][ T7255] EXT4-fs (loop2): free_blocks=2415919104
[   87.298127][ T7255] EXT4-fs (loop2): dirty_blocks=48
[   87.303333][ T7255] EXT4-fs (loop2): Block reservation details
[   87.309354][ T7255] EXT4-fs (loop2): i_reserved_data_blocks=3
[   87.364175][ T7263] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1524'.
[   87.490967][ T7269] loop3: detected capacity change from 0 to 1024
[   87.513760][ T7269] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   87.704532][ T7289] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1538'.
[   87.755423][ T7297] loop3: detected capacity change from 0 to 164
[   87.769938][ T7297] syz.3.1541: attempt to access beyond end of device
[   87.769938][ T7297] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   87.786187][ T7297] syz.3.1541: attempt to access beyond end of device
[   87.786187][ T7297] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[   87.801438][ T7297] syz.3.1541: attempt to access beyond end of device
[   87.801438][ T7297] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[   87.900695][ T7305] loop0: detected capacity change from 0 to 1024
[   87.909480][ T7305] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   88.049300][ T7321] loop5: detected capacity change from 0 to 128
[   88.142043][ T7331] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1555'.
[   88.226751][ T7335] loop3: detected capacity change from 0 to 1024
[   88.255679][ T7335] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[   88.283860][ T7335] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[   88.296298][ T7335] EXT4-fs (loop3): This should not happen!! Data will be lost
[   88.296298][ T7335] 
[   88.306052][ T7335] EXT4-fs (loop3): Total free blocks count 0
[   88.312146][ T7335] EXT4-fs (loop3): Free/Dirty block details
[   88.318130][ T7335] EXT4-fs (loop3): free_blocks=20480
[   88.323546][ T7335] EXT4-fs (loop3): dirty_blocks=96
[   88.328789][ T7335] EXT4-fs (loop3): Block reservation details
[   88.334800][ T7335] EXT4-fs (loop3): i_reserved_data_blocks=6
[   88.384196][ T6402] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   88.396488][ T6402] EXT4-fs (loop3): This should not happen!! Data will be lost
[   88.396488][ T6402] 
[   88.483516][ T7351] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1564'.
[   88.509965][ T7353] loop3: detected capacity change from 0 to 512
[   88.517331][ T7353] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   88.530038][ T7353] EXT4-fs (loop3): 1 orphan inode deleted
[   88.535873][ T7353] EXT4-fs (loop3): 1 truncate cleaned up
[   88.550114][ T7353] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   88.565160][ T7353] EXT4-fs (loop3): Remounting filesystem read-only
[   88.652162][ T7364] atomic_op ffff88812b9fd528 conn xmit_atomic 0000000000000000
[   88.869286][ T7384] loop0: detected capacity change from 0 to 128
[   88.882887][ T7384] syz.0.1579: attempt to access beyond end of device
[   88.882887][ T7384] loop0: rw=2049, sector=138, nr_sectors = 112 limit=128
[   88.900871][ T7384] syz.0.1579: attempt to access beyond end of device
[   88.900871][ T7384] loop0: rw=2049, sector=138, nr_sectors = 2 limit=128
[   88.914405][ T7384] Buffer I/O error on dev loop0, logical block 69, lost async page write
[   88.923372][ T7384] syz.0.1579: attempt to access beyond end of device
[   88.923372][ T7384] loop0: rw=2049, sector=140, nr_sectors = 2 limit=128
[   88.936935][ T7384] Buffer I/O error on dev loop0, logical block 70, lost async page write
[   89.005760][ T7398] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1586'.
[   89.273186][ T7432] loop5: detected capacity change from 0 to 1024
[   89.282657][ T7432] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   89.340375][ T7441] netlink: 'syz.4.1604': attribute type 1 has an invalid length.
[   89.357541][ T7441] 8021q: adding VLAN 0 to HW filter on device bond1
[   89.407430][ T7441] bond1: (slave veth13): Enslaving as an active interface with a down link
[   89.434554][ T7441] bond1: (slave dummy0): making interface the new active one
[   89.443373][ T7441] dummy0: entered promiscuous mode
[   89.448788][ T7441] bond1: (slave dummy0): Enslaving as an active interface with an up link
[   89.462435][ T7441] syz.4.1604 (7441) used greatest stack depth: 10040 bytes left
[   89.553684][ T7457] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1611'.
[   89.722225][ T7472] loop4: detected capacity change from 0 to 164
[   89.737334][ T7472] syz.4.1615: attempt to access beyond end of device
[   89.737334][ T7472] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   89.765086][ T7472] syz.4.1615: attempt to access beyond end of device
[   89.765086][ T7472] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[   89.781600][ T7472] syz.4.1615: attempt to access beyond end of device
[   89.781600][ T7472] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[   90.161225][ T7500] loop4: detected capacity change from 0 to 1024
[   90.178763][ T7500] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   90.195080][   T29] kauditd_printk_skb: 295 callbacks suppressed
[   90.195093][   T29] audit: type=1400 audit(90.164:2540): avc:  denied  { setopt } for  pid=7501 comm="syz.2.1621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   90.358115][ T6404] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   90.369107][ T6404] CPU: 0 UID: 0 PID: 6404 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[   90.369134][ T6404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   90.369155][ T6404] Call Trace:
[   90.369163][ T6404]  <TASK>
[   90.369173][ T6404]  __dump_stack+0x1d/0x30
[   90.369194][ T6404]  dump_stack_lvl+0xe8/0x140
[   90.369263][ T6404]  dump_stack+0x15/0x1b
[   90.369284][ T6404]  dump_header+0x81/0x220
[   90.369324][ T6404]  oom_kill_process+0x342/0x400
[   90.369404][ T6404]  out_of_memory+0x979/0xb80
[   90.369469][ T6404]  try_charge_memcg+0x5e6/0x9e0
[   90.369507][ T6404]  charge_memcg+0x51/0xc0
[   90.369529][ T6404]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   90.369551][ T6404]  __read_swap_cache_async+0x1df/0x350
[   90.369655][ T6404]  swap_cluster_readahead+0x277/0x3e0
[   90.369704][ T6404]  swapin_readahead+0xde/0x6f0
[   90.369755][ T6404]  ? __filemap_get_folio+0x4f7/0x6b0
[   90.369796][ T6404]  ? bpf_get_stack_raw_tp+0x106/0x130
[   90.369828][ T6404]  ? swap_cache_get_folio+0x77/0x200
[   90.369934][ T6404]  do_swap_page+0x301/0x2430
[   90.369963][ T6404]  ? finish_task_switch+0xad/0x2b0
[   90.370043][ T6404]  ? __pfx_default_wake_function+0x10/0x10
[   90.370067][ T6404]  handle_mm_fault+0x9a5/0x2c20
[   90.370100][ T6404]  do_user_addr_fault+0x636/0x1090
[   90.370159][ T6404]  ? fpregs_restore_userregs+0xe2/0x1d0
[   90.370195][ T6404]  ? switch_fpu_return+0xe/0x20
[   90.370264][ T6404]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   90.370291][ T6404]  exc_page_fault+0x62/0xa0
[   90.370316][ T6404]  asm_exc_page_fault+0x26/0x30
[   90.370342][ T6404] RIP: 0033:0x7fab21c31465
[   90.370361][ T6404] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d fe 70 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[   90.370390][ T6404] RSP: 002b:00007ffe20cc81c8 EFLAGS: 00010246
[   90.370410][ T6404] RAX: 0000000000000000 RBX: 000000000000008b RCX: 00007fab21c31463
[   90.370426][ T6404] RDX: 00007ffe20cc81e0 RSI: 0000000000000000 RDI: 0000000000000000
[   90.370440][ T6404] RBP: 00007ffe20cc824c R08: 0000000012117ed5 R09: 0000000000000000
[   90.370455][ T6404] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[   90.370467][ T6404] R13: 00000000000927c0 R14: 0000000000015f0c R15: 00007ffe20cc82a0
[   90.370484][ T6404]  </TASK>
[   90.370490][ T6404] memory: usage 307200kB, limit 307200kB, failcnt 216
[   90.602315][ T6404] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0
[   90.610229][ T6404] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[   90.617505][ T6404] Memory cgroup stats for /syz5:
[   90.618225][ T6404] cache 0
[   90.626129][ T6404] rss 0
[   90.629019][ T6404] shmem 0
[   90.631958][ T6404] mapped_file 0
[   90.635417][ T6404] dirty 0
[   90.638399][ T6404] writeback 0
[   90.641705][ T6404] workingset_refault_anon 62
[   90.646287][ T6404] workingset_refault_file 0
[   90.650787][ T6404] swap 196608
[   90.654061][ T6404] swapcached 0
[   90.657429][ T6404] pgpgin 27868
[   90.660860][ T6404] pgpgout 27867
[   90.664318][ T6404] pgfault 25090
[   90.667829][ T6404] pgmajfault 40
[   90.671291][ T6404] inactive_anon 0
[   90.674993][ T6404] active_anon 0
[   90.678477][ T6404] inactive_file 0
[   90.682114][ T6404] active_file 4096
[   90.685856][ T6404] unevictable 0
[   90.689320][ T6404] hierarchical_memory_limit 314572800
[   90.694679][ T6404] hierarchical_memsw_limit 9223372036854771712
[   90.700872][ T6404] total_cache 0
[   90.704348][ T6404] total_rss 0
[   90.707628][ T6404] total_shmem 0
[   90.711120][ T6404] total_mapped_file 0
[   90.715094][ T6404] total_dirty 0
[   90.718598][ T6404] total_writeback 0
[   90.722410][ T6404] total_workingset_refault_anon 62
[   90.727524][ T6404] total_workingset_refault_file 0
[   90.732654][ T6404] total_swap 196608
[   90.736474][ T6404] total_swapcached 0
[   90.740533][ T6404] total_pgpgin 27868
[   90.744440][ T6404] total_pgpgout 27867
[   90.748466][ T6404] total_pgfault 25090
[   90.752502][ T6404] total_pgmajfault 40
[   90.756663][ T6404] total_inactive_anon 0
[   90.760824][ T6404] total_active_anon 0
[   90.764798][ T6404] total_inactive_file 0
[   90.769038][ T6404] total_active_file 4096
[   90.773271][ T6404] total_unevictable 0
[   90.777268][ T6404] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.1609,pid=7452,uid=0
[   90.791868][ T6404] Memory cgroup out of memory: Killed process 7452 (syz.5.1609) total-vm:95812kB, anon-rss:944kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   90.819196][ T7460] syz.5.1609 (7460) used greatest stack depth: 9936 bytes left
[   90.851936][ T7513] loop4: detected capacity change from 0 to 128
[   90.860001][ T7515] netlink: 'syz.0.1623': attribute type 1 has an invalid length.
[   90.877796][ T7514] loop2: detected capacity change from 0 to 2048
[   90.890553][ T7515] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.922906][ T7515] bond0: (slave veth11): Enslaving as an active interface with a down link
[   90.978988][ T7521] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.999737][ T7521] bond0: (slave batadv0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[   91.028049][ T7453] syz.5.1609 (7453) used greatest stack depth: 7528 bytes left
[   91.101914][ T7532] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1633'.
[   91.388292][   T29] audit: type=1326 audit(91.354:2541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7543 comm="syz.3.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   91.510799][   T29] audit: type=1326 audit(91.384:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7543 comm="syz.3.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   91.510836][   T29] audit: type=1326 audit(91.384:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7543 comm="syz.3.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   91.510867][   T29] audit: type=1326 audit(91.384:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7543 comm="syz.3.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   91.510940][   T29] audit: type=1326 audit(91.384:2545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7543 comm="syz.3.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   91.510976][   T29] audit: type=1326 audit(91.384:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7543 comm="syz.3.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   91.522705][ T7542] loop4: detected capacity change from 0 to 4096
[   91.742430][   T29] audit: type=1326 audit(91.644:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7543 comm="syz.3.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   91.742473][   T29] audit: type=1326 audit(91.644:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7543 comm="syz.3.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   91.823571][ T6402] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[   91.853468][ T7537] Set syz1 is full, maxelem 65536 reached
[   91.855252][ T6402] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   91.871503][ T6402] EXT4-fs (loop2): This should not happen!! Data will be lost
[   91.871503][ T6402] 
[   91.881173][ T6402] EXT4-fs (loop2): Total free blocks count 0
[   91.887183][ T6402] EXT4-fs (loop2): Free/Dirty block details
[   91.893130][ T6402] EXT4-fs (loop2): free_blocks=2415919504
[   91.898959][ T6402] EXT4-fs (loop2): dirty_blocks=8224
[   91.904302][ T6402] EXT4-fs (loop2): Block reservation details
[   91.910358][ T6402] EXT4-fs (loop2): i_reserved_data_blocks=514
[   91.940271][ T6368] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   91.952975][ T6368] EXT4-fs (loop2): This should not happen!! Data will be lost
[   91.952975][ T6368] 
[   91.965205][ T7556] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[   92.001889][ T7563] loop0: detected capacity change from 0 to 128
[   92.010321][   T29] audit: type=1326 audit(91.984:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7560 comm="syz.5.1646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab21bfebe9 code=0x7ffc0000
[   92.075320][ T7562] loop5: detected capacity change from 0 to 1024
[   92.101022][ T7573] macvtap1: entered allmulticast mode
[   92.106506][ T7573] bridge0: entered allmulticast mode
[   92.113290][ T7573] bridge0: port 3(macvtap1) entered blocking state
[   92.119906][ T7573] bridge0: port 3(macvtap1) entered disabled state
[   92.130802][ T7573] bridge0: left allmulticast mode
[   92.158559][ T7577] loop4: detected capacity change from 0 to 512
[   92.164168][ T7562] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[   92.166546][ T7577] journal_path: Non-blockdev passed as './bus'
[   92.185653][ T7577] EXT4-fs: error: could not find journal device path
[   92.207403][ T7562] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[   92.219959][ T7562] EXT4-fs (loop5): This should not happen!! Data will be lost
[   92.219959][ T7562] 
[   92.229639][ T7562] EXT4-fs (loop5): Total free blocks count 0
[   92.235650][ T7562] EXT4-fs (loop5): Free/Dirty block details
[   92.241624][ T7562] EXT4-fs (loop5): free_blocks=20480
[   92.246930][ T7562] EXT4-fs (loop5): dirty_blocks=96
[   92.252091][ T7562] EXT4-fs (loop5): Block reservation details
[   92.258133][ T7562] EXT4-fs (loop5): i_reserved_data_blocks=6
[   92.270936][ T7584] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   92.285254][ T7584] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   92.317091][ T6331] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   92.329493][ T6331] EXT4-fs (loop5): This should not happen!! Data will be lost
[   92.329493][ T6331] 
[   92.425252][ T7595] loop5: detected capacity change from 0 to 1024
[   92.438582][ T7595] EXT4-fs: Ignoring removed i_version option
[   92.455382][ T7595] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   92.477511][ T7595] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.1658: Invalid block bitmap block 0 in block_group 0
[   92.500479][ T7595] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1658: Failed to acquire dquot type 0
[   92.522383][ T7595] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.1658: Freeing blocks not in datazone - block = 0, count = 4096
[   92.539055][ T7595] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.1658: Invalid inode bitmap blk 0 in block_group 0
[   92.558764][ T6331] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:12: Failed to release dquot type 0
[   92.572485][ T7595] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[   92.582711][ T7595] EXT4-fs (loop5): 1 orphan inode deleted
[   93.251827][ T7610] loop3: detected capacity change from 0 to 128
[   93.254856][ T7609] loop4: detected capacity change from 0 to 1024
[   93.318289][ T7609] loop4: detected capacity change from 1024 to 64
[   93.364821][ T3310] EXT4-fs warning (device loop4): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.392316][ T3310] EXT4-fs warning (device loop4): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.406668][ T3310] EXT4-fs warning (device loop4): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.423858][ T3310] EXT4-fs warning (device loop4): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.440172][ T3310] EXT4-fs warning (device loop4): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.454375][ T3310] EXT4-fs warning (device loop4): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.468831][ T3310] EXT4-fs warning (device loop4): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.472628][ T7624] loop0: detected capacity change from 0 to 1024
[   93.482784][ T3310] EXT4-fs warning (device loop4): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.502634][ T3310] EXT4-fs warning (device loop4): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.534769][ T3310] EXT4-fs warning (device loop4): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.538650][ T7624] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[   93.582988][ T7624] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[   93.595583][ T7624] EXT4-fs (loop0): This should not happen!! Data will be lost
[   93.595583][ T7624] 
[   93.605399][ T7624] EXT4-fs (loop0): Total free blocks count 0
[   93.611641][ T7624] EXT4-fs (loop0): Free/Dirty block details
[   93.617571][ T7624] EXT4-fs (loop0): free_blocks=20480
[   93.622982][ T7624] EXT4-fs (loop0): dirty_blocks=96
[   93.628122][ T7624] EXT4-fs (loop0): Block reservation details
[   93.634159][ T7624] EXT4-fs (loop0): i_reserved_data_blocks=6
[   93.682976][ T7613] kmmpd-loop4: attempt to access beyond end of device
[   93.682976][ T7613] loop4: rw=14337, sector=128, nr_sectors = 2 limit=64
[   93.696610][ T7613] Buffer I/O error on dev loop4, logical block 64, lost sync page write
[   93.715703][ T6378] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   93.728051][ T6378] EXT4-fs (loop0): This should not happen!! Data will be lost
[   93.728051][ T6378] 
[   93.839541][ T7666] geneve0: entered allmulticast mode
[   93.846483][ T7661] loop2: detected capacity change from 0 to 1024
[   93.853700][ T7666] geneve0: entered promiscuous mode
[   93.938233][ T7661] loop2: detected capacity change from 1024 to 64
[   93.958857][ T3304] EXT4-fs warning (device loop2): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.972862][ T3304] EXT4-fs warning (device loop2): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   93.999871][ T3304] EXT4-fs warning (device loop2): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   94.019386][ T3304] EXT4-fs warning (device loop2): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   94.038002][ T3304] EXT4-fs warning (device loop2): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   94.056947][ T3304] EXT4-fs warning (device loop2): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   94.065142][ T7665] geneve0: left promiscuous mode
[   94.070585][ T3304] EXT4-fs warning (device loop2): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   94.075464][ T7665] geneve0: left allmulticast mode
[   94.088884][ T3304] EXT4-fs warning (device loop2): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   94.107635][ T3304] EXT4-fs warning (device loop2): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   94.122688][ T3304] EXT4-fs warning (device loop2): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   94.142770][ T7663] chnl_net:caif_netlink_parms(): no params data found
[   94.166336][ T7683] loop0: detected capacity change from 0 to 164
[   94.173642][ T7670] kmmpd-loop2: attempt to access beyond end of device
[   94.173642][ T7670] loop2: rw=14337, sector=128, nr_sectors = 2 limit=64
[   94.175234][ T7683] syz.0.1686: attempt to access beyond end of device
[   94.175234][ T7683] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   94.187223][ T7670] Buffer I/O error on dev loop2, logical block 64, lost sync page write
[   94.209568][ T7683] syz.0.1686: attempt to access beyond end of device
[   94.209568][ T7683] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[   94.256174][ T7683] syz.0.1686: attempt to access beyond end of device
[   94.256174][ T7683] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[   94.276875][ T7692] loop3: detected capacity change from 0 to 164
[   94.283575][ T7692] iso9660: Unknown parameter ''
[   94.284004][ T7663] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.295829][ T7663] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.303273][ T7663] bridge_slave_0: entered allmulticast mode
[   94.310220][ T7663] bridge_slave_0: entered promiscuous mode
[   94.317044][ T7663] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.324158][ T7663] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.331609][ T7663] bridge_slave_1: entered allmulticast mode
[   94.338241][ T7663] bridge_slave_1: entered promiscuous mode
[   94.360664][ T7663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.372707][ T7663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.399512][ T7663] team0: Port device team_slave_0 added
[   94.406551][ T7663] team0: Port device team_slave_1 added
[   94.426100][ T7663] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.433158][ T7663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.459119][ T7663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.473791][ T7663] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.480928][ T7663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.507010][ T7663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.568449][ T7700] SELinux: failed to load policy
[   94.570051][ T7698] bridge0: entered promiscuous mode
[   94.593340][ T7698] macvtap1: entered allmulticast mode
[   94.598922][ T7698] bridge0: entered allmulticast mode
[   94.606245][ T7698] bridge0: port 3(macvtap1) entered blocking state
[   94.612940][ T7698] bridge0: port 3(macvtap1) entered disabled state
[   94.620803][ T7698] bridge0: left allmulticast mode
[   94.622192][ T7710] loop3: detected capacity change from 0 to 512
[   94.626000][ T7698] bridge0: left promiscuous mode
[   94.653547][ T7710] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1698: corrupted inode contents
[   94.666380][ T7710] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1698: mark_inode_dirty error
[   94.678658][ T7710] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1698: corrupted inode contents
[   94.695933][ T7663] hsr_slave_0: entered promiscuous mode
[   94.713339][ T7663] hsr_slave_1: entered promiscuous mode
[   94.719584][ T7663] debugfs: 'hsr0' already exists in 'hsr'
[   94.725362][ T7663] Cannot create hsr debugfs directory
[   94.921808][ T7663] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   94.944583][ T7741] loop3: detected capacity change from 0 to 4096
[   94.950928][ T7704] chnl_net:caif_netlink_parms(): no params data found
[   94.962054][ T7663] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   94.986600][ T7663] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   95.000886][ T7663] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   95.023824][ T7749] bridge0: entered promiscuous mode
[   95.030833][ T7749] macvtap1: entered allmulticast mode
[   95.036361][ T7749] bridge0: entered allmulticast mode
[   95.043470][ T7749] bridge0: port 3(macvtap1) entered blocking state
[   95.050186][ T7749] bridge0: port 3(macvtap1) entered disabled state
[   95.061968][ T7749] bridge0: left allmulticast mode
[   95.067048][ T7749] bridge0: left promiscuous mode
[   95.082623][ T7756] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1712'.
[   95.135216][ T7704] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.142536][ T7704] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.150801][ T7704] bridge_slave_0: entered allmulticast mode
[   95.162389][ T7704] bridge_slave_0: entered promiscuous mode
[   95.185855][ T7704] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.193134][ T7704] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.201377][ T7704] bridge_slave_1: entered allmulticast mode
[   95.208129][ T7704] bridge_slave_1: entered promiscuous mode
[   95.231949][ T7772] netlink: 'syz.3.1716': attribute type 30 has an invalid length.
[   95.247436][ T7704] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.258364][ T7704] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.281985][ T7704] team0: Port device team_slave_0 added
[   95.290205][ T7704] team0: Port device team_slave_1 added
[   95.316351][   T29] kauditd_printk_skb: 110 callbacks suppressed
[   95.316366][   T29] audit: type=1326 audit(95.284:2657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7773 comm="syz.3.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   95.347083][   T29] audit: type=1326 audit(95.294:2658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7773 comm="syz.3.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   95.347471][ T7704] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.369942][   T29] audit: type=1326 audit(95.294:2659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7773 comm="syz.3.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   95.376819][ T7704] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.399530][   T29] audit: type=1326 audit(95.294:2660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7773 comm="syz.3.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   95.399564][   T29] audit: type=1326 audit(95.294:2661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7773 comm="syz.3.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   95.425606][ T7704] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.448227][   T29] audit: type=1326 audit(95.294:2662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7773 comm="syz.3.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   95.475054][ T7704] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.511242][ T7704] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.511703][   T29] audit: type=1326 audit(95.484:2663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7773 comm="syz.3.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   95.537178][ T7704] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.560244][ T7774] loop3: detected capacity change from 0 to 512
[   95.570514][   T29] audit: type=1326 audit(95.484:2664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7773 comm="syz.3.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   95.601179][   T29] audit: type=1326 audit(95.524:2665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7773 comm="syz.3.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[   95.622751][ T7663] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.624086][   T29] audit: type=1326 audit(95.524:2666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7773 comm="syz.3.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1ed5d4ec23 code=0x7ffc0000
[   95.637342][ T7663] 8021q: adding VLAN 0 to HW filter on device team0
[   95.660431][ T7774] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[   95.668833][ T7774] EXT4-fs (loop3): orphan cleanup on readonly fs
[   95.675548][ T7774] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   95.690711][ T7774] EXT4-fs (loop3): Cannot turn on quotas: error -22
[   95.697536][ T7774] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #13: comm syz.3.1717: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   95.700832][ T7704] hsr_slave_0: entered promiscuous mode
[   95.723487][ T7704] hsr_slave_1: entered promiscuous mode
[   95.723679][ T7774] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1717: couldn't read orphan inode 13 (err -117)
[   95.729542][ T7704] debugfs: 'hsr0' already exists in 'hsr'
[   95.746926][ T7704] Cannot create hsr debugfs directory
[   95.763235][ T6333] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.770324][ T6333] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.779701][ T6333] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.786818][ T6333] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.875712][ T7704] netdevsim netdevsim7 netdevsim0: renamed from eth0
[   95.885278][ T7704] netdevsim netdevsim7 netdevsim1: renamed from eth1
[   95.896597][ T7704] netdevsim netdevsim7 netdevsim2: renamed from eth2
[   95.905971][ T7704] netdevsim netdevsim7 netdevsim3: renamed from eth3
[   95.935244][ T7663] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.964423][ T7704] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.979636][ T7704] 8021q: adding VLAN 0 to HW filter on device team0
[   95.989195][ T6378] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.996343][ T6378] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.009595][ T6378] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.016719][ T6378] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.047442][ T7704] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   96.057924][ T7704] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   96.145223][ T7663] veth0_vlan: entered promiscuous mode
[   96.154106][ T7663] veth1_vlan: entered promiscuous mode
[   96.189361][ T7663] veth0_macvtap: entered promiscuous mode
[   96.190913][ T7663] veth1_macvtap: entered promiscuous mode
[   96.207475][ T7816] netlink: 100 bytes leftover after parsing attributes in process `syz.5.1723'.
[   96.209255][ T7704] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.211466][ T7663] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.213201][ T7663] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.233941][ T6402] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.234046][ T6402] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.234099][ T6402] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.234137][ T6402] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.320097][ T7825] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1680'.
[   96.320294][ T7825] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1680'.
[   96.321997][ T7828] loop3: detected capacity change from 0 to 512
[   96.337429][ T7828] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   96.350261][ T7828] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.1734: invalid indirect mapped block 83886080 (level 1)
[   96.360987][ T7832] bridge0: entered promiscuous mode
[   96.387919][ T7828] EXT4-fs (loop3): Remounting filesystem read-only
[   96.398857][ T7832] macvtap1: entered allmulticast mode
[   96.415111][ T7832] bridge0: entered allmulticast mode
[   96.416850][ T7832] bridge0: port 3(macvtap1) entered blocking state
[   96.427156][ T7832] bridge0: port 3(macvtap1) entered disabled state
[   96.433895][ T7828] EXT4-fs (loop3): 1 orphan inode deleted
[   96.439769][ T7828] EXT4-fs (loop3): 1 truncate cleaned up
[   96.453731][ T7832] bridge0: left allmulticast mode
[   96.458967][ T7832] bridge0: left promiscuous mode
[   96.609319][ T7849] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1731'.
[   96.616113][ T7843] syzkaller0: entered promiscuous mode
[   96.623986][ T7843] syzkaller0: entered allmulticast mode
[   96.638603][ T7846] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1730'.
[   96.722562][ T7704] veth0_vlan: entered promiscuous mode
[   96.744663][ T7704] veth1_vlan: entered promiscuous mode
[   96.779712][ T7861] netlink: 'syz.6.1737': attribute type 10 has an invalid length.
[   96.802825][ T7704] veth0_macvtap: entered promiscuous mode
[   96.820064][ T7861] team0: Device hsr_slave_0 failed to register rx_handler
[   96.841780][ T7862] loop0: detected capacity change from 0 to 4096
[   96.853549][ T7704] veth1_macvtap: entered promiscuous mode
[   96.887139][ T7704] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.899933][ T7704] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.922971][ T6402] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.937354][ T6402] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.951040][ T6402] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.972233][ T6333] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.026892][ T7878] loop5: detected capacity change from 0 to 2048
[   97.035894][ T7886] geneve0: entered allmulticast mode
[   97.047526][ T7886] geneve0: entered promiscuous mode
[   97.081930][ T7893] cgroup: Invalid name
[   97.107302][ T7895] netlink: 340 bytes leftover after parsing attributes in process `syz.7.1747'.
[   97.202855][ T7881] geneve0: left promiscuous mode
[   97.207927][ T7881] geneve0: left allmulticast mode
[   97.276537][ T7913] loop0: detected capacity change from 0 to 512
[   97.284792][ T7913] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   97.304087][ T7913] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.1767: invalid indirect mapped block 83886080 (level 1)
[   97.319286][ T7913] EXT4-fs (loop0): Remounting filesystem read-only
[   97.326008][ T7913] EXT4-fs (loop0): 1 orphan inode deleted
[   97.331923][ T7913] EXT4-fs (loop0): 1 truncate cleaned up
[   97.854812][ T7937] loop0: detected capacity change from 0 to 164
[   97.861751][ T7937] iso9660: Unknown parameter ''
[   97.867985][ T7938] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.045241][ T7953] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1770'.
[   98.079335][ T7956] cgroup: Invalid name
[   98.111854][ T7960] smc: net device bond0 applied user defined pnetid SYZ0
[   98.119538][ T7960] smc: net device bond0 erased user defined pnetid SYZ0
[   98.198970][ T7968] loop7: detected capacity change from 0 to 164
[   98.205908][ T7969] pim6reg1: entered promiscuous mode
[   98.211268][ T7969] pim6reg1: entered allmulticast mode
[   98.218499][ T7968] iso9660: Unknown parameter ''
[   98.517001][ T7981] Set syz1 is full, maxelem 65536 reached
[   99.042560][ T7985] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1786'.
[   99.076745][ T7989] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1788'.
[   99.089052][ T7989] bridge0: port 3(vlan2) entered blocking state
[   99.095446][ T7989] bridge0: port 3(vlan2) entered disabled state
[   99.102526][ T7989] vlan2: entered allmulticast mode
[   99.107675][ T7989] bridge0: entered allmulticast mode
[   99.115890][ T7989] vlan2: left allmulticast mode
[   99.120867][ T7989] bridge0: left allmulticast mode
[   99.138617][ T7993] smc: net device bond0 applied user defined pnetid SYZ0
[   99.146018][ T7993] smc: net device bond0 erased user defined pnetid SYZ0
[   99.293209][ T8008] loop5: detected capacity change from 0 to 512
[   99.317419][ T8008] EXT4-fs mount: 51 callbacks suppressed
[   99.317440][ T8008] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.341313][ T8013] netlink: 'syz.3.1798': attribute type 1 has an invalid length.
[   99.360509][ T8015] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.373718][ T6404] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.483266][ T7938] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.532137][ T7938] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.599091][ T6402] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.615373][ T7938] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.634162][ T8015] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.651400][ T6402] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.689148][ T6368] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.703032][ T6335] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.720662][ T8015] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.734610][ T6402] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.746353][ T6333] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.762785][ T8015] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.780133][ T6335] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.792093][ T6402] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.843674][ T6335] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.857173][ T6378] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.886789][ T6378] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.904360][ T6378] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.946837][ T8029] chnl_net:caif_netlink_parms(): no params data found
[   99.956808][ T6402] bridge_slave_1: left allmulticast mode
[   99.962611][ T6402] bridge_slave_1: left promiscuous mode
[   99.968363][ T6402] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.991298][ T6402] bridge_slave_0: left allmulticast mode
[   99.997087][ T6402] bridge_slave_0: left promiscuous mode
[  100.002994][ T6402] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.091577][ T8058] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8058 comm=syz.6.1817
[  100.104280][ T8058] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8058 comm=syz.6.1817
[  100.150422][ T6402] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  100.160467][ T6402] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  100.170408][ T6402] bond0 (unregistering): Released all slaves
[  100.215620][ T6402] hsr_slave_0: left promiscuous mode
[  100.221455][ T6402] hsr_slave_1: left promiscuous mode
[  100.227055][ T6402] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.234518][ T6402] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.242093][ T6402] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.249513][ T6402] batman_adv: batadv0: Removing interface: batadv_slave_1
[  100.260528][ T6402] veth1_macvtap: left promiscuous mode
[  100.266037][ T6402] veth0_macvtap: left promiscuous mode
[  100.271639][ T6402] veth1_vlan: left promiscuous mode
[  100.276962][ T6402] veth0_vlan: left promiscuous mode
[  100.334474][ T8065] netlink: 'syz.3.1818': attribute type 1 has an invalid length.
[  100.369946][ T6402] team0 (unregistering): Port device team_slave_1 removed
[  100.379597][ T6402] team0 (unregistering): Port device team_slave_0 removed
[  100.411887][ T8029] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.419175][ T8029] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.427987][ T8029] bridge_slave_0: entered allmulticast mode
[  100.435033][ T8029] bridge_slave_0: entered promiscuous mode
[  100.448888][ T8068] loop0: detected capacity change from 0 to 164
[  100.452086][ T8065] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.462090][ T8068] rock: directory entry would overflow storage
[  100.468336][ T8068] rock: sig=0x66, size=4, remaining=3
[  100.477503][ T8068] rock: directory entry would overflow storage
[  100.479159][ T8066] bond0: (slave veth5): Enslaving as an active interface with a down link
[  100.483892][ T8068] rock: sig=0x66, size=4, remaining=3
[  100.497955][ T8029] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.498247][ T8068] iso9660: Corrupted directory entry in block 4 of inode 1792
[  100.505207][ T8029] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.530561][ T8029] bridge_slave_1: entered allmulticast mode
[  100.537427][ T8029] bridge_slave_1: entered promiscuous mode
[  100.554317][ T8070] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.563027][ T8070] bond0: (slave batadv0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[  100.590504][ T8029] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.601282][ T8029] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.621779][ T8029] team0: Port device team_slave_0 added
[  100.628769][ T8029] team0: Port device team_slave_1 added
[  100.645592][ T8029] batman_adv: batadv0: Adding interface: batadv_slave_0
[  100.652672][ T8029] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.678731][ T8029] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  100.690386][ T8029] batman_adv: batadv0: Adding interface: batadv_slave_1
[  100.697412][ T8029] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.723461][ T8029] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  100.738912][ T6368] dummy0: left promiscuous mode
[  100.762052][ T8029] hsr_slave_0: entered promiscuous mode
[  100.768701][ T8029] hsr_slave_1: entered promiscuous mode
[  100.774771][ T8029] debugfs: 'hsr0' already exists in 'hsr'
[  100.778891][ T8075] __nla_validate_parse: 2 callbacks suppressed
[  100.778909][ T8075] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1831'.
[  100.780595][ T8029] Cannot create hsr debugfs directory
[  100.806364][ T8076] smc: net device bond0 applied user defined pnetid SYZ0
[  100.815104][ T8076] smc: net device bond0 erased user defined pnetid SYZ0
[  100.876657][ T8081] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  100.886634][ T8081] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.936112][ T6368] syzkaller0: tun_net_xmit 76
[  100.940980][ T6368] syzkaller0: tun_net_xmit 48
[  100.956608][ T8083] syzkaller0: tun_chr_ioctl cmd 1074025677
[  100.962506][ T8083] syzkaller0: Linktype set failed because interface is up
[  100.969942][   T36] syzkaller0: tun_net_xmit 76
[  100.976114][ T8081] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  100.986151][ T8081] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.010336][ T8029] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  101.070676][ T8029] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  101.102580][ T8081] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  101.112577][ T8081] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.131785][ T8029] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  101.167215][ T8029] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  101.238601][ T8086] Set syz1 is full, maxelem 65536 reached
[  101.261652][   T29] kauditd_printk_skb: 314 callbacks suppressed
[  101.261667][   T29] audit: type=1326 audit(101.234:2981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8097 comm="syz.3.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  101.275453][ T8029] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.319286][ T8081] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  101.329189][ T8081] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.338459][ T8100] loop3: detected capacity change from 0 to 2048
[  101.345934][   T29] audit: type=1326 audit(101.264:2982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8097 comm="syz.3.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  101.368914][   T29] audit: type=1326 audit(101.264:2983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8097 comm="syz.3.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  101.391842][   T29] audit: type=1326 audit(101.264:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8097 comm="syz.3.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  101.414836][   T29] audit: type=1326 audit(101.264:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8097 comm="syz.3.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  101.437929][   T29] audit: type=1326 audit(101.264:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8097 comm="syz.3.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  101.461118][   T29] audit: type=1326 audit(101.264:2987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8097 comm="syz.3.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  101.484568][   T29] audit: type=1326 audit(101.264:2988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8097 comm="syz.3.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  101.507651][   T29] audit: type=1326 audit(101.274:2989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8097 comm="syz.3.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  101.511054][ T8100] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.530588][   T29] audit: type=1326 audit(101.274:2990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8097 comm="syz.3.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  101.536479][ T8029] 8021q: adding VLAN 0 to HW filter on device team0
[  101.580509][ T6378] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.587608][ T6378] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.617778][ T6378] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.624908][ T6378] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.650723][ T6402] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  101.659142][ T6402] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.692867][ T6402] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  101.701309][ T6402] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.721399][ T6402] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  101.729741][ T6402] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.762288][ T6402] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  101.770593][ T6402] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.787572][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.849968][ T8029] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.924132][ T8138] dummy0: entered promiscuous mode
[  101.929409][ T8138] macsec1: entered allmulticast mode
[  101.934696][ T8138] dummy0: entered allmulticast mode
[  101.941890][ T8138] dummy0: left allmulticast mode
[  101.946872][ T8138] dummy0: left promiscuous mode
[  102.015681][ T8029] veth0_vlan: entered promiscuous mode
[  102.025752][ T8029] veth1_vlan: entered promiscuous mode
[  102.051645][ T8029] veth0_macvtap: entered promiscuous mode
[  102.059580][ T8029] veth1_macvtap: entered promiscuous mode
[  102.081974][ T8029] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.094874][ T8029] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.110719][ T6368] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.124261][ T6368] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.151503][ T6402] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.151577][ T8150] loop3: detected capacity change from 0 to 128
[  102.163118][ T6402] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.176419][ T8150] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  102.188985][ T8150] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  102.311172][ T8163] program syz.8.1849 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  102.528018][ T8189] vlan2: entered allmulticast mode
[  102.539427][ T8189] dummy0: entered allmulticast mode
[  102.699701][ T8202] dummy0: entered promiscuous mode
[  102.716515][ T8202] macsec1: entered allmulticast mode
[  102.726349][ T8206] loop6: detected capacity change from 0 to 128
[  102.733118][ T8202] dummy0: entered allmulticast mode
[  102.759477][ T8202] dummy0: left allmulticast mode
[  102.764501][ T8202] dummy0: left promiscuous mode
[  102.933683][ T8222] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1871'.
[  102.942806][ T8222] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1871'.
[  102.955020][ T8222] bridge0: port 3(vlan2) entered blocking state
[  102.961549][ T8222] bridge0: port 3(vlan2) entered disabled state
[  102.968366][ T8222] vlan2: entered allmulticast mode
[  102.973619][ T8222] bridge0: entered allmulticast mode
[  102.983715][ T8222] vlan2: left allmulticast mode
[  102.988671][ T8222] bridge0: left allmulticast mode
[  103.141312][ T8233] pimreg: entered allmulticast mode
[  103.148705][ T8233] pimreg: left allmulticast mode
[  103.243233][ T8246] netlink: 'syz.3.1882': attribute type 3 has an invalid length.
[  103.295519][ T8250] loop3: detected capacity change from 0 to 512
[  103.348918][ T8250] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.362391][ T8259] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1886'.
[  103.393424][ T8260] syzkaller0: tun_chr_ioctl cmd 1074025677
[  103.399435][ T8260] syzkaller0: Linktype set failed because interface is up
[  103.502818][ T8268] loop8: detected capacity change from 0 to 512
[  103.525747][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.546159][ T8268] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.589650][ T8029] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.897984][ T8305] loop8: detected capacity change from 0 to 2048
[  103.910676][ T8305] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.987417][ T6378] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.017655][ T8318] loop0: detected capacity change from 0 to 512
[  104.042334][ T8318] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.060492][ T6378] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.120068][ T6378] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.143320][ T8029] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.182622][ T6378] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.196140][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.278004][ T8341] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.307046][ T6378] bridge_slave_1: left allmulticast mode
[  104.312885][ T6378] bridge_slave_1: left promiscuous mode
[  104.318734][ T6378] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.326712][ T6378] bridge_slave_0: left allmulticast mode
[  104.332468][ T6378] bridge_slave_0: left promiscuous mode
[  104.338371][ T6378] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.461285][ T6378] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  104.471610][ T6378] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  104.481688][ T6378] bond0 (unregistering): Released all slaves
[  104.532816][ T6335] syzkaller0: tun_net_xmit 76
[  104.537709][ T6335] syzkaller0: tun_net_xmit 48
[  104.547597][ T8321] chnl_net:caif_netlink_parms(): no params data found
[  104.556652][ T8345] syzkaller0: tun_chr_ioctl cmd 1074025677
[  104.562627][ T8345] syzkaller0: Linktype set failed because interface is up
[  104.568273][ T3412] syzkaller0: tun_net_xmit 76
[  104.596807][ T6378] hsr_slave_0: left promiscuous mode
[  104.602730][ T6378] hsr_slave_1: left promiscuous mode
[  104.608446][ T6378] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.616029][ T6378] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.624804][ T6378] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.632273][ T6378] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.645795][ T6378] veth1_macvtap: left promiscuous mode
[  104.651579][ T6378] veth0_macvtap: left promiscuous mode
[  104.657190][ T6378] veth1_vlan: left promiscuous mode
[  104.664835][ T6378] veth0_vlan: left promiscuous mode
[  104.738704][ T6378] team0 (unregistering): Port device team_slave_1 removed
[  104.748956][ T6378] team0 (unregistering): Port device team_slave_0 removed
[  104.811647][ T8321] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.818868][ T8321] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.826085][ T8321] bridge_slave_0: entered allmulticast mode
[  104.832927][ T8321] bridge_slave_0: entered promiscuous mode
[  104.839744][ T8321] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.846819][ T8321] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.854069][ T8321] bridge_slave_1: entered allmulticast mode
[  104.860650][ T8321] bridge_slave_1: entered promiscuous mode
[  104.878976][ T8321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.890714][ T8321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.910870][ T8321] team0: Port device team_slave_0 added
[  104.917537][ T8321] team0: Port device team_slave_1 added
[  104.934572][ T8321] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.941614][ T8321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.967626][ T8321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.979176][ T8321] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.986165][ T8321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.012176][ T8321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.039592][ T8321] hsr_slave_0: entered promiscuous mode
[  105.045731][ T8321] hsr_slave_1: entered promiscuous mode
[  105.051663][ T8321] debugfs: 'hsr0' already exists in 'hsr'
[  105.057431][ T8321] Cannot create hsr debugfs directory
[  105.103132][ T8341] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.144148][ T8321] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  105.152767][ T8321] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  105.161607][ T8321] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  105.173405][ T8341] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.185795][ T8321] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  105.229715][ T8373] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1927'.
[  105.253066][ T8321] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.263699][ T8341] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.282663][ T8321] 8021q: adding VLAN 0 to HW filter on device team0
[  105.294664][ T6368] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.301786][ T6368] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.311517][ T6368] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.318630][ T6368] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.359937][ T6366] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.375936][ T6366] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.384398][ T6366] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.396300][ T6366] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.482545][ T8387] netlink: 100 bytes leftover after parsing attributes in process `syz.6.1932'.
[  105.489077][ T8321] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.651556][ T8321] veth0_vlan: entered promiscuous mode
[  105.659579][ T8411] openvswitch: netlink: Message has 6 unknown bytes.
[  105.673137][ T8321] veth1_vlan: entered promiscuous mode
[  105.719710][ T8321] veth0_macvtap: entered promiscuous mode
[  105.727031][ T8321] veth1_macvtap: entered promiscuous mode
[  105.740174][ T8321] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.752970][ T8321] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.764470][ T6368] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.783559][ T6368] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.808992][ T6368] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.818030][ T6368] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.860726][ T8420] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1942'.
[  106.149449][ T8438] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1949'.
[  106.270208][   T29] kauditd_printk_skb: 250 callbacks suppressed
[  106.270233][   T29] audit: type=1326 audit(106.244:3241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8421 comm="syz.9.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f71d6045ba7 code=0x7ffc0000
[  106.299300][   T29] audit: type=1326 audit(106.244:3242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8421 comm="syz.9.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f71d5feade9 code=0x7ffc0000
[  106.322258][   T29] audit: type=1326 audit(106.244:3243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8421 comm="syz.9.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f71d604ebe9 code=0x7ffc0000
[  106.345433][   T29] audit: type=1326 audit(106.254:3244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8421 comm="syz.9.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f71d6045ba7 code=0x7ffc0000
[  106.368222][   T29] audit: type=1326 audit(106.254:3245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8421 comm="syz.9.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f71d5feade9 code=0x7ffc0000
[  106.390993][   T29] audit: type=1326 audit(106.254:3246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8421 comm="syz.9.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f71d604ebe9 code=0x7ffc0000
[  106.413685][   T29] audit: type=1326 audit(106.264:3247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8421 comm="syz.9.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f71d6045ba7 code=0x7ffc0000
[  106.436409][   T29] audit: type=1326 audit(106.264:3248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8421 comm="syz.9.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f71d5feade9 code=0x7ffc0000
[  106.459350][   T29] audit: type=1326 audit(106.264:3249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8421 comm="syz.9.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f71d604ebe9 code=0x7ffc0000
[  106.482170][   T29] audit: type=1326 audit(106.274:3250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8421 comm="syz.9.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f71d6045ba7 code=0x7ffc0000
[  106.723898][ T8451] serio: Serial port ttyS3
[  106.938776][ T8482] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1967'.
[  106.987384][ T8486] netlink: 96 bytes leftover after parsing attributes in process `syz.9.1970'.
[  107.033143][ T8492] loop9: detected capacity change from 0 to 1024
[  107.057521][ T8492] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.261679][ T8492] EXT4-fs error (device loop9): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  107.321487][ T8321] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.410781][ T8514] loop6: detected capacity change from 0 to 512
[  107.417657][ T8514] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  107.419222][ T8516] loop9: detected capacity change from 0 to 128
[  107.435790][ T8514] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #16: comm syz.6.1981: invalid indirect mapped block 4294967295 (level 0)
[  107.451488][ T8514] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #16: comm syz.6.1981: invalid indirect mapped block 4294967295 (level 1)
[  107.480713][ T8516] syz.9.1982: attempt to access beyond end of device
[  107.480713][ T8516] loop9: rw=0, sector=121, nr_sectors = 920 limit=128
[  107.502895][ T8514] EXT4-fs (loop6): 1 orphan inode deleted
[  107.508847][ T8514] EXT4-fs (loop6): 1 truncate cleaned up
[  107.515689][ T8514] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.553797][ T7663] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.591857][ T8531] loop3: detected capacity change from 0 to 128
[  107.610276][ T8532] loop6: detected capacity change from 0 to 164
[  107.624819][ T8532] syz.6.1987: attempt to access beyond end of device
[  107.624819][ T8532] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  107.639591][ T8531] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  107.652688][ T8532] syz.6.1987: attempt to access beyond end of device
[  107.652688][ T8532] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  107.693911][ T8531] ipip0: entered promiscuous mode
[  107.723838][ T3306] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  107.763497][ T8545] syzkaller1: entered promiscuous mode
[  107.769038][ T8545] syzkaller1: entered allmulticast mode
[  107.944091][ T8570] loop9: detected capacity change from 0 to 512
[  107.971353][ T8570] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.989784][ T8570] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #2: comm syz.9.2006: corrupted inode contents
[  108.003035][ T8570] EXT4-fs error (device loop9): ext4_dirty_inode:6538: inode #2: comm syz.9.2006: mark_inode_dirty error
[  108.005922][ T8578] smc: net device bond0 applied user defined pnetid SYZ0
[  108.016458][ T8570] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #2: comm syz.9.2006: corrupted inode contents
[  108.027429][ T8578] smc: net device bond0 erased user defined pnetid SYZ0
[  108.035237][ T8570] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #2: comm syz.9.2006: mark_inode_dirty error
[  108.072787][ T8321] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.105404][ T8585] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2011'.
[  108.120461][ T8587] loop9: detected capacity change from 0 to 512
[  108.127578][ T8587] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  108.149103][ T8587] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.190155][ T8321] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.203133][ T8595] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2015'.
[  108.229335][ T8595] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2015'.
[  108.435457][ T8620] netlink: 536 bytes leftover after parsing attributes in process `syz.9.2026'.
[  108.444885][ T8620] netlink: 124 bytes leftover after parsing attributes in process `syz.9.2026'.
[  108.545043][ T8632] loop6: detected capacity change from 0 to 2048
[  108.560110][ T8632] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.622293][ T8642] loop9: detected capacity change from 0 to 1024
[  108.630777][ T8642] EXT4-fs: Ignoring removed nomblk_io_submit option
[  108.631757][ T7663] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.672084][ T8642] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.691042][ T8652] loop6: detected capacity change from 0 to 256
[  108.729904][ T8321] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.777945][ T8661] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2041'.
[  108.836083][ T8672] loop9: detected capacity change from 0 to 128
[  108.852474][ T8669] loop0: detected capacity change from 0 to 2048
[  108.861678][ T8672] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  108.869594][ T8672] FAT-fs (loop9): Filesystem has been set read-only
[  108.878273][ T8672] syz.9.2048: attempt to access beyond end of device
[  108.878273][ T8672] loop9: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  108.900749][ T8669] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.911722][ T8672] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  108.920670][ T8672] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  108.947848][ T8672] syz.9.2048: attempt to access beyond end of device
[  108.947848][ T8672] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  108.970654][ T8672] syz.9.2048: attempt to access beyond end of device
[  108.970654][ T8672] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  109.036551][ T8683] sd 0:0:1:0: device reset
[  109.222731][ T8699] netlink: 'syz.3.2061': attribute type 21 has an invalid length.
[  109.238150][ T8699] netlink: 'syz.3.2061': attribute type 1 has an invalid length.
[  109.252097][ T8701] serio: Serial port ptm0
[  109.345264][ T8708] team1: entered promiscuous mode
[  109.350441][ T8708] team1: entered allmulticast mode
[  109.360924][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.413829][ T8710] loop6: detected capacity change from 0 to 8192
[  109.562896][ T8732] loop9: detected capacity change from 0 to 1024
[  109.581201][ T8732] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.599350][ T8738] loop3: detected capacity change from 0 to 128
[  109.645845][ T8732] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4183: comm syz.9.2077: Allocating blocks 449-513 which overlap fs metadata
[  109.675527][ T8731] EXT4-fs (loop9): pa ffff888100676850: logic 48, phys. 177, len 21
[  109.683767][ T8731] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  109.730411][ T8321] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.017252][ T8784] vlan2: entered allmulticast mode
[  110.047860][ T8792] loop3: detected capacity change from 0 to 512
[  110.060222][ T8792] EXT4-fs: Ignoring removed bh option
[  110.072502][ T8792] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  110.081631][ T8792] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  110.091459][ T8792] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  110.101326][ T8792] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  110.110419][ T8792] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.126035][ T8792] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2103: bg 0: block 353: padding at end of block bitmap is not set
[  110.167706][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.438089][ T8841] loop8: detected capacity change from 0 to 164
[  110.480510][ T8846] netlink: 'syz.9.2127': attribute type 13 has an invalid length.
[  110.541160][ T8846] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  110.597260][ T8854] loop8: detected capacity change from 0 to 1024
[  110.614461][ T8854] EXT4-fs (loop8): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  110.640003][ T8854] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.666631][ T8854] EXT4-fs error (device loop8): ext4_xattr_inode_iget:437: inode #11: comm syz.8.2131: missing EA_INODE flag
[  110.696064][ T8854] EXT4-fs (loop8): Remounting filesystem read-only
[  110.738474][ T8029] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.965644][ T8892] loop3: detected capacity change from 0 to 2048
[  111.009010][ T8892]  loop3: p1 < > p4
[  111.013629][ T8892] loop3: p4 size 8388608 extends beyond EOD, truncated
[  111.101591][ T8904] loop0: detected capacity change from 0 to 512
[  111.120006][ T8904] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.149334][ T6366] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.201155][ T6366] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.286170][ T6366] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.340922][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.354014][   T29] kauditd_printk_skb: 298 callbacks suppressed
[  111.354032][   T29] audit: type=1326 audit(111.324:3549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8928 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  111.383389][   T29] audit: type=1326 audit(111.324:3550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8928 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  111.411900][   T29] audit: type=1326 audit(111.324:3551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8928 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  111.434896][   T29] audit: type=1326 audit(111.324:3552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8928 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  111.457790][   T29] audit: type=1326 audit(111.324:3553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8928 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  111.480688][   T29] audit: type=1326 audit(111.324:3554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8928 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  111.503545][   T29] audit: type=1326 audit(111.324:3555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8928 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  111.526466][   T29] audit: type=1326 audit(111.324:3556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8928 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  111.549381][   T29] audit: type=1326 audit(111.324:3557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8928 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  111.572315][   T29] audit: type=1326 audit(111.324:3558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8928 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  111.622511][ T6366] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.657933][ T8938] bridge0: port 3(team0) entered blocking state
[  111.664310][ T8938] bridge0: port 3(team0) entered disabled state
[  111.672850][ T8938] team0: entered allmulticast mode
[  111.678027][ T8938] team_slave_0: entered allmulticast mode
[  111.683881][ T8938] team_slave_1: entered allmulticast mode
[  111.701471][ T8938] team0: entered promiscuous mode
[  111.706596][ T8938] team_slave_0: entered promiscuous mode
[  111.712430][ T8938] team_slave_1: entered promiscuous mode
[  111.731616][ T8938] bridge0: port 3(team0) entered blocking state
[  111.738038][ T8938] bridge0: port 3(team0) entered forwarding state
[  111.739784][ T8948] __nla_validate_parse: 10 callbacks suppressed
[  111.739853][ T8948] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2171'.
[  111.770878][ T8948] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2171'.
[  111.882141][ T8953] SELinux: ebitmap: truncated map
[  111.893862][ T8953] SELinux: failed to load policy
[  111.965557][ T6366] bridge_slave_1: left allmulticast mode
[  111.971329][ T6366] bridge_slave_1: left promiscuous mode
[  111.977019][ T6366] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.027124][ T6366] bridge_slave_0: left allmulticast mode
[  112.033076][ T6366] bridge_slave_0: left promiscuous mode
[  112.038813][ T6366] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.049359][ T8957] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2175'.
[  112.092122][ T8960] loop6: detected capacity change from 0 to 512
[  112.103274][ T8960] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  112.128525][ T8960] EXT4-fs (loop6): 1 truncate cleaned up
[  112.138103][ T8960] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.197154][ T7663] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.210265][ T8969] loop9: detected capacity change from 0 to 164
[  112.221519][ T6366] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  112.233898][ T6366] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  112.272824][ T6366] bond0 (unregistering): Released all slaves
[  112.514968][ T6366] hsr_slave_0: left promiscuous mode
[  112.529073][ T6366] hsr_slave_1: left promiscuous mode
[  112.534826][ T6366] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.542264][ T6366] batman_adv: batadv0: Removing interface: batadv_slave_0
[  112.578757][ T6366] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.586217][ T6366] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.615560][ T8989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.618396][ T6366] veth1_macvtap: left promiscuous mode
[  112.625229][ T8989] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.638213][ T6366] veth0_macvtap: left promiscuous mode
[  112.643818][ T6366] veth1_vlan: left promiscuous mode
[  112.662283][ T6366] veth0_vlan: left promiscuous mode
[  112.744291][ T8995] netlink: 360 bytes leftover after parsing attributes in process `syz.9.2190'.
[  112.744824][ T8940] syz.0.2169 (8940) used greatest stack depth: 7304 bytes left
[  112.789541][ T6366] team0 (unregistering): Port device team_slave_1 removed
[  112.800045][ T6366] team0 (unregistering): Port device team_slave_0 removed
[  112.835394][ T9002] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  112.842022][ T9002] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  112.849646][ T9002] vhci_hcd vhci_hcd.0: Device attached
[  112.870727][ T9003] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 0
[  112.878501][ T6335] vhci_hcd: stop threads
[  112.882784][ T6335] vhci_hcd: release socket
[  112.887258][ T6335] vhci_hcd: disconnect device
[  112.967458][ T8921] chnl_net:caif_netlink_parms(): no params data found
[  112.991530][ T9012] serio: Serial port ttyS3
[  113.011386][ T8921] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.018546][ T8921] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.025765][ T8921] bridge_slave_0: entered allmulticast mode
[  113.032380][ T8921] bridge_slave_0: entered promiscuous mode
[  113.039486][ T8921] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.046557][ T8921] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.063058][ T8921] bridge_slave_1: entered allmulticast mode
[  113.069930][ T8921] bridge_slave_1: entered promiscuous mode
[  113.097906][ T8921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  113.109025][ T8921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  113.131570][ T8921] team0: Port device team_slave_0 added
[  113.138373][ T8921] team0: Port device team_slave_1 added
[  113.195065][ T8921] batman_adv: batadv0: Adding interface: batadv_slave_0
[  113.202083][ T8921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.228201][ T8921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  113.239750][ T8921] batman_adv: batadv0: Adding interface: batadv_slave_1
[  113.246752][ T8921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.272844][ T8921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  113.284713][ T9035] loop6: detected capacity change from 0 to 1024
[  113.300678][ T9035] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.325222][ T8921] hsr_slave_0: entered promiscuous mode
[  113.331582][ T8921] hsr_slave_1: entered promiscuous mode
[  113.332092][ T7663] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.337558][ T8921] debugfs: 'hsr0' already exists in 'hsr'
[  113.351929][ T8921] Cannot create hsr debugfs directory
[  113.406414][ T9040] loop6: detected capacity change from 0 to 1024
[  113.453557][ T9040] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.490264][ T7663] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.526171][ T8921] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.611134][ T8921] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.666210][ T9057] loop3: detected capacity change from 0 to 8192
[  113.701626][ T8921] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.772183][ T8921] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.810692][ T9064] loop3: detected capacity change from 0 to 1024
[  113.830449][ T9064] EXT4-fs: Ignoring removed oldalloc option
[  113.842043][ T9064] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  113.853298][ T9068] loop9: detected capacity change from 0 to 128
[  113.901402][ T9064] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.924928][ T8921] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  113.941317][ T8921] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  113.962362][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.962879][ T8921] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  113.991174][ T8921] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  114.010540][ T9084] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2221'.
[  114.039249][ T8921] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.068425][ T8921] 8021q: adding VLAN 0 to HW filter on device team0
[  114.091494][ T6333] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.098757][ T6333] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.117546][ T9093] loop6: detected capacity change from 0 to 1024
[  114.126059][ T6333] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.133213][ T6333] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.144128][ T9093] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.220898][ T7663] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.270342][ T8921] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.370596][ T8921] veth0_vlan: entered promiscuous mode
[  114.379814][ T8921] veth1_vlan: entered promiscuous mode
[  114.410637][ T8921] veth0_macvtap: entered promiscuous mode
[  114.432177][ T8921] veth1_macvtap: entered promiscuous mode
[  114.471908][ T8921] batman_adv: batadv0: Interface activated: batadv_slave_0
[  114.484219][ T8921] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.500930][ T6335] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.519120][ T6368] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.527882][ T6368] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.558991][ T6368] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.620293][ T9135] netlink: 'syz.0.2237': attribute type 9 has an invalid length.
[  114.628083][ T9135] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2237'.
[  114.641112][ T9135] netlink: 'syz.0.2237': attribute type 9 has an invalid length.
[  114.648973][ T9135] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2237'.
[  114.684933][ T9138] loop3: detected capacity change from 0 to 164
[  114.699602][ T9138] syz.3.2238: attempt to access beyond end of device
[  114.699602][ T9138] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  114.714091][ T9138] syz.3.2238: attempt to access beyond end of device
[  114.714091][ T9138] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  114.812114][ T9154] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2246'.
[  114.899081][ T9157] vhci_hcd: invalid port number 96
[  114.904258][ T9157] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  114.951389][ T9165] netlink: 96 bytes leftover after parsing attributes in process `syz.9.2251'.
[  115.089368][ T9180] loop1: detected capacity change from 0 to 128
[  115.170837][ T9180] syz.1.2258: attempt to access beyond end of device
[  115.170837][ T9180] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  115.277385][ T9196] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2264'.
[  115.396035][ T9206] loop0: detected capacity change from 0 to 164
[  115.416703][ T9208] loop3: detected capacity change from 0 to 512
[  115.453689][ T9208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.469908][ T9217] loop1: detected capacity change from 0 to 128
[  115.481570][ T9212] smc: net device bond0 applied user defined pnetid SYZ0
[  115.483610][ T9208] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.2271: corrupted inode contents
[  115.490320][ T9212] smc: net device bond0 erased user defined pnetid SYZ0
[  115.503408][ T9208] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.2271: mark_inode_dirty error
[  115.508431][ T9217] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  115.521307][ T9208] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.2271: corrupted inode contents
[  115.548572][ T9217] System zones: 1-3, 19-19, 35-36
[  115.554522][ T9217] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  115.567978][ T9208] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.2271: mark_inode_dirty error
[  115.609530][ T9229] loop6: detected capacity change from 0 to 164
[  115.620579][ T9229] syz.6.2279: attempt to access beyond end of device
[  115.620579][ T9229] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  115.637715][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.638608][ T9217] infiniband syz1: set active
[  115.652151][ T9217] infiniband syz1: added syz_tun
[  115.657385][ T9229] syz.6.2279: attempt to access beyond end of device
[  115.657385][ T9229] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  115.677507][ T9217] RDS/IB: syz1: added
[  115.685482][ T9217] smc: adding ib device syz1 with port count 1
[  115.691792][ T9217] smc:    ib device syz1 port 1 has pnetid 
[  116.303887][ T8921] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  116.524963][   T29] kauditd_printk_skb: 104 callbacks suppressed
[  116.525052][   T29] audit: type=1326 audit(116.494:3663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.3.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  116.573526][ T9278] tipc: New replicast peer: 255.255.255.83
[  116.579601][ T9278] tipc: Enabled bearer <udp:£>, priority 10
[  116.588396][   T29] audit: type=1326 audit(116.544:3664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.3.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  116.611719][   T29] audit: type=1326 audit(116.544:3665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.3.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  116.634562][   T29] audit: type=1326 audit(116.544:3666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.3.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  116.658012][   T29] audit: type=1326 audit(116.544:3667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.3.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1ed5d50b07 code=0x7ffc0000
[  116.680942][   T29] audit: type=1326 audit(116.544:3668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.3.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f1ed5d50a7c code=0x7ffc0000
[  116.703925][   T29] audit: type=1326 audit(116.544:3669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.3.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f1ed5d509b4 code=0x7ffc0000
[  116.726752][   T29] audit: type=1326 audit(116.544:3670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.3.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f1ed5d509b4 code=0x7ffc0000
[  116.745430][ T9284] pim6reg1: entered promiscuous mode
[  116.749687][   T29] audit: type=1326 audit(116.544:3671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.3.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1ed5d4d84a code=0x7ffc0000
[  116.754843][ T9284] pim6reg1: entered allmulticast mode
[  116.783381][   T29] audit: type=1326 audit(116.544:3672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.3.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed5d4ebe9 code=0x7ffc0000
[  116.808004][ T9280] syzkaller1: entered promiscuous mode
[  116.813617][ T9280] syzkaller1: entered allmulticast mode
[  116.843796][ T9289] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(4)
[  116.850351][ T9289] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  116.858202][ T9289] vhci_hcd vhci_hcd.0: Device attached
[  116.883970][ T9293] loop3: detected capacity change from 0 to 2048
[  116.912086][ T9293] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.929432][ T9302] loop0: detected capacity change from 0 to 4096
[  116.940175][ T9302] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.954982][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.008639][ T9312] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9312 comm=syz.3.2306
[  117.066203][ T9316] EXT4-fs (loop0): shut down requested (0)
[  117.128358][ T3414] usb 20-1: SetAddress Request (2) to port 0
[  117.134616][ T3414] usb 20-1: new SuperSpeed USB device number 2 using vhci_hcd
[  117.216470][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.853247][ T9290] vhci_hcd: connection reset by peer
[  117.872608][ T6368] vhci_hcd: stop threads
[  117.876901][ T6368] vhci_hcd: release socket
[  117.881568][ T6368] vhci_hcd: disconnect device
[  117.889643][ T9441] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61 sclass=netlink_route_socket pid=9441 comm=syz.0.2312
[  117.902530][ T9441] sch_tbf: burst 2 is lower than device lo mtu (65550) !
[  117.910536][ T9442] __nla_validate_parse: 1 callbacks suppressed
[  117.910591][ T9442] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2313'.
[  118.083799][ T9449] loop0: detected capacity change from 0 to 8192
[  118.153770][ T9452] loop6: detected capacity change from 0 to 8192
[  118.739085][ T9476] loop1: detected capacity change from 0 to 512
[  118.744290][ T9480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2328'.
[  118.760819][ T9480] team1: entered promiscuous mode
[  118.765914][ T9480] team1: entered allmulticast mode
[  118.782965][ T9476] EXT4-fs warning (device loop1): dx_probe:861: inode #2: comm syz.1.2327: dx entry: limit 0 != root limit 125
[  118.794825][ T9476] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.2327: Corrupt directory, running e2fsck is recommended
[  118.808281][ T9476] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  118.820494][ T9476] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.2327: corrupted in-inode xattr: invalid ea_ino
[  118.837541][ T9476] EXT4-fs (loop1): Remounting filesystem read-only
[  118.846598][ T9476] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.876342][ T9476] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  118.924499][ T8921] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.093704][ T9495] loop6: detected capacity change from 0 to 164
[  119.117086][ T9495] syz.6.2335: attempt to access beyond end of device
[  119.117086][ T9495] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  119.147627][ T9495] syz.6.2335: attempt to access beyond end of device
[  119.147627][ T9495] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  119.171743][ T9503] af_packet: tpacket_rcv: packet too big, clamped from 64993 to 3952. macoff=96
[  119.188549][ T9505] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  119.197046][ T9505] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  119.208533][ T9505] netlink: 'syz.6.2341': attribute type 10 has an invalid length.
[  119.425534][ T3379] kernel write not supported for file bpf-prog (pid: 3379 comm: kworker/0:3)
[  119.911780][ T9549] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9549 comm=syz.6.2360
[  120.016145][ T9559] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2366'.
[  120.109118][ T9571] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.221839][ T9571] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.295492][ T9571] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.326435][ T9587] sch_tbf: burst 1821 is lower than device lo mtu (65550) !
[  120.351390][ T9590] loop8: detected capacity change from 0 to 16384
[  120.361056][ T9571] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.394661][ T9592] netlink: 'syz.1.2379': attribute type 3 has an invalid length.
[  120.406218][ T9594] ALSA: seq fatal error: cannot create timer (-22)
[  120.433565][ T9597] 9pnet: p9_errstr2errno: server reported unknown error 
[  120.468792][ T6402] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.487454][ T6402] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.504869][ T6402] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.524676][ T6402] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.578534][ T9595] loop8: detected capacity change from 16384 to 16383
[  120.976358][ T1037] kernel write not supported for file bpf-prog (pid: 1037 comm: kworker/1:2)
[  121.035406][ T9656] program syz.0.2409 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  121.136139][ T9668] loop6: detected capacity change from 0 to 512
[  121.146107][ T9668] EXT4-fs: Ignoring removed mblk_io_submit option
[  121.153487][ T9668] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  121.188815][ T9668] EXT4-fs (loop6): 1 truncate cleaned up
[  121.205403][ T9668] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.231053][ T9677] loop9: detected capacity change from 0 to 512
[  121.247731][ T9677] EXT4-fs: Ignoring removed mblk_io_submit option
[  121.256394][ T9677] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  121.300952][ T9677] EXT4-fs (loop9): 1 truncate cleaned up
[  121.312833][ T9677] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.813779][ T3412] kernel write not supported for file bpf-prog (pid: 3412 comm: kworker/1:3)
[  121.825149][   T29] kauditd_printk_skb: 106 callbacks suppressed
[  121.825162][   T29] audit: type=1400 audit(121.794:3779): avc:  denied  { tracepoint } for  pid=9685 comm="syz.0.2429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  121.851215][ T9683] macsec1: entered promiscuous mode
[  121.856517][ T9683] bridge0: entered promiscuous mode
[  121.862589][ T9683] bridge0: port 3(macsec1) entered blocking state
[  121.869158][ T9683] bridge0: port 3(macsec1) entered disabled state
[  121.879417][   T29] audit: type=1400 audit(121.824:3780): avc:  denied  { read } for  pid=9685 comm="syz.0.2429" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  121.903479][   T29] audit: type=1400 audit(121.824:3781): avc:  denied  { open } for  pid=9685 comm="syz.0.2429" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  121.927728][   T29] audit: type=1400 audit(121.824:3782): avc:  denied  { ioctl } for  pid=9685 comm="syz.0.2429" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  121.956766][ T9683] macsec1: entered allmulticast mode
[  121.962127][ T9683] bridge0: entered allmulticast mode
[  121.974071][ T9683] macsec1: left allmulticast mode
[  121.979290][ T9683] bridge0: left allmulticast mode
[  121.985319][ T9683] bridge0: left promiscuous mode
[  122.045886][   T29] audit: type=1400 audit(122.014:3783): avc:  denied  { cpu } for  pid=9687 comm="syz.1.2421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  122.083635][ T7663] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.084963][   T29] audit: type=1400 audit(122.054:3784): avc:  denied  { unmount } for  pid=7663 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  122.142730][ T8321] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.167054][   T29] audit: type=1400 audit(122.134:3785): avc:  denied  { read write } for  pid=9695 comm="syz.9.2423" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  122.190387][   T29] audit: type=1400 audit(122.134:3786): avc:  denied  { open } for  pid=9695 comm="syz.9.2423" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  122.213442][ T3414] usb 20-1: device descriptor read/8, error -110
[  122.257220][ T9699] pim6reg1: entered promiscuous mode
[  122.258667][   T29] audit: type=1400 audit(122.224:3787): avc:  denied  { create } for  pid=9705 comm="syz.3.2427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  122.262627][ T9699] pim6reg1: entered allmulticast mode
[  122.298495][   T29] audit: type=1400 audit(122.264:3788): avc:  denied  { write } for  pid=9705 comm="syz.3.2427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  122.328205][ T3414] usb 20-1: new SuperSpeed USB device number 2 using vhci_hcd
[  122.349823][ T3414] usb 20-1: enqueue for inactive port 0
[  122.355479][ T3414] usb 20-1: enqueue for inactive port 0
[  122.367148][ T3414] usb 20-1: enqueue for inactive port 0
[  122.396040][ T9709] loop6: detected capacity change from 0 to 4096
[  122.427335][ T9709] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.526476][ T9715] EXT4-fs (loop6): shut down requested (0)
[  122.569230][ T9706] ==================================================================
[  122.577350][ T9706] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  122.585187][ T9706] 
[  122.587508][ T9706] write to 0xffffea00046d3b98 of 8 bytes by task 9710 on cpu 0:
[  122.595217][ T9706]  __filemap_remove_folio+0x1a5/0x2a0
[  122.600600][ T9706]  filemap_remove_folio+0x6d/0x1d0
[  122.605751][ T9706]  truncate_inode_folio+0x42/0x50
[  122.610774][ T9706]  shmem_undo_range+0x244/0xa80
[  122.615632][ T9706]  shmem_fallocate+0x799/0x840
[  122.620397][ T9706]  vfs_fallocate+0x3b6/0x400
[  122.625002][ T9706]  __x64_sys_fallocate+0x7a/0xd0
[  122.629960][ T9706]  x64_sys_call+0x2514/0x2ff0
[  122.634636][ T9706]  do_syscall_64+0xd2/0x200
[  122.639144][ T9706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.645039][ T9706] 
[  122.647374][ T9706] read to 0xffffea00046d3b98 of 8 bytes by task 9706 on cpu 1:
[  122.654917][ T9706]  folio_mapping+0xa1/0x120
[  122.659432][ T9706]  move_folios_to_lru+0x128/0x6a0
[  122.664463][ T9706]  evict_folios+0x3155/0x3520
[  122.669142][ T9706]  try_to_shrink_lruvec+0x5b5/0x950
[  122.674351][ T9706]  shrink_lruvec+0x22e/0x1b50
[  122.679030][ T9706]  shrink_node+0x686/0x2120
[  122.683629][ T9706]  do_try_to_free_pages+0x3f6/0xcd0
[  122.688824][ T9706]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  122.694719][ T9706]  try_charge_memcg+0x358/0x9e0
[  122.699564][ T9706]  obj_cgroup_charge_pages+0xa6/0x150
[  122.704947][ T9706]  __memcg_kmem_charge_page+0x9f/0x170
[  122.710415][ T9706]  __alloc_frozen_pages_noprof+0x188/0x360
[  122.716232][ T9706]  alloc_pages_mpol+0xb3/0x250
[  122.721014][ T9706]  alloc_pages_noprof+0x90/0x130
[  122.725957][ T9706]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  122.731774][ T9706]  __kvmalloc_node_noprof+0x30f/0x4e0
[  122.737153][ T9706]  ip_set_alloc+0x1f/0x30
[  122.741492][ T9706]  hash_netiface_create+0x282/0x740
[  122.746706][ T9706]  ip_set_create+0x3cc/0x960
[  122.751291][ T9706]  nfnetlink_rcv_msg+0x4c6/0x590
[  122.756235][ T9706]  netlink_rcv_skb+0x120/0x220
[  122.760993][ T9706]  nfnetlink_rcv+0x16b/0x1690
[  122.765671][ T9706]  netlink_unicast+0x5c0/0x690
[  122.770439][ T9706]  netlink_sendmsg+0x58b/0x6b0
[  122.775205][ T9706]  __sock_sendmsg+0x142/0x180
[  122.779927][ T9706]  ____sys_sendmsg+0x31e/0x4e0
[  122.784689][ T9706]  ___sys_sendmsg+0x17b/0x1d0
[  122.789361][ T9706]  __x64_sys_sendmsg+0xd4/0x160
[  122.794209][ T9706]  x64_sys_call+0x191e/0x2ff0
[  122.798981][ T9706]  do_syscall_64+0xd2/0x200
[  122.803488][ T9706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.809465][ T9706] 
[  122.811783][ T9706] value changed: 0xffff88812abeb928 -> 0x0000000000000000
[  122.818878][ T9706] 
[  122.821201][ T9706] Reported by Kernel Concurrency Sanitizer on:
[  122.827351][ T9706] CPU: 1 UID: 0 PID: 9706 Comm: syz.3.2427 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  122.837090][ T9706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  122.847157][ T9706] ==================================================================
[  122.931815][ T7663] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.156976][ T9706] syz.3.2427 (9706) used greatest stack depth: 6056 bytes left
[  123.478379][ T3414] usb usb20-port1: attempt power cycle
[  125.318853][ T3414] usb usb20-port1: unable to enumerate USB device