last executing test programs:

5m39.419075339s ago: executing program 32 (id=542):
r0 = syz_io_uring_setup(0x48be, &(0x7f0000001280)={0x0, 0xc721, 0x0, 0x3}, &(0x7f0000000000), &(0x7f0000001180))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
pread64(r1, &(0x7f0000000080)=""/237, 0xed, 0x0)
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r2)

2m51.878450231s ago: executing program 2 (id=6845):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000180)={[{@nobh}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
umount2(&(0x7f00000003c0)='./file0\x00', 0xa)

2m51.576044775s ago: executing program 2 (id=6854):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff)
r1 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000b80)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRESHEX=0x0, @ANYRESDEC], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

2m51.364881563s ago: executing program 2 (id=6855):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r2}, 0x10)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef)

2m51.363923403s ago: executing program 33 (id=6855):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r2}, 0x10)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef)

2m37.502276643s ago: executing program 34 (id=7170):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2}, 0x9)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000fedbdf2531000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800)

2m33.69983814s ago: executing program 35 (id=7234):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="03000000000000000000210000000c00018008000100", @ANYRES32=r3], 0x20}}, 0x0)

2m33.022509765s ago: executing program 36 (id=7245):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x4, 0x24, &(0x7f00000000c0)=ANY=[], 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$EVIOCRMFF(r0, 0x40095505, 0x0)

2m19.596844381s ago: executing program 9 (id=7632):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r0}, &(0x7f0000001c00), &(0x7f0000001c40)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r2}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

2m19.255099828s ago: executing program 9 (id=7648):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_io_uring_setup(0x394f, &(0x7f00000009c0)={0x0, 0x5e2d, 0x1000, 0x8005, 0x801001c2}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000900)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1})
io_uring_enter(r2, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0)

2m19.135246398s ago: executing program 37 (id=7639):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

2m18.976080721s ago: executing program 9 (id=7647):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
socket$caif_seqpacket(0x25, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x4d, 0x800020, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x8001, 0x3, 0x8000000000, 0x0, 0x0, 0x0, 0x6}, 0x0, &(0x7f00000002c0)={0x3bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffffffd, 0x5}, 0x0, 0x0)

2m18.046704506s ago: executing program 9 (id=7651):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@errors_remount}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x400000]})
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x141842, 0x0)
pwritev2(r1, &(0x7f0000000940)=[{&(0x7f0000000340)="be85809842d43cbb78329613b3aa8b78f87e932d0db6f110e00ef09327f497b6c6bc81aa4e792dc9c48a1b9a75cf44ce8ce1b856b626a7e4777204471d63392de989c63d", 0x44}], 0x1, 0x9, 0x10000, 0x0)

2m17.863521141s ago: executing program 9 (id=7660):
socket$kcm(0x2b, 0x1, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x2)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

2m17.273467568s ago: executing program 9 (id=7669):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000080)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)

2m17.221115143s ago: executing program 38 (id=7669):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000080)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)

2m14.248270173s ago: executing program 2 (id=7672):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@errors_remount}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x400000]})
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x141842, 0x0)
pwritev2(r1, &(0x7f0000000940)=[{&(0x7f0000000340)="be85809842d43cbb78329613b3aa8b78f87e932d0db6f110e00ef09327f497b6c6bc81aa4e792dc9c48a1b9a75cf44ce8ce1b856b626a7e4777204471d63392de989c63d", 0x44}], 0x1, 0x9, 0x10000, 0x0)

2m14.066461608s ago: executing program 2 (id=7725):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200008, &(0x7f0000000380)={[{@nolazytime}, {@auto_da_alloc}, {@oldalloc}, {@norecovery}, {@jqfmt_vfsv0}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@user_xattr}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000020000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r2, 0x2007ffc)
sendfile(r2, r2, 0x0, 0x800000009)

2m12.185262669s ago: executing program 2 (id=7726):
prlimit64(0x0, 0x8, &(0x7f0000002000)={0x0, 0x7}, 0x0)
shmget$private(0x0, 0x4000, 0x1000, &(0x7f0000ffc000/0x4000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)

2m12.156128762s ago: executing program 39 (id=7726):
prlimit64(0x0, 0x8, &(0x7f0000002000)={0x0, 0x7}, 0x0)
shmget$private(0x0, 0x4000, 0x1000, &(0x7f0000ffc000/0x4000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)

1m47.803299746s ago: executing program 7 (id=8551):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x15, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff191812", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c00028005000100000000000800"], 0x98}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[], 0x98}, 0x1, 0x0, 0x0, 0x20040800}, 0x0)

1m47.726831612s ago: executing program 7 (id=8555):
socket$inet6(0xa, 0x3, 0xff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="480000001000030500"], 0x48}}, 0x0)
r3 = memfd_create(&(0x7f0000000200)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9{L\xa2\xd28\xd6\x06\a\x0e\xfd\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9Or\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8\xf0_o\x16Oy\x00\x16h\xcc\x81.F/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x967\xe7\\\x1b\xdd\x15\xcbuK\f\xe3+fw@\xc8\xa6\x96\xc4\x84\xa7\xd7\xc0_\x1b-\xa0jH\x84\xe7n\xfe/\xf8~\x14\xd5\xeb)\x02y?\x98\xf6\xd0\xbf\xa8\xb4\f\xa4\xc2]M\xc9\xd3~\xd8*P)\x12\xd1\x9e\xe1\xc1e\xa6K1\xeb\xc2\x80\xea4\xb7nG\xd2\xc29e*\x86q#v\b\xcc\xf6\xdd\xbd\r\xea\xe3S\xadA\xee-]\xf4\x9b\xdcx{\x8bZ\xaa\x7f\x1a\xbd\xfc}\v/\x02\xb3>\xde\xf9s\xcb\x89\xf2\xf6a\xcb[\xcc+\x1a`.\x00\xcf\x1c\x14\x1d$\x98\xf3\xed\x1cA\xc1+0\x87\xd1\xf2\xc6\x8fs>\x16\x8b\xdeV\b$e\xe5\x8d/\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\xe1\xa3\xe0\x18\xe5\xee\xb0\x93\xfe\xac\x98m\xaf\xb9K\xac\xa0\x1a\xe2\xb4\xfd\x1cO5\xce9\xf9\x02h\x0e%\xa1\x11COf\xed[z\xc6\xc1:L\xdb\xac\x84Ru=E\xf7\x94\xae\x18v\v\xcc\xcd\b\xa5\x19\xb5idBc\xf1S\x93\x0f\x82me\x9a\xb8\a\xff\x91\xed\x9d|\xa7D\xf1\xb2\x14\xff\xc5\xaf[\x86\xca!E\x9a<\x00', 0x5)
fsetxattr$security_selinux(r3, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)

1m47.662334687s ago: executing program 7 (id=8559):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_switch\x00', r0, 0x0, 0x100a}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="2e0000001000818807b62aa73f72cc9f0ba1f8483a0000005e120602000300000e000a0010000000028000001294", 0x2e}], 0x1}, 0x20008800)

1m47.599541783s ago: executing program 7 (id=8563):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101017, 0x0)
umount2(&(0x7f00000003c0)='./file0\x00', 0xa)

1m47.50723793s ago: executing program 7 (id=8565):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70ad2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x1}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
r4 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0xfff2}, {}, {0x7}}, [@filter_kind_options=@f_basic={{0xa}, {0x54, 0x2, [@TCA_BASIC_ACT={0x50, 0x3, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x4, 0xffff, 0x3f, 0x2, 0x6}, 0x2}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x78, 0xfa}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x4)

1m47.369470601s ago: executing program 7 (id=8571):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x0, 0x0, 0x0, r1})

1m47.368925081s ago: executing program 40 (id=8571):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x0, 0x0, 0x0, r1})

1m28.349698869s ago: executing program 1 (id=9174):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x24403}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)

1m28.102278159s ago: executing program 1 (id=9181):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[], 0x2c}], 0x1}, 0x0)

1m28.038555834s ago: executing program 1 (id=9183):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000060000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0005}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000007c0)={0x3, &(0x7f0000000640)=[{0x699, 0x5, 0x4, 0x101}, {0xff80, 0x7, 0xc, 0x2}, {0x100, 0x2, 0xb, 0x8200}]})
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000540), 0x84)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000500)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0)

1m27.960443491s ago: executing program 1 (id=9186):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000a40), 0x1, 0x55e, &(0x7f0000000a80)="$eJzs3c1rHOUfAPDvbJK+/35NoRQVkUAPVmo3TeJLBQ/1KFos6L0uyTSUbLoluylNLNge7MWLFEHEgnjXu8fiP+BfUdBCkRL04CUym9k0L7vJNt2ajfP5wITn2Znd5/nuzPfJMzuzbACFNZL9KUW8GBFfJRFHIyLJ1w1GvnJkZbulxzcnsyWJ5eWP/0ia22X11mu1nnc4r7wQEb98EXG6tLnd+sLiTKVaTefy+mhj9tpofWHxzJXZynQ6nV4dn5g49+bE+Dtvv9WzWF+7+Ne3H91//9yXJ5e++enhsbtJnI8j+bq1cTyDW2srIzGSvydDcX7DhmM9aKyfJLvdAXZkIM/zocjGgKMxkGc98N/3eUQsAwWVyH8oqNY8oHVu36Pz4D3j0XsrJ0Cb4x9c+WwkDjTPjQ4tJevOjLLz3eEetJ+18fPv9+5mS2z4HOJAD14foJNbtyPi7ODg5vEvyce/nTvbxTYb2yja/x/YTfez+c/r7eY/pdX5T7SZ/xxuk7s7sX3+lx72oJmOsvnfu23nv6sXrYYH8tr/mnO+oeTylWqajW3/j4hTMbQ/q291Pefc0oPlTuvWzv+yJWu/NRfM+/FwcP/650xVGpVniXmtR7cjXmo7/01W93/SZv9n78fFLts4kd57pdO67eN/vpZ/iHi17f5/ckUr2fr65GjzeBhtHRWb/XnnxK+d2t/t+LP9f2jr+IeTtddr60/fxvcH/k47rVsXf3R//O9LPmmW9+WP3ag0GnNjEfuSDzc/Pv7kua16a/ss/lMntx7/2h3/ByPi0y7jv3P8x5e7in+X9v/UU+3/py88+OCz7zq1393490azdCp/pJvxr9sOPst7BwAAAAAAAP2mFBFHIimVV8ulUrm8cn/H8ThUqtbqjdOXa/NXp6L5XdnhGCq1rnQfXXM/xFh+P2yrPr6hPhERxyLi64GDzXp5slad2u3gAQAAAAAAAAAAAAAAAAAAoE8c7vD9/8xvA7vdO+C585PfUFzb5n8vfukJ6Ev+/0NxyX8oLvkPxSX/objkPxSX/Ifikv9QXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeurihQvZsrz0+OZkVp+6vjA/U7t+Ziqtz5Rn5yfLk7W5a+XpWm26mpYna7PbvV61Vrs2Nh7zN0Ybab0xWl9YvDRbm7/auHRltjKdXkqH/pWoAAAAAAAAAAAAAAAAAAAAYG+pLyzOVKrVdE5BYUeFwf7oxp4vZNnYB91Y1x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6A//BAAA//8iuzYD")
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x400000]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
fallocate(r1, 0x10, 0x800, 0x8000)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)

1m27.700402951s ago: executing program 1 (id=9192):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x4008, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x2100000000000000, &(0x7f0000000840)=@base={0xa, 0x101, 0x7ffb, 0xcc, 0x8, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)

1m27.028876946s ago: executing program 1 (id=9206):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r3, 0x4b72, &(0x7f0000000040)={0x0, 0x4000000, 0x8, 0xd, 0x200, &(0x7f0000000080)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000a0000fdfd000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000005000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

1m26.960608071s ago: executing program 41 (id=9206):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r3, 0x4b72, &(0x7f0000000040)={0x0, 0x4000000, 0x8, 0xd, 0x200, &(0x7f0000000080)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000a0000fdfd000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000005000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

57.693479517s ago: executing program 8 (id=9902):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r3}, 0x18)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000240)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000f00030001332564aaee7b1d58b9a64411f6bbf44d", 0x39}], 0x1)
close(r0)

57.625325632s ago: executing program 8 (id=9903):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0xffffffff, 0xfffffffd})
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)

57.591325225s ago: executing program 8 (id=9905):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c)
recvmsg(r1, &(0x7f0000001800)={0x0, 0x0, 0x0}, 0x80)
sendmmsg$inet6(r1, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

56.709285286s ago: executing program 8 (id=9928):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x80000, 0x0)

56.652085511s ago: executing program 8 (id=9929):
r0 = gettid()
r1 = socket(0x40000000015, 0x5, 0x0)
recvmmsg(r1, &(0x7f0000003c40)=[{{0x0, 0x0, 0x0}, 0x80000000}], 0x1, 0x60010002, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000300))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)

56.54414509s ago: executing program 8 (id=9931):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0xc, 0x1b, 0xfc, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)

56.54403246s ago: executing program 42 (id=9931):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0xc, 0x1b, 0xfc, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)

1.019886828s ago: executing program 0 (id=11320):
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
socket$packet(0x11, 0xa, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

922.168685ms ago: executing program 5 (id=11322):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000010000000500080001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000f7ff0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10)
r2 = socket$inet6(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r3}, 0x10)
sendto$inet6(r2, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

802.695175ms ago: executing program 0 (id=11324):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x8000000000000002, &(0x7f0000000e80)={<r3=>0xffffffffffffffff}, 0x2, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r3, 0x1}}, 0x18)

770.252138ms ago: executing program 3 (id=11325):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50)

752.28868ms ago: executing program 5 (id=11326):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x979f}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x86)
pipe2$9p(&(0x7f0000001080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000500)=ANY=[@ANYBLOB='S\x00'], 0x53)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

747.080809ms ago: executing program 0 (id=11327):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000001200)=ANY=[@ANYBLOB="727de5652eba640ad4ab7829fd442f6922fd3fca6383ca26aa9caffb75dceb74cb77fd94a9efa6112639f956e4cade0ebf35e1caf7bfec3c762a5a48ddb8fdbbfdff8380b6cdf4f1a4dd97af99f3688d21c4a4aff522ce9c0b88f92acf22f5cc44973fcd803c49c90e8ad03bb01c6abed18702b78d0ff99fc43cf4ae95c8f8691b0f30a45140604f4990116c267e3bc93e0a3f4860ec95b56416c1a1ad8d7c93355e2d0bbec7abed5b9df8a82c7f81f8f8305aec4a3fedc3c35475cf89720ea1f9b00035b5bee5507e46dcb6f0a11531e356bdc523e52590cbc106ca88fbebf8a4a39eae5b14f33c37e1ab6ac8c7a311c836650c82fba2adb13526c84c481775b54a411c619e7beb11049db647ef30c065bfb5990bc7cb43d1b9ce8a67fda6ea70988b23b18302b88124d35b1d8d6b5bed59167175c7c42ccece2df567b1feaafc0a030df301450faabeffa8a33dc9c8bae78afc6d671e6ed47e30568e7482196ad91aaaafbbdc288e7c1ce64f5575571ea6f1fcb7284f0db8bdfd10cdf48ce4e5053f6614fb9fc7d7b25aca3141a49efeda8d075c53de70814bf1345e631c49d08be67ef8b68e81ac2b901c460230ef160722a9c2b6a8da09c9ed9bfa136256b98a47cdf82683fac4da80c5987e8368bf039807f0782d1f505ca11115c4f41fa23298c6bd2f4b34689f581fb736be1722c84f3ffe5167b1c322a2b7f145c9eb2bb55febb09654fa53e43557fe55ec2475b74c185470a085b711e692458a1334133b7e2e4471fc108aec6e77b8d7382b49b423b531e03201fc47f975569249b6c21a76df1e38074a294896e1486403da958c65c334478bb053a1e024594ec53b45a04cb8b7d272f21a4ca82d9abedea416a9a47e2d79e286c43e7891c23bc941cf1c3b9beb5e397646b214e1daac024c19c6cf3726013815f131fa37832efca29e825a43d55045824d18fa8b28c7f03d0d753adca0c7529a09a5565f3f3ccf748656d5a2e50c7fb665da049eb864d134debb42d5ddf2c64737b988168e91e89e78f0a8ea4850c777b062c9c88f508d3329e27af8b353e5af4a2a4006ac33caf47550d40e06a93ec24fbbcbce36733dc11c86a1a92a9d5a184ec9b3bfc90cf7e6d575ed01d739c01fcb94c7d7345abcf68ad100a2136a01c7d290b7f772a4cfdccfe8627eca251c6ae2a8b1c23cf9a311ed2827f9dac0e5b8805010e3295fdab825d7a8c762b0339db5f1572713890f2bfafb395880821543abe8d60f2b41a94f3da1cd55012f3263ab9899951e2d97b69ae58db062af8a084574a77b93d957ff561cd3c3386b10e2d4f1d99e754cf6b789287fc7aaf3bf19017e6f8800aae15b17281fe9987cf0e117258ca5b5b593ee1a78538cca3519377462ead2924448b63a1e2157d07cba9dfa9183ba57322fe67806f8053e26c048c3a297282bab995dbe106073ae42d491dbda468609dc22e0fb98f996c4ae83488c3d57c5e199caf64c64539ad0ae981ff2ce8f4c3d4d75b7e96e7ddd790459117b6da5dc9b297a5e282397bed15e9e69662baf6e2e31bbf2a51e2761d031d7df8c845fa30706e5cfc64c13d7902eba399db6a70e3816834f7071effc370335eaae9c849db226bd236679297ec97d93a0301a5f8ee6646df2036057ff3634312eaaa40eef2868e459d111c4ace869fab450db55f0e096b3ec8bbbe0080ac41c6484b41532ec3a873c57d5e1369a1de5d966a9ab0947de4ff705bca64d637a03b41f8fb74ee17ff6620b55133fea04ab60e98844c57f9590617d0a5547590992accef4c907e854d4cd69d349cd5683a90e61bd2dbfef1ce9a7d3f9ed013b01dcdd37313a86c2d850a937d03adea24365e92391dc0f29b3cda8b18f39308c96f6cfd87ae51ddd25eceea79258c52d407c09744535342c285ca440a31b4b11b70ee993a7315ba1f8253142792d2e0a0ff4269b5752961644c7025568f53e75ea4709025075711b2ffc58c55e72c636f822007f7573b8f86e1d48f4671b3de8ca446630e711d133b6403cdb66df2225529e13d65c664ae8cb79d181f80a9f6dce227b0561be7f4fba4fd9c3338242b83e61d156dcdc29bcfc658237912e61b9af6191c23cb9d74af02d8c99d212a87d95ddae4db825d67c78359048980676ef750cf1d49103d79ed694e77e50cd8eb369ec679da8923e53df0b5df6e89bf4c0159daa8cd0462d6ad17701cff3e3857e2be2f303c3d7f03b56c76b218b5d0413bb7bd94c0e646e54726907c6d3e60aac4633f0615c353c500c0c65f49f9796ecee893fab0b6e61e0c6861bb4a117ca8de548eac4da2e3a38c4d920c93c0ff1dd8e578063f21d342fe03b1466a903c6ec0d0a39d8929cb3be90e6e6c6423beccb900a9e6d24510ee173cc456c8c25ed9b8634ab91e0563f02eea8e55b03c7b053fc322b9836ff6d50ce9b401d95cf9ace2808bf31ac70f695d30ac04ab330ba45ed28106dda798e507a1fcbfb600ff7df4c5091ab21cba03bb7e331ecf1d248ddaec488535ba74d3e60d207a20d45efdfea2a5dcc2a81e36e52c320a25f58d853cfce701bb3db7f79db1c6233d71f3511a6ef035438da8d0cb9c97cbd764046ff81e00183ba12b96f31b9d2c135ca4809bf1c646290d3e404e5d3e6121b1b3f133ff202e42a631e9124da75383d6ced1a95fdebfdd9cb5e7dca6d5914a1a252cb69c37f1cff60f113886e10f1041ab13542777a12400246e7fd89eda3a0d98f5ce3dde2b4bdaf7ad9aa7e8d781f08692d489a7ee4a3597d363e170de888d737a4aa70c853c23bf8382720eb5f8831d2bf4722cd83ebcd16b218d0f0a913d4458515310b0fa61e8b26922cd01ebd7a67b268eea885e19372fc6dc31433169df8c224b28079bdf3fe567bf4be98cc13f79b7bc29be5baa69019b83254ffacacb3be02652fbf8baad19ebe2c865425a11116b5a1244cf8dd987bde5d53f36139d8e57238b2400e0f247e3a45624fcf1fbedcdc302eb9a9918e32a5c2016ac7abb9bd15b0f1f6656872bb99cc5237dfaacea9ffa690aa7769b7fd9c82d05ed3322d03b7408abc4307352ff5cc3d4df826207eae5dc642f3ef9c47daf4909c4e092e6db01cc38876ae56b951054fc08aaa86d68fd33e3fe9f9ff86e60f722d10b5f557b788468a52053943bd59ccae0052651cec9434a381fd74bc1148ea276e7a0e6016c886c0a020fdf7ed2d3799add9c1538f4f099dac5adc1b0c78f2135aaa46f7bc065cccd6ef74e5c9b32fa05804397ff6cf4460d0fdf6edff614fc1607c67f3cda65bd2e427f65fb4f94fe9cf477bdbc6c296dc2f8240a4a97f763a84dfe7ff3fc50ffec6872e129baa59b4035918253504e4d30cae4adc616b32542218fc6da065848961f7cfef04ac640eb0b78ba3e8737d1b7849d7c57eb96fb190b7fd9d7870c24486f6e29319ffb6a87d0943d4f3bb95c296d113eef8728ab48e3f26a25fafe18054ad5ecd01acb5c5669612ed89157e545c5ab33b8c37176bdbcabec5c992b769a3078a24615b47b09afecf8a55a2851f56b08204b1176e6d50521ecfe06cb133047210fc2a2239ee4220af51d891dbc6c2e707fa80dad1d7733c35a4307203c64c2633869a9af1111bc3d78e913bea00255426b3fcd69cb77890a8e4efbf23069cc8351e0eebc0d8f3323bae169b29469ffbda0f2fa5a363be14cc910dd1d23dfabaa8d2d0799e34b5ec924fede74af09238849bd6afdd7051fb1b3cd8b67ea1c70a05c6d02004fe6719b378303c4a3e2ff210882258ac11bb63758e09173208c649e895f1050d9453a1cdb23f9cbcba221e72c1f16df318e155eeb60ca5fba3d2bb4f4d335bc25ad34c1b03d28d698a11e3df049002177d712054279e7a0be4bccf154c08df6ff615a974bd6b5a3d2fd25b0527a631ba1be3c70287cbdf5fc8268bdf77d0ee64679471d1cc2ca6aea422a0baeaf1babe87f7708e5f6e9b19527519a05800d09b5b81fa13c5776fb1ecc04cad19960dc702c7111b8e16d7c53c055f97e30dc8849c0addac95792362a40410854666f8122f52029252779d5bca669cf2c73d673f503c7f685ce0166f7e98d6d6b54bc38cf8defbe34f564ab320df061d4d4f065036748b7a110c1c174e9fbdf805281fe1647bce0d811f8b0e2f652651c58171427b58373f3c50a0f3618a07ee9115683f92743ba00d774e9b824150310e6b4a21f671fa7b24bbf07907511d97b1b965afe472d0babc685717ca81e1d3e3b1f411c735fdc43c9b1b96832e939494057791ffae1347ec2d2d9ec326b5ee1f265dd93724279cf54260a2f59a397ad8ea5aa2f2a6bb13307c0d270352816dbb97a780241d095e1874ecf076ad29552d90183c76263fbfdd572fd855f44b700e75debe6200969b70319cf71bed876349fa7c36d5ef29ac8c012a566616140daf69a0e6554f01536ae353641eb16e9773a20e3eb38d722399cfe3ddbba5cb5d714f3dd5a8bcb68a758a404ad97506ba1a24ebbdc8c61d6f69d02f23b417d4db06f0e9f7d596b67d231c49d2ad2b3f36816a25d5009025c84c0d22ddee1c33d9bf0bb39cf47e078a8ef4c13e2dbac6ec08bd49ba73f18c3653da3992401257e367d1be6417fd2548eaf8b39546bc926af53c5d06cd2baa8bcd53cd235dcc16298699130ce4a07bc58688eae8c0e29876df8c1975bb8d13dda89b3d0374b0ea87ae33acb4763fc2bee6bde59839e73186febdae24f1457131fc927fd1ac45c3755d0c000e51209afd2b37955eaab0f97217402ff9a12a021d665090641da7cdff34375fe3cb46c0f6d933b0cf7906d0ffff6a2727dec5de61c106fda5da3752c797433d6ac0ada1389b0880d09e0853e5f47e173f9db9d744a14d507d4f390de9c7e2a887c8a573b2e88c33d327c49c1b42ff031849d72909f5c17813394a1d0773e8aa751180f881a8627da176c5f3e8258397ac7bf06256e1d9a8e21e34d8133b0e0d802ffe6c9e426ff28831fe0b5c0c87b322dfe60aa6677607e2fb6d0e57eb677fd85e046ae6dc6d472fae64bba83eeed9a5801f41883dd5246c291114a7e12aae10e6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
pipe(&(0x7f0000019480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000240)=[{&(0x7f00000000c0)="dc", 0x1}], 0x1, 0x3)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

677.495875ms ago: executing program 0 (id=11330):
socket$kcm(0x2a, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="6400000008060500000000000000000000000000120003006269746d61703a69702c6d616300000005000400030000000900020073797a310000000018000780050003001f0000000c00018008000140000000000500050002000000050001"], 0x64}, 0x1, 0x0, 0x0, 0x44890}, 0x0)
r1 = socket(0x23, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000009180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0)

675.204046ms ago: executing program 3 (id=11331):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x1d, r2, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000000)=@chain)

644.433338ms ago: executing program 6 (id=11332):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xf, 0x4, 0x4, 0x12}, 0x50)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002f00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r4, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f00000005c0)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

638.344528ms ago: executing program 5 (id=11333):
sendto(0xffffffffffffffff, &(0x7f00000000c0)="120000001200e7ef007b", 0xa, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x6}]}, 0x10)

612.840991ms ago: executing program 0 (id=11334):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x4c, 0x12, 0x301, 0x0, 0xfffffffd, {0x1f, 0x4, 0x0, 0x0, {0x4e22, 0x4e23, [0x0, 0x3, 0x300000, 0x4000000], [0x4, 0x0, 0x2], 0x0, [0x47]}, 0xf0ffff80}}, 0x4c}, 0x1, 0x0, 0x0, 0x20040849}, 0x0)

557.023575ms ago: executing program 3 (id=11336):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x100}, 0x18)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000140)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0)

549.942526ms ago: executing program 5 (id=11337):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4000, 0x0, 0x865d, 0xfd, "ffff00"})
syz_open_pts(r2, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

537.285177ms ago: executing program 4 (id=11338):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt', 0x0, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x1c0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000700)='mnt/encrypted_dir/file\x00', 0x42, 0x180)
write(r2, &(0x7f0000000740)='foo', 0x3)

469.432522ms ago: executing program 5 (id=11339):
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/FH50/9GTqJCAqqp7ypiIPbdaAjNKKBUS4sITjmWY2dtrEzVpNwCwJvuuimf9cVRAhCdBEEYhddhRLeddGdd15kV0lEJ+Y0N5tapk7y/brYHvZ8P4fv+bPD9h1s+vjda9GwY4TNlFTXV0l1u+RktkqapVoW5OTI9ZH3+85duHg6EAx2nFXtDHT7/KradGC09+bwobHUjvMvm17XyXjzpekZ/9T47vE909+7r0YcjTgai6fU1L54PGX22Zb233eihuoZ2zIdSyMxx0qW9MN2PJHIqBnrb2xIJC3HUTOW0aiV0VRcU8mMmlfMSEwNw9DGBsHKhtOPAst3Q89nXVdmUu9cty4nruvmX6zfxOmhwubOv+sWnf87lZ4SNlHRTb1exB5Kh9KhwnOhHwhLRGyxpFW88k3y14j7eMSdu1Tyjzf8I8HJo2/fqGqzDNrZ+Xw2HfKU5n3idT2FTEGh7jwV7PBpQWn+P2kozvvFK7vK5/1l87VyuKUob4hXJi9LXGyZGD34Zapr6MFCftCneqIruCT/v/QvHqZnnyt0fgAAAAAAAAAAWAtDfyq7fm/kB9weUNXGJf1CvtzvA0vX51vLrs/XyN6ayu47AAAAAADbhZMZiJq2bSX/ssh/lV+P7fx7xZNbvz94f+fKY1raPBPtH3KJrbBff1B87dkS0ygtZH71abXBnnV+pywWn9ZlO1Xz81t+zMnejy9W3U7tL8dnOWMbf1cCAAAAsBEWP/S3STb8Kp3tOXav0nMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGC7WcNfjk08LNfSfLHzablWpfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgJT8CAAD//wva0Pw=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
renameat2(r2, &(0x7f0000000140)='./file1\x00', r2, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1)

452.956143ms ago: executing program 3 (id=11340):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x3, 0x0, @vifc_lcl_addr=@local, @local}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x4, 0xfd, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0xfb, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x64, 0xd2}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)

446.736484ms ago: executing program 6 (id=11341):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000000380)=<r1=>0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x2c6e02a6a3a98c83, 0x9, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])

379.667769ms ago: executing program 4 (id=11342):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')

369.31143ms ago: executing program 3 (id=11343):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r3 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r4 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc3}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r4, r3, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x4, r2, r2, 0x0, 0x0)

343.609932ms ago: executing program 5 (id=11344):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000000906010200000c0000000000020000000900020073797a310000000005000100070000002c0007801800018014000240fe8000000000000000000000000000bb060004404e1f00000500070088"], 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)

338.913263ms ago: executing program 6 (id=11345):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0xfffffffffffffffc, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}, 0x13f, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r3, 0x0, 0x2, 0x2}}, 0x20)

281.915237ms ago: executing program 6 (id=11346):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837d"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='setgroups\x00')
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x80)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000210000000000000000000000000a6c000000160a3f360000000000000000020000000900010073797a30000000004000038008000240000000002c0003801400010076657468305f746f5f626f6e64000000140001007665746830000000000000000000000008000140000000000900020073797a300000000014000000110001"], 0x94}}, 0x8000)
sendmsg$NFT_MSG_GETFLOWTABLE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b80)=ANY=[@ANYBLOB="20000000170a01030000000400000000000000060900010073797a3000000000"], 0x20}, 0x1, 0x0, 0x0, 0x20000005}, 0x4000000)
close_range(r1, 0xffffffffffffffff, 0x0)

266.375008ms ago: executing program 4 (id=11347):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa00000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)

259.347509ms ago: executing program 3 (id=11348):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x4000, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
fallocate(r1, 0x0, 0x9, 0x2000406)

201.258584ms ago: executing program 6 (id=11349):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
ptrace$pokeuser(0x6, r0, 0x358, 0x0)

140.414109ms ago: executing program 4 (id=11350):
ioctl$BINDER_FREEZE(0xffffffffffffffff, 0x400c620e, &(0x7f0000000080)={0x0, 0x0, 0x5a})
mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000)
pipe2$9p(&(0x7f0000000180), 0x80)
lstat(0x0, &(0x7f0000000200))
getresuid(&(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300))
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000400), 0x80, 0x0)
ioctl$KDENABIO(r0, 0x4b36)
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000001480), &(0x7f00000014c0)='./file0\x00', 0x8, 0x2)

131.386869ms ago: executing program 6 (id=11351):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r1, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f0000000240)={&(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x20001)
sendmsg$tipc(r2, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x2, {0x41}}, 0x10, 0x0}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

93.101943ms ago: executing program 0 (id=11352):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES32, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x145c7e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
io_setup(0x5ff, &(0x7f0000000400)=<r2=>0x0)
io_submit(r2, 0x1ffffff0, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000)="96", 0xffffff20}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r0, 0x0, 0x0, 0xffffffffffffffff}])

79.114964ms ago: executing program 4 (id=11353):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='rxrpc_local\x00', r3}, 0x18)
r4 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

0s ago: executing program 4 (id=11354):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x10)
mkdir(&(0x7f0000000080)='./file0\x00', 0x56)

kernel console output (not intermixed with test programs):

rs = 2 limit=128
[  301.292080][T26709] Buffer I/O error on dev loop3, logical block 72, lost async page write
[  301.303017][T26709] syz.3.9469: attempt to access beyond end of device
[  301.303017][T26709] loop3: rw=2049, sector=146, nr_sectors = 104 limit=128
[  301.582138][T26727] netlink: 29 bytes leftover after parsing attributes in process `syz.4.9476'.
[  301.645348][T26731] netlink: 14 bytes leftover after parsing attributes in process `syz.0.9478'.
[  301.669619][T26731] hsr_slave_0: left promiscuous mode
[  301.677246][T26731] hsr_slave_1: left promiscuous mode
[  301.768127][T26741] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9482'.
[  301.810130][T26741] netem: change failed
[  302.170745][T26776] loop3: detected capacity change from 0 to 1024
[  302.189915][T26776] EXT4-fs: Ignoring removed i_version option
[  302.216364][T26776] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  302.260597][T26776] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.9498: Invalid block bitmap block 0 in block_group 0
[  302.275722][T26784] syzkaller0: entered allmulticast mode
[  302.282910][T26776] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.9498: Failed to acquire dquot type 0
[  302.296625][T26776] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.9498: Freeing blocks not in datazone - block = 0, count = 4096
[  302.310240][T26776] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.9498: Invalid inode bitmap blk 0 in block_group 0
[  302.323208][T26776] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  302.332930][ T3609] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:18: Failed to release dquot type 0
[  302.345448][T26776] EXT4-fs (loop3): 1 orphan inode deleted
[  302.351905][T26776] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.371842][T26776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.401632][T26784] syzkaller0 (unregistering): left allmulticast mode
[  302.921047][T26817] netlink: 14 bytes leftover after parsing attributes in process `syz.6.9511'.
[  302.941961][T26817] hsr_slave_0: left promiscuous mode
[  302.961840][T26817] hsr_slave_1: left promiscuous mode
[  303.726369][T26892] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.733602][T26892] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.785318][T26892] wg2: left promiscuous mode
[  303.790259][T26892] wg2: left allmulticast mode
[  303.843019][T26892] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  303.863181][T26892] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  303.924304][ T3659] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.936819][ T3659] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.948935][ T3659] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.983023][ T3659] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.172916][T26924] loop4: detected capacity change from 0 to 8192
[  304.209663][T26924]  loop4: p1 p2 p3 p4
[  304.214388][T26924] loop4: p2 start 151000334 is beyond EOD, truncated
[  304.221216][T26924] loop4: p3 start 331777 is beyond EOD, truncated
[  304.227659][T26924] loop4: p4 size 263168 extends beyond EOD, truncated
[  304.264777][T26936] netlink: 96 bytes leftover after parsing attributes in process `syz.0.9541'.
[  304.331785][T26939] netlink: 'syz.0.9542': attribute type 3 has an invalid length.
[  304.595504][T26963] SELinux: ebitmap: truncated map
[  304.602571][T26963] SELinux: failed to load policy
[  304.730342][T26982] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9561'.
[  304.741859][T26982] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9561'.
[  304.984457][T26999] macsec1: entered promiscuous mode
[  304.989731][T26999] bridge0: entered promiscuous mode
[  304.995612][T26999] bridge0: port 1(macsec1) entered blocking state
[  305.002095][T26999] bridge0: port 1(macsec1) entered disabled state
[  305.009861][T26999] macsec1: entered allmulticast mode
[  305.015156][T26999] bridge0: entered allmulticast mode
[  305.036882][T26999] macsec1: left allmulticast mode
[  305.041981][T26999] bridge0: left allmulticast mode
[  305.047981][T26999] bridge0: left promiscuous mode
[  305.451988][T27028] macsec1: entered promiscuous mode
[  305.457213][T27028] bridge0: entered promiscuous mode
[  305.462952][T27028] bridge0: port 3(macsec1) entered blocking state
[  305.469509][T27028] bridge0: port 3(macsec1) entered disabled state
[  305.476841][T27028] macsec1: entered allmulticast mode
[  305.482196][T27028] bridge0: entered allmulticast mode
[  305.487881][T27028] macsec1: left allmulticast mode
[  305.492934][T27028] bridge0: left allmulticast mode
[  305.498310][T27028] bridge0: left promiscuous mode
[  305.896756][   T29] kauditd_printk_skb: 1692 callbacks suppressed
[  305.896771][   T29] audit: type=1326 audit(305.933:23354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27021 comm="syz.3.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f93654b5ba7 code=0x7ffc0000
[  305.953467][   T29] audit: type=1326 audit(305.933:23355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27021 comm="syz.3.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f936545ade9 code=0x7ffc0000
[  305.976554][   T29] audit: type=1326 audit(305.933:23356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27021 comm="syz.3.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f93654bebe9 code=0x7ffc0000
[  305.999533][   T29] audit: type=1326 audit(305.953:23357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27021 comm="syz.3.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f93654b5ba7 code=0x7ffc0000
[  306.022438][   T29] audit: type=1326 audit(305.953:23358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27021 comm="syz.3.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f936545ade9 code=0x7ffc0000
[  306.045304][   T29] audit: type=1326 audit(305.953:23359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27021 comm="syz.3.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f93654bebe9 code=0x7ffc0000
[  306.068372][   T29] audit: type=1326 audit(305.953:23360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27021 comm="syz.3.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f93654b5ba7 code=0x7ffc0000
[  306.091279][   T29] audit: type=1326 audit(305.953:23361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27021 comm="syz.3.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f936545ade9 code=0x7ffc0000
[  306.114214][   T29] audit: type=1326 audit(305.953:23362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27021 comm="syz.3.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f93654bebe9 code=0x7ffc0000
[  306.137160][   T29] audit: type=1326 audit(305.973:23363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27021 comm="syz.3.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f93654b5ba7 code=0x7ffc0000
[  306.446570][T27062] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9599'.
[  306.480777][T27062] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9599'.
[  306.509089][T27062] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9599'.
[  306.845303][T27085] loop4: detected capacity change from 0 to 128
[  306.863563][T27085] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  306.933543][T22564] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  307.034759][T27099] __nla_validate_parse: 1 callbacks suppressed
[  307.034778][T27099] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9612'.
[  307.336986][T27120] netlink: 24 bytes leftover after parsing attributes in process `syz.8.9618'.
[  307.790102][T27144] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.852806][T27144] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.909981][T27144] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.980289][T27144] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.041408][ T3659] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  308.058357][ T3659] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  308.076609][ T3659] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  308.091113][T27162] netlink: 100 bytes leftover after parsing attributes in process `syz.0.9636'.
[  308.100355][ T3659] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  308.193177][T27174] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27174 comm=syz.0.9645
[  308.248720][T27178] netlink: 24 bytes leftover after parsing attributes in process `syz.6.9646'.
[  308.445679][T27190] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  308.822220][T27212] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9661'.
[  308.831270][T27212] netlink: 28 bytes leftover after parsing attributes in process `syz.8.9661'.
[  308.840318][T27212] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9661'.
[  308.850566][T27212] netlink: 28 bytes leftover after parsing attributes in process `syz.8.9661'.
[  308.859536][T27212] netlink: 'syz.8.9661': attribute type 6 has an invalid length.
[  308.896033][T27214] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9662'.
[  309.750782][T27269] geneve0: entered allmulticast mode
[  309.764981][T27269] geneve0: entered promiscuous mode
[  309.820420][T27274] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9673'.
[  309.886443][T27267] geneve0: left promiscuous mode
[  309.891630][T27267] geneve0: left allmulticast mode
[  310.161389][T27315] 8021q: adding VLAN 0 to HW filter on device bond2
[  310.178876][T27315] vlan2: entered allmulticast mode
[  310.184181][T27315] bond2: entered allmulticast mode
[  310.511103][T27339] tipc: Started in network mode
[  310.516004][T27339] tipc: Node identity c2951f63232f, cluster identity 4711
[  310.523306][T27339] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  310.583969][T27344] atomic_op ffff88810463e928 conn xmit_atomic 0000000000000000
[  310.620802][T27339] tipc: Disabling bearer <eth:syzkaller0>
[  310.869293][T27362] loop4: detected capacity change from 0 to 128
[  310.915599][   T29] kauditd_printk_skb: 1049 callbacks suppressed
[  310.915611][   T29] audit: type=1400 audit(310.953:24413): avc:  denied  { map_create } for  pid=27364 comm="syz.3.9696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  310.940634][   T29] audit: type=1400 audit(310.953:24414): avc:  denied  { perfmon } for  pid=27364 comm="syz.3.9696" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  310.961649][   T29] audit: type=1400 audit(311.003:24415): avc:  denied  { map_read map_write } for  pid=27364 comm="syz.3.9696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  310.981226][   T29] audit: type=1400 audit(311.003:24416): avc:  denied  { prog_load } for  pid=27364 comm="syz.3.9696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  310.999869][   T29] audit: type=1400 audit(311.013:24417): avc:  denied  { bpf } for  pid=27364 comm="syz.3.9696" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  311.020087][   T29] audit: type=1400 audit(311.013:24418): avc:  denied  { perfmon } for  pid=27364 comm="syz.3.9696" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  311.040544][   T29] audit: type=1400 audit(311.013:24419): avc:  denied  { prog_run } for  pid=27364 comm="syz.3.9696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  311.084212][   T29] audit: type=1400 audit(311.103:24420): avc:  denied  { unmount } for  pid=22564 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  311.103736][   T29] audit: type=1400 audit(311.123:24421): avc:  denied  { read write } for  pid=22564 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  311.127524][   T29] audit: type=1400 audit(311.123:24422): avc:  denied  { open } for  pid=22564 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  311.261181][ T3610] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  311.284254][ T3610] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  311.318583][ T3610] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  311.341018][ T3610] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  311.386152][T27380] batman_adv: batadv0: Removing interface: batadv_slave_0
[  311.418786][T27380] batman_adv: batadv0: Removing interface: batadv_slave_1
[  311.454468][T27382] geneve2: entered promiscuous mode
[  311.459907][T27382] geneve2: entered allmulticast mode
[  311.818939][   T23] IPVS: starting estimator thread 0...
[  311.892711][T27418] cgroup: Unknown subsys name 'cpuset'
[  311.910336][T27411] IPVS: using max 2256 ests per chain, 112800 per kthread
[  312.460177][T27453] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  312.706243][T27469] __nla_validate_parse: 7 callbacks suppressed
[  312.706258][T27469] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9740'.
[  312.945009][T27493] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  312.965612][T27493] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  313.031402][T27493] 9pnet: p9_errstr2errno: server reported unknown error 滰00000000000000000000010
[  313.330731][T27520] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9755'.
[  313.354155][T27520] batman_adv: batadv0: Removing interface: batadv_slave_0
[  313.375470][T27520] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.696186][T27547] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.769144][T27547] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.895175][T27580] loop3: detected capacity change from 0 to 128
[  313.903555][T27547] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.926977][T27580] syz.3.9761: attempt to access beyond end of device
[  313.926977][T27580] loop3: rw=2049, sector=138, nr_sectors = 112 limit=128
[  313.953908][T27580] syz.3.9761: attempt to access beyond end of device
[  313.953908][T27580] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128
[  313.967382][T27580] Buffer I/O error on dev loop3, logical block 69, lost async page write
[  313.975977][T27580] syz.3.9761: attempt to access beyond end of device
[  313.975977][T27580] loop3: rw=2049, sector=140, nr_sectors = 2 limit=128
[  313.989414][T27580] Buffer I/O error on dev loop3, logical block 70, lost async page write
[  314.020921][T27547] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.108928][ T3645] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  314.137843][ T3645] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  314.164043][ T3645] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  314.181448][ T3645] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  314.482424][T27598] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9772'.
[  314.765728][T27617] pim6reg1: entered promiscuous mode
[  314.771118][T27617] pim6reg1: entered allmulticast mode
[  314.984916][T27631] program syz.0.9785 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  315.263723][T27648] netlink: 'syz.8.9794': attribute type 39 has an invalid length.
[  315.602810][T27655] geneve2: entered promiscuous mode
[  315.608074][T27655] geneve2: entered allmulticast mode
[  315.889913][T27664] netlink: 28 bytes leftover after parsing attributes in process `syz.8.9802'.
[  315.898877][T27664] netlink: 32 bytes leftover after parsing attributes in process `syz.8.9802'.
[  315.907844][T27664] netlink: 28 bytes leftover after parsing attributes in process `syz.8.9802'.
[  315.916936][T27664] netlink: 32 bytes leftover after parsing attributes in process `syz.8.9802'.
[  315.946019][   T29] kauditd_printk_skb: 1432 callbacks suppressed
[  315.946034][   T29] audit: type=1400 audit(315.983:25855): avc:  denied  { map_create } for  pid=27667 comm="syz.8.9803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  315.971337][   T29] audit: type=1400 audit(315.983:25856): avc:  denied  { bpf } for  pid=27667 comm="syz.8.9803" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  315.991464][   T29] audit: type=1400 audit(315.983:25857): avc:  denied  { map_read } for  pid=27667 comm="syz.8.9803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  316.010104][   T29] audit: type=1400 audit(315.983:25858): avc:  denied  { prog_load } for  pid=27667 comm="syz.8.9803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  316.028930][   T29] audit: type=1400 audit(315.983:25859): avc:  denied  { perfmon } for  pid=27667 comm="syz.8.9803" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  316.049473][   T29] audit: type=1400 audit(315.983:25860): avc:  denied  { prog_run } for  pid=27667 comm="syz.8.9803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  316.084430][   T29] audit: type=1400 audit(316.123:25861): avc:  denied  { mount } for  pid=27667 comm="syz.8.9803" name="/" dev="ramfs" ino=94924 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  316.112533][   T29] audit: type=1400 audit(316.153:25862): avc:  denied  { read write } for  pid=22564 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  316.144629][   T29] audit: type=1400 audit(316.153:25863): avc:  denied  { open } for  pid=22564 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  316.168334][   T29] audit: type=1400 audit(316.153:25864): avc:  denied  { ioctl } for  pid=22564 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  316.244740][T27677] serio: Serial port ptm0
[  316.358390][T27682] netlink: 'syz.4.9808': attribute type 39 has an invalid length.
[  316.479795][T27688] ip6gre1: entered allmulticast mode
[  316.627701][T27702] random: crng reseeded on system resumption
[  316.747659][T27714] netlink: 'syz.3.9823': attribute type 39 has an invalid length.
[  316.763474][T27713] netlink: 14 bytes leftover after parsing attributes in process `syz.8.9822'.
[  316.780500][ T3618] smc: removing ib device syz2
[  316.783770][T27713] $H� (unregistering): Released all slaves
[  317.493798][T27756] netlink: 'syz.0.9839': attribute type 39 has an invalid length.
[  317.624205][T27761] netlink: 14 bytes leftover after parsing attributes in process `syz.0.9841'.
[  317.635837][T27761] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  317.646258][T27761] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  317.655474][T27761] bond0 (unregistering): Released all slaves
[  317.926001][T27783] vlan2: entered allmulticast mode
[  317.931166][T27783] macvtap0: entered allmulticast mode
[  318.014846][T27789] netlink: 'syz.6.9853': attribute type 39 has an invalid length.
[  318.321051][T27806] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9861'.
[  318.365600][T27806] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9861'.
[  318.393779][T27812] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9861'.
[  318.447441][T27812] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9861'.
[  318.462532][T27806] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9861'.
[  318.500890][T27812] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9861'.
[  318.648764][   T23] hid_parser_main: 33 callbacks suppressed
[  318.648781][   T23] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  318.667001][T27838] loop3: detected capacity change from 0 to 512
[  318.673628][   T23] hid-generic 0000:0000:0000.001E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  318.692993][T27838] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.745363][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.780145][    T9] usb usb6-port1: attempt power cycle
[  319.211219][T27864] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  319.773390][T27902] netlink: 32 bytes leftover after parsing attributes in process `syz.0.9899'.
[  319.818336][T27910] netlink: 5 bytes leftover after parsing attributes in process `syz.8.9902'.
[  319.827509][T27910] 0{X功: renamed from gretap0
[  319.833467][T27910] 0{X功: entered allmulticast mode
[  319.839342][T27910] A link change request failed with some changes committed already. Interface 
30{X功 may have been left with an inconsistent configuration, please check.
[  320.205702][T27933] netlink: 332 bytes leftover after parsing attributes in process `syz.3.9911'.
[  320.245492][T27936] loop3: detected capacity change from 0 to 512
[  320.253278][T27936] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  320.265261][T27936] EXT4-fs (loop3): 1 truncate cleaned up
[  320.271361][T27936] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.372816][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.465507][T27948] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9916'.
[  320.599590][    T9] usb usb6-port1: unable to enumerate USB device
[  320.609525][T27723] vhci_hcd: invalid port number 96
[  320.614675][T27723] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  320.671241][T27960] IPVS: Error joining to the multicast group
[  320.744312][T27970] loop4: detected capacity change from 0 to 128
[  320.950105][   T29] kauditd_printk_skb: 1163 callbacks suppressed
[  320.950195][   T29] audit: type=1400 audit(320.993:27028): avc:  denied  { execmem } for  pid=27976 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  320.976165][   T29] audit: type=1400 audit(320.993:27029): avc:  denied  { read write } for  pid=19467 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  321.000123][   T29] audit: type=1400 audit(320.993:27030): avc:  denied  { open } for  pid=19467 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  321.023994][   T29] audit: type=1400 audit(320.993:27031): avc:  denied  { ioctl } for  pid=19467 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  321.070687][   T29] audit: type=1400 audit(321.073:27032): avc:  denied  { read } for  pid=27979 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  321.091707][   T29] audit: type=1400 audit(321.073:27033): avc:  denied  { open } for  pid=27979 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  321.114654][   T29] audit: type=1400 audit(321.073:27034): avc:  denied  { mounton } for  pid=27979 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  321.135715][   T29] audit: type=1400 audit(321.073:27035): avc:  denied  { module_request } for  pid=27979 comm="syz-executor" kmod="netdev-nr5" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  321.157163][   T29] audit: type=1400 audit(321.073:27036): avc:  denied  { sys_module } for  pid=27979 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  321.177941][   T29] audit: type=1400 audit(321.093:27037): avc:  denied  { module_request } for  pid=27979 comm="syz-executor" kmod="nr5" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  321.213870][T27982] loop3: detected capacity change from 0 to 8192
[  321.554758][T27979] chnl_net:caif_netlink_parms(): no params data found
[  321.691227][T27979] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.698317][T27979] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.707285][T27979] bridge_slave_0: entered allmulticast mode
[  321.713745][T27979] bridge_slave_0: entered promiscuous mode
[  321.722530][T27979] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.729653][T27979] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.749979][T27979] bridge_slave_1: entered allmulticast mode
[  321.757708][T27979] bridge_slave_1: entered promiscuous mode
[  321.793919][T27979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.805394][T27979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.843199][T27979] team0: Port device team_slave_0 added
[  321.852416][T27979] team0: Port device team_slave_1 added
[  321.876591][T27979] batman_adv: batadv0: Adding interface: batadv_slave_0
[  321.883600][T27979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.909528][T27979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  321.938202][T27979] batman_adv: batadv0: Adding interface: batadv_slave_1
[  321.945231][T27979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.971224][T27979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  322.015118][T27979] hsr_slave_0: entered promiscuous mode
[  322.033287][T27979] hsr_slave_1: entered promiscuous mode
[  322.039203][T27979] debugfs: 'hsr0' already exists in 'hsr'
[  322.044953][T27979] Cannot create hsr debugfs directory
[  322.177008][T28049] loop3: detected capacity change from 0 to 1024
[  322.184927][T28049] EXT4-fs: inline encryption not supported
[  322.204535][T28049] EXT4-fs: Ignoring removed bh option
[  322.223514][T28049] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.247403][T27979] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.302517][T27979] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.315072][T28049] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  322.330611][T28049] EXT4-fs (loop3): Remounting filesystem read-only
[  322.360112][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.372645][T27979] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.432697][T27979] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.520904][T27979] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  322.530974][T27979] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  322.540366][T27979] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  322.548895][T27979] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  322.614116][T28073] loop3: detected capacity change from 0 to 512
[  322.617801][T27979] 8021q: adding VLAN 0 to HW filter on device bond0
[  322.634028][T27979] 8021q: adding VLAN 0 to HW filter on device team0
[  322.647810][T28073] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.9962: casefold flag without casefold feature
[  322.651600][ T3609] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.667478][ T3609] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.680566][T28073] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.9962: couldn't read orphan inode 15 (err -117)
[  322.695444][T28073] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.700867][ T3627] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.714913][ T3627] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.744104][T27979] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  322.944336][T27979] 8021q: adding VLAN 0 to HW filter on device batadv0
[  323.066622][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.364789][T27979] veth0_vlan: entered promiscuous mode
[  323.398381][T27979] veth1_vlan: entered promiscuous mode
[  323.428991][T27979] veth0_macvtap: entered promiscuous mode
[  323.464636][T27979] veth1_macvtap: entered promiscuous mode
[  323.514379][T27979] batman_adv: batadv0: Interface activated: batadv_slave_0
[  323.544835][T27979] batman_adv: batadv0: Interface activated: batadv_slave_1
[  323.570639][ T3645] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  323.600023][ T3645] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  323.624325][T28124] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  323.647584][ T3645] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  323.656910][ T3645] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  323.680057][T28124] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  323.735173][T28124] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  323.775737][T28129] __nla_validate_parse: 15 callbacks suppressed
[  323.775752][T28129] netlink: 24 bytes leftover after parsing attributes in process `syz.6.9976'.
[  323.802533][T28124] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  323.876376][ T3609] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  323.902181][T28131] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9977'.
[  323.919376][ T3609] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  323.937851][ T3609] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  323.946189][ T3609] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  324.252581][T28156] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9986'.
[  324.261611][T28156] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9986'.
[  324.270682][T28156] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9986'.
[  324.282824][T28156] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9986'.
[  324.291886][T28156] netlink: 'syz.6.9986': attribute type 6 has an invalid length.
[  324.438641][T28175] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9993'.
[  324.462911][T28175] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9993'.
[  324.503721][T28181] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9993'.
[  324.505569][T28180] cgroup: Invalid name
[  324.520270][T28175] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9993'.
[  324.572337][T28183] loop4: detected capacity change from 0 to 1024
[  324.609405][T28183] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.693665][ T3609] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 1: comm kworker/u8:18: lblock 1 mapped to illegal pblock 1 (length 15)
[  324.737893][ T3609] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117
[  324.750402][ T3609] EXT4-fs (loop4): This should not happen!! Data will be lost
[  324.750402][ T3609] 
[  324.785367][T22564] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.970662][T28215] loop3: detected capacity change from 0 to 512
[  325.040393][T28215] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.10010: error while reading EA inode 32 err=-116
[  325.090193][T28215] EXT4-fs (loop3): Remounting filesystem read-only
[  325.096736][T28215] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  325.129731][T28215] EXT4-fs (loop3): 1 orphan inode deleted
[  325.136201][T28215] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.255529][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.501910][T28257] loop3: detected capacity change from 0 to 4096
[  325.513939][T28257] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.855132][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.930984][   T29] kauditd_printk_skb: 1369 callbacks suppressed
[  325.930998][   T29] audit: type=1400 audit(1093.999:28407): avc:  denied  { prog_load } for  pid=28279 comm="syz.3.10036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  325.986894][   T29] audit: type=1400 audit(1093.999:28408): avc:  denied  { bpf } for  pid=28279 comm="syz.3.10036" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  326.007624][   T29] audit: type=1400 audit(1093.999:28409): avc:  denied  { perfmon } for  pid=28279 comm="syz.3.10036" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  326.028389][   T29] audit: type=1400 audit(1093.999:28410): avc:  denied  { perfmon } for  pid=28279 comm="syz.3.10036" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  326.049002][   T29] audit: type=1400 audit(1093.999:28411): avc:  denied  { bpf } for  pid=28279 comm="syz.3.10036" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  326.069253][   T29] audit: type=1400 audit(1093.999:28412): avc:  denied  { prog_run } for  pid=28279 comm="syz.3.10036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  326.084605][T28288] audit: audit_backlog=65 > audit_backlog_limit=64
[  326.087956][   T29] audit: type=1326 audit(1094.030:28413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28271 comm="syz.5.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fba622a5ba7 code=0x7ffc0000
[  326.094468][T28288] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  326.117458][   T29] audit: type=1326 audit(1094.030:28414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28271 comm="syz.5.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fba6224ade9 code=0x7ffc0000
[  326.220728][T28293] loop4: detected capacity change from 0 to 1024
[  326.235614][T28293] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  326.495357][T28313] pim6reg1: entered promiscuous mode
[  326.500743][T28313] pim6reg1: entered allmulticast mode
[  326.633986][T28293] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  326.703108][T28327] 9pnet: p9_errstr2errno: server reported unknown error 
[  326.732168][T22564] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.892092][T28345] netlink: 'syz.5.10058': attribute type 13 has an invalid length.
[  326.951986][T28345] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  327.042852][    T9] usb usb8-port1: attempt power cycle
[  327.085353][T28362] loop4: detected capacity change from 0 to 512
[  327.107777][T28362] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.10065: casefold flag without casefold feature
[  327.134615][T28362] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.10065: couldn't read orphan inode 15 (err -117)
[  327.162454][T28362] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.413305][T22564] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.430778][T28372] loop3: detected capacity change from 0 to 1024
[  327.459938][T28372] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.486328][T28372] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  327.503637][T28372] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  327.516012][T28372] EXT4-fs (loop3): This should not happen!! Data will be lost
[  327.516012][T28372] 
[  327.525681][T28372] EXT4-fs (loop3): Total free blocks count 0
[  327.531685][T28372] EXT4-fs (loop3): Free/Dirty block details
[  327.537572][T28372] EXT4-fs (loop3): free_blocks=20480
[  327.542885][T28372] EXT4-fs (loop3): dirty_blocks=96
[  327.548127][T28372] EXT4-fs (loop3): Block reservation details
[  327.554276][T28372] EXT4-fs (loop3): i_reserved_data_blocks=6
[  327.627828][ T3619] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  327.852024][T28400] loop5: detected capacity change from 0 to 1024
[  327.866002][T28400] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  327.985156][T28413] smc: net device bond0 applied user defined pnetid SYZ0
[  328.008800][T28413] smc: net device bond0 erased user defined pnetid SYZ0
[  328.209248][T28436] loop3: detected capacity change from 0 to 1024
[  328.223719][T28436] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  328.525789][T28459] loop5: detected capacity change from 0 to 512
[  328.574345][T28459] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.10104: casefold flag without casefold feature
[  328.578134][T28465] pimreg: entered allmulticast mode
[  328.605440][T28459] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.10104: couldn't read orphan inode 15 (err -117)
[  328.636453][T28471] loop4: detected capacity change from 0 to 1024
[  328.645227][T28459] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.664508][T28471] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.683786][T28465] pimreg: left allmulticast mode
[  328.739080][T22564] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.824223][    T9] usb usb8-port1: unable to enumerate USB device
[  328.834544][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.834630][T28238] hub 8-0:1.0: USB hub found
[  328.862524][T28238] hub 8-0:1.0: 8 ports detected
[  329.014421][T28492] loop5: detected capacity change from 0 to 1024
[  329.032368][T28493] loop4: detected capacity change from 0 to 2048
[  329.063777][T28493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  329.109432][T22564] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  329.159543][T28504] __nla_validate_parse: 12 callbacks suppressed
[  329.159560][T28504] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10125'.
[  329.501233][T28526] netlink: 14748 bytes leftover after parsing attributes in process `syz.5.10133'.
[  329.540920][T28531] tipc: Started in network mode
[  329.545817][T28531] tipc: Node identity e6c0574dde5b, cluster identity 4711
[  329.553065][T28531] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  329.561330][T28531] tipc: Disabling bearer <eth:syzkaller0>
[  329.697163][T28546] loop3: detected capacity change from 0 to 512
[  329.697448][T28545] loop4: detected capacity change from 0 to 512
[  329.712312][T28546] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  329.722555][T28545] EXT4-fs error (device loop4): ext4_xattr_inode_iget:442: comm syz.4.10142: error while reading EA inode 32 err=-116
[  329.735697][T28545] EXT4-fs (loop4): Remounting filesystem read-only
[  329.742313][T28545] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  329.749934][T28546] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.10143: invalid indirect mapped block 4294967295 (level 0)
[  329.766583][T28545] EXT4-fs (loop4): 1 orphan inode deleted
[  329.773011][T28545] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  329.775761][T28546] EXT4-fs (loop3): Remounting filesystem read-only
[  329.791991][T28546] EXT4-fs (loop3): 1 orphan inode deleted
[  329.797745][T28546] EXT4-fs (loop3): 1 truncate cleaned up
[  329.803879][T28546] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.820137][T22564] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.883949][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.072964][T28562] sch_tbf: burst 1821 is lower than device lo mtu (11337746) !
[  330.404227][T28577] loop3: detected capacity change from 0 to 1024
[  330.416865][T28577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.452492][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.608601][T28578] chnl_net:caif_netlink_parms(): no params data found
[  330.625306][    T9] usb usb8-port1: attempt power cycle
[  330.660465][T28594] loop5: detected capacity change from 0 to 4096
[  330.683656][T28594] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.700967][   T29] kauditd_printk_skb: 1781 callbacks suppressed
[  330.701025][   T29] audit: type=1400 audit(330.950:30195): avc:  denied  { prog_load } for  pid=28602 comm="syz.0.10159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  330.726089][   T29] audit: type=1400 audit(330.950:30196): avc:  denied  { bpf } for  pid=28602 comm="syz.0.10159" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  330.746272][   T29] audit: type=1400 audit(330.950:30197): avc:  denied  { perfmon } for  pid=28602 comm="syz.0.10159" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  330.766826][   T29] audit: type=1400 audit(330.950:30198): avc:  denied  { bpf } for  pid=28602 comm="syz.0.10159" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  330.787027][   T29] audit: type=1400 audit(330.950:30199): avc:  denied  { prog_run } for  pid=28602 comm="syz.0.10159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  330.805682][   T29] audit: type=1400 audit(330.950:30200): avc:  denied  { mount } for  pid=28593 comm="syz.5.10156" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  330.827052][   T29] audit: type=1400 audit(330.950:30201): avc:  denied  { read write } for  pid=28593 comm="syz.5.10156" name="loop5" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  330.849793][   T29] audit: type=1400 audit(330.950:30202): avc:  denied  { open } for  pid=28593 comm="syz.5.10156" path="/dev/loop5" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  330.872823][   T29] audit: type=1400 audit(330.961:30203): avc:  denied  { mounton } for  pid=28601 comm="syz.3.10160" path="/716/file0" dev="tmpfs" ino=3733 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  330.895284][   T29] audit: type=1400 audit(330.961:30204): avc:  denied  { mount } for  pid=28601 comm="syz.3.10160" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  330.919319][T28578] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.926565][T28578] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.933835][T28578] bridge_slave_0: entered allmulticast mode
[  330.948845][T28578] bridge_slave_0: entered promiscuous mode
[  330.959410][T28578] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.966572][T28578] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.978336][T28578] bridge_slave_1: entered allmulticast mode
[  330.988597][T28578] bridge_slave_1: entered promiscuous mode
[  331.002092][T28609] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10161'.
[  331.035585][T28578] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  331.053117][T28578] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  331.083170][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.086984][T28578] team0: Port device team_slave_0 added
[  331.100612][T28578] team0: Port device team_slave_1 added
[  331.128881][T28578] batman_adv: batadv0: Adding interface: batadv_slave_0
[  331.135973][T28578] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.162042][T28578] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  331.176132][T28578] batman_adv: batadv0: Adding interface: batadv_slave_1
[  331.183222][T28578] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.209173][T28578] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  331.258507][T28578] hsr_slave_0: entered promiscuous mode
[  331.264466][T28578] hsr_slave_1: entered promiscuous mode
[  331.270299][T28578] debugfs: 'hsr0' already exists in 'hsr'
[  331.276086][T28578] Cannot create hsr debugfs directory
[  331.331868][T28578] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  331.365249][T28627] netlink: 14748 bytes leftover after parsing attributes in process `syz.3.10168'.
[  331.377988][T28578] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  331.454536][T28578] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  331.477249][T28634] netlink: 20 bytes leftover after parsing attributes in process `syz.5.10171'.
[  331.478346][T28635] loop3: detected capacity change from 0 to 128
[  331.487154][T28634] netlink: 60 bytes leftover after parsing attributes in process `syz.5.10171'.
[  331.512077][T28578] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  331.573751][T28578] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  331.590976][T28578] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  331.604430][T28578] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  331.617413][T28578] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  331.692078][T28578] 8021q: adding VLAN 0 to HW filter on device bond0
[  331.712292][T28578] 8021q: adding VLAN 0 to HW filter on device team0
[  331.723946][ T3619] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.731031][ T3619] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.745755][ T3619] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.752839][ T3619] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.848530][T28578] 8021q: adding VLAN 0 to HW filter on device batadv0
[  332.042607][T28578] veth0_vlan: entered promiscuous mode
[  332.050357][T28578] veth1_vlan: entered promiscuous mode
[  332.065364][T28578] veth0_macvtap: entered promiscuous mode
[  332.072339][T28578] veth1_macvtap: entered promiscuous mode
[  332.083223][T28578] batman_adv: batadv0: Interface activated: batadv_slave_0
[  332.095704][T28578] batman_adv: batadv0: Interface activated: batadv_slave_1
[  332.106780][ T3627] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  332.115971][ T3627] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  332.125386][ T3627] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  332.135914][ T3627] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  332.367979][    T9] usb usb8-port1: unable to enumerate USB device
[  332.398028][T28686] loop5: detected capacity change from 0 to 2048
[  332.418269][T28686] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  332.472426][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  332.868484][T28717] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10196'.
[  333.092968][T28731] netlink: 28 bytes leftover after parsing attributes in process `syz.6.10203'.
[  333.102103][T28731] netlink: 32 bytes leftover after parsing attributes in process `syz.6.10203'.
[  333.111173][T28731] netlink: 28 bytes leftover after parsing attributes in process `syz.6.10203'.
[  333.120630][ T5963] usb usb6-port1: attempt power cycle
[  333.256129][T28742] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  333.256822][T28741] IPVS: stopping master sync thread 28742 ...
[  333.435576][T28754] loop4: detected capacity change from 0 to 128
[  333.483185][T28757] pim6reg1: entered promiscuous mode
[  333.488575][T28757] pim6reg1: entered allmulticast mode
[  333.964519][T28769] loop5: detected capacity change from 0 to 512
[  333.971811][T28769] EXT4-fs: Ignoring removed nobh option
[  333.977609][T28769] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  333.988796][T28769] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.10220: iget: bad i_size value: 38620345925642
[  334.002745][T28769] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.10220: couldn't read orphan inode 15 (err -117)
[  334.015125][T28769] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.034394][T28769] EXT4-fs error (device loop5): ext4_check_all_de:659: inode #12: block 7: comm syz.5.10220: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4278190093, rec_len=255, size=124 fake=0
[  334.064495][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.119092][T28775] loop5: detected capacity change from 0 to 512
[  334.131799][T28775] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.149230][T28775] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.10222: corrupted inode contents
[  334.161350][T28775] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #2: comm syz.5.10222: mark_inode_dirty error
[  334.182664][T28775] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.10222: corrupted inode contents
[  334.194683][T28775] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.10222: mark_inode_dirty error
[  334.218107][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.285774][T28786] bridge: RTM_NEWNEIGH with invalid ether address
[  334.314090][T28788] loop5: detected capacity change from 0 to 164
[  334.326382][T28788] syz.5.10227: attempt to access beyond end of device
[  334.326382][T28788] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  334.340520][T28788] syz.5.10227: attempt to access beyond end of device
[  334.340520][T28788] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  334.358242][T28788] syz.5.10227: attempt to access beyond end of device
[  334.358242][T28788] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  334.484765][T28793] syzkaller0: refused to change device tx_queue_len
[  334.838604][T28809] loop5: detected capacity change from 0 to 512
[  334.854722][ T5963] usb usb6-port1: unable to enumerate USB device
[  334.856753][T28809] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  334.861446][T28625] vhci_hcd: invalid port number 96
[  334.869478][T28809] EXT4-fs (loop5): orphan cleanup on readonly fs
[  334.874363][T28625] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  334.880969][T28809] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  334.903814][T28809] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  334.911263][T28809] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.10236: bg 0: block 40: padding at end of block bitmap is not set
[  334.927580][T28809] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  334.936656][T28809] EXT4-fs (loop5): 1 truncate cleaned up
[  334.956019][T28809] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  335.009708][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.476516][   T29] kauditd_printk_skb: 1080 callbacks suppressed
[  335.476530][   T29] audit: type=1400 audit(335.968:31284): avc:  denied  { prog_load } for  pid=28853 comm="syz.5.10257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  335.501676][   T29] audit: type=1400 audit(335.968:31285): avc:  denied  { bpf } for  pid=28853 comm="syz.5.10257" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  335.521934][   T29] audit: type=1400 audit(335.968:31286): avc:  denied  { perfmon } for  pid=28853 comm="syz.5.10257" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  335.542501][   T29] audit: type=1400 audit(335.968:31287): avc:  denied  { prog_run } for  pid=28853 comm="syz.5.10257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  335.563246][   T29] audit: type=1400 audit(336.021:31288): avc:  denied  { create } for  pid=28853 comm="syz.5.10257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  335.583549][   T29] audit: type=1400 audit(336.021:31289): avc:  denied  { write } for  pid=28853 comm="syz.5.10257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  335.603894][   T29] audit: type=1400 audit(336.042:31290): avc:  denied  { prog_load } for  pid=28853 comm="syz.5.10257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  335.622652][   T29] audit: type=1400 audit(336.042:31291): avc:  denied  { bpf } for  pid=28853 comm="syz.5.10257" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  335.642819][   T29] audit: type=1400 audit(336.042:31292): avc:  denied  { write } for  pid=28853 comm="syz.5.10257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  335.663215][   T29] audit: type=1400 audit(336.052:31293): avc:  denied  { read write } for  pid=27979 comm="syz-executor" name="loop5" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  335.904118][T28872] netlink: zone id is out of range
[  335.911458][T28872] netlink: zone id is out of range
[  335.916607][T28872] netlink: zone id is out of range
[  335.936765][T28872] netlink: zone id is out of range
[  335.984932][T28879] vlan2: entered allmulticast mode
[  335.990560][T28879] dummy0: entered allmulticast mode
[  336.345127][T28900] loop4: detected capacity change from 0 to 4096
[  336.358694][T28900] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  336.446084][T28578] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.611296][T28921] __nla_validate_parse: 1 callbacks suppressed
[  336.611366][T28921] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10287'.
[  336.730465][   T23] usb usb6-port1: attempt power cycle
[  336.871643][T28942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.880260][T28942] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  337.235548][T28961] loop5: detected capacity change from 0 to 164
[  337.253638][T28961] syz.5.10303: attempt to access beyond end of device
[  337.253638][T28961] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  337.267955][T28961] syz.5.10303: attempt to access beyond end of device
[  337.267955][T28961] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  337.591553][T28983] netlink: 96 bytes leftover after parsing attributes in process `syz.5.10314'.
[  337.849726][T29006] loop5: detected capacity change from 0 to 2048
[  337.867276][T29006] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.022369][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.428137][T29040] bridge: RTM_NEWNEIGH with invalid ether address
[  338.492372][T29046] netlink: 'syz.5.10342': attribute type 1 has an invalid length.
[  338.500318][T29046] netlink: 198116 bytes leftover after parsing attributes in process `syz.5.10342'.
[  338.502258][   T23] usb usb6-port1: unable to enumerate USB device
[  338.601303][T19467] block device autoloading is deprecated and will be removed.
[  338.618782][T29050] sctp: [Deprecated]: syz.6.10344 (pid 29050) Use of int in maxseg socket option.
[  338.618782][T29050] Use struct sctp_assoc_value instead
[  338.650455][T29054] IPVS: Error connecting to the multicast addr
[  338.993370][T29085] netlink: 'syz.6.10360': attribute type 2 has an invalid length.
[  339.010982][T29086] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10361'.
[  339.129517][T29098] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  339.156293][T29098] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  339.308644][T29109] bridge0: port 3(syz_tun) entered blocking state
[  339.315196][T29109] bridge0: port 3(syz_tun) entered disabled state
[  339.324960][T29109] syz_tun: entered allmulticast mode
[  339.330902][T29109] syz_tun: entered promiscuous mode
[  339.337329][T29109] bridge0: port 3(syz_tun) entered blocking state
[  339.343907][T29109] bridge0: port 3(syz_tun) entered forwarding state
[  339.362676][T29109] syz_tun: left allmulticast mode
[  339.367744][T29109] syz_tun: left promiscuous mode
[  339.372865][T29109] bridge0: port 3(syz_tun) entered disabled state
[  339.379613][T29114] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10374'.
[  339.412615][T29109] bridge_slave_0: left allmulticast mode
[  339.418397][T29109] bridge_slave_0: left promiscuous mode
[  339.424069][T29109] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.437166][T29109] bridge_slave_1: left allmulticast mode
[  339.442834][T29109] bridge_slave_1: left promiscuous mode
[  339.448597][T29109] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.470710][T29109] bond0: (slave bond_slave_0): Releasing backup interface
[  339.487032][T29109] bond0: (slave bond_slave_1): Releasing backup interface
[  339.517274][T29109] team0: Port device team_slave_0 removed
[  339.535659][T29109] team0: Port device team_slave_1 removed
[  339.542694][T29109] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  339.550100][T29109] batman_adv: batadv0: Removing interface: batadv_slave_0
[  339.558925][T29109] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  339.566423][T29109] batman_adv: batadv0: Removing interface: batadv_slave_1
[  340.284965][   T29] kauditd_printk_skb: 1293 callbacks suppressed
[  340.284980][   T29] audit: type=1400 audit(341.018:32587): avc:  denied  { append } for  pid=29148 comm="syz.0.10388" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  340.362791][T29155] loop4: detected capacity change from 0 to 1024
[  340.366729][   T29] audit: type=1400 audit(341.049:32588): avc:  denied  { read write } for  pid=28578 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  340.392447][T29155] EXT4-fs: Ignoring removed orlov option
[  340.393007][   T29] audit: type=1400 audit(341.049:32589): avc:  denied  { open } for  pid=28578 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  340.422196][   T29] audit: type=1400 audit(341.049:32590): avc:  denied  { ioctl } for  pid=28578 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  340.447446][   T29] audit: type=1400 audit(341.091:32591): avc:  denied  { read write } for  pid=29154 comm="syz.4.10390" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  340.471114][   T29] audit: type=1400 audit(341.091:32592): avc:  denied  { open } for  pid=29154 comm="syz.4.10390" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  340.494770][   T29] audit: type=1400 audit(341.091:32593): avc:  denied  { ioctl } for  pid=29154 comm="syz.4.10390" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  340.577990][T29155] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  340.643182][   T29] audit: type=1400 audit(341.091:32594): avc:  denied  { mounton } for  pid=29154 comm="syz.4.10390" path="/47/file1" dev="tmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  340.665312][   T29] audit: type=1400 audit(341.343:32595): avc:  denied  { mount } for  pid=29154 comm="syz.4.10390" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  340.686712][   T29] audit: type=1400 audit(341.343:32596): avc:  denied  { read write } for  pid=29154 comm="syz.4.10390" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  340.744906][T29155] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.10390: bg 0: block 88: padding at end of block bitmap is not set
[  340.761512][T29161] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10391'.
[  340.772889][T29161] smc: net device bond0 applied user defined pnetid SYZ
[  340.828282][T28578] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.862233][ T5963] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  340.869690][ T5963] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  340.877186][ T5963] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  340.884628][ T5963] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  340.892005][ T5963] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  340.899415][ T5963] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  340.906819][ T5963] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  340.914279][ T5963] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  340.921661][ T5963] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  340.929178][ T5963] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  341.000228][T29165] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10392'.
[  341.047495][ T5963] hid-generic 0000:0000:0000.001F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  341.062232][T29165] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10392'.
[  341.095761][T29172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10396'.
[  341.147064][T29172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10396'.
[  341.440435][T29197] __nla_validate_parse: 1 callbacks suppressed
[  341.440448][T29197] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10408'.
[  341.479066][T29204] netlink: 'syz.3.10411': attribute type 10 has an invalid length.
[  341.489052][T29204] team0 (unregistering): Port device team_slave_0 removed
[  341.498411][T29204] team0 (unregistering): Port device team_slave_1 removed
[  341.520491][T29202] SELinux: failed to load policy
[  341.684819][T29217] sd 0:0:1:0: device reset
[  341.802223][T29229] pim6reg: entered allmulticast mode
[  341.817500][T29229] pim6reg: left allmulticast mode
[  341.939749][T29243] loop3: detected capacity change from 0 to 128
[  342.083911][ T5958] usb usb8-port1: attempt power cycle
[  342.099018][T29253] dummy0: entered promiscuous mode
[  342.104453][T29253] macsec1: entered allmulticast mode
[  342.110560][T29253] dummy0: entered allmulticast mode
[  342.118169][T29253] dummy0: left allmulticast mode
[  342.123235][T29253] dummy0: left promiscuous mode
[  342.148805][T29256] syzkaller1: entered promiscuous mode
[  342.154376][T29256] syzkaller1: entered allmulticast mode
[  342.197023][ T3619] kworker/u8:28: attempt to access beyond end of device
[  342.197023][ T3619] loop3: rw=1, sector=145, nr_sectors = 16 limit=128
[  342.224251][ T3619] kworker/u8:28: attempt to access beyond end of device
[  342.224251][ T3619] loop3: rw=1, sector=169, nr_sectors = 8 limit=128
[  342.254190][ T3619] kworker/u8:28: attempt to access beyond end of device
[  342.254190][ T3619] loop3: rw=1, sector=185, nr_sectors = 8 limit=128
[  342.313983][ T3619] kworker/u8:28: attempt to access beyond end of device
[  342.313983][ T3619] loop3: rw=1, sector=201, nr_sectors = 8 limit=128
[  342.328405][ T3619] kworker/u8:28: attempt to access beyond end of device
[  342.328405][ T3619] loop3: rw=1, sector=217, nr_sectors = 8 limit=128
[  342.358414][T29265] SELinux: ebitmap: truncated map
[  342.367228][T29265] SELinux: failed to load policy
[  342.372970][ T3619] kworker/u8:28: attempt to access beyond end of device
[  342.372970][ T3619] loop3: rw=1, sector=233, nr_sectors = 8 limit=128
[  342.391050][ T3619] kworker/u8:28: attempt to access beyond end of device
[  342.391050][ T3619] loop3: rw=1, sector=249, nr_sectors = 8 limit=128
[  342.406051][ T3619] kworker/u8:28: attempt to access beyond end of device
[  342.406051][ T3619] loop3: rw=1, sector=265, nr_sectors = 8 limit=128
[  342.435863][ T3619] kworker/u8:28: attempt to access beyond end of device
[  342.435863][ T3619] loop3: rw=1, sector=281, nr_sectors = 8 limit=128
[  342.450562][ T3619] kworker/u8:28: attempt to access beyond end of device
[  342.450562][ T3619] loop3: rw=1, sector=297, nr_sectors = 8 limit=128
[  342.893654][T29287] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10450'.
[  342.934722][T29293] pim6reg1: entered promiscuous mode
[  342.940045][T29293] pim6reg1: entered allmulticast mode
[  343.123926][T29311] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10461'.
[  343.372102][T29333] loop4: detected capacity change from 0 to 1024
[  343.391750][T29333] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  343.449781][T28578] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.671076][T29362] loop3: detected capacity change from 0 to 512
[  343.762995][T29372] loop4: detected capacity change from 0 to 1024
[  343.777174][T29372] EXT4-fs: Ignoring removed nomblk_io_submit option
[  343.781020][T29371] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10486'.
[  343.811809][T29372] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.884349][ T5958] usb usb8-port1: unable to enumerate USB device
[  343.904785][T28578] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.936822][T29384] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10492'.
[  344.080231][T29403] loop4: detected capacity change from 0 to 512
[  344.089493][T29403] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  344.101802][T29403] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.10501: invalid indirect mapped block 83886080 (level 1)
[  344.116631][T29403] EXT4-fs (loop4): Remounting filesystem read-only
[  344.123361][T29403] EXT4-fs (loop4): 1 orphan inode deleted
[  344.129171][T29403] EXT4-fs (loop4): 1 truncate cleaned up
[  344.135848][T29403] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  344.234670][T28578] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.787188][T29447] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10518'.
[  344.864664][T29449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10518'.
[  344.945798][T29453] netlink: 332 bytes leftover after parsing attributes in process `syz.6.10520'.
[  345.115103][   T29] kauditd_printk_skb: 1467 callbacks suppressed
[  345.115116][   T29] audit: type=1400 audit(346.088:34064): avc:  denied  { create } for  pid=29465 comm="syz.6.10525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  345.144171][   T29] audit: type=1400 audit(346.109:34065): avc:  denied  { setopt } for  pid=29465 comm="syz.6.10525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  345.163426][   T29] audit: type=1400 audit(346.109:34066): avc:  denied  { bind } for  pid=29465 comm="syz.6.10525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  345.182437][   T29] audit: type=1400 audit(346.109:34067): avc:  denied  { name_bind } for  pid=29465 comm="syz.6.10525" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  345.203968][   T29] audit: type=1400 audit(346.109:34068): avc:  denied  { node_bind } for  pid=29465 comm="syz.6.10525" saddr=::1 src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  345.225342][   T29] audit: type=1400 audit(346.162:34069): avc:  denied  { setopt } for  pid=29465 comm="syz.6.10525" laddr=::1 lport=20004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  345.246475][   T29] audit: type=1400 audit(346.183:34070): avc:  denied  { write } for  pid=29465 comm="syz.6.10525" laddr=::1 lport=20004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  345.267519][   T29] audit: type=1400 audit(346.183:34071): avc:  denied  { connect } for  pid=29465 comm="syz.6.10525" laddr=::1 lport=20004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  345.288658][   T29] audit: type=1400 audit(346.183:34072): avc:  denied  { name_connect } for  pid=29465 comm="syz.6.10525" dest=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  345.335198][   T29] audit: type=1400 audit(346.319:34073): avc:  denied  { map_create } for  pid=29470 comm="syz.0.10528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  346.356508][T29518] pim6reg1: entered promiscuous mode
[  346.360775][   T23] usb usb8-port1: attempt power cycle
[  346.361846][T29518] pim6reg1: entered allmulticast mode
[  347.172368][T29551] netlink: 332 bytes leftover after parsing attributes in process `syz.3.10560'.
[  347.213432][T29555] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10571'.
[  347.366894][T29559] 8021q: adding VLAN 0 to HW filter on device team0
[  347.376217][T29559] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  347.695695][T29575] netlink: 332 bytes leftover after parsing attributes in process `syz.0.10572'.
[  347.727354][T29578] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10573'.
[  347.758999][T29578] sch_tbf: burst 88 is lower than device veth5 mtu (1514) !
[  347.894610][T29591] pim6reg1: entered promiscuous mode
[  347.900014][T29591] pim6reg1: entered allmulticast mode
[  347.916017][T29592] syzkaller1: entered promiscuous mode
[  347.921627][T29592] syzkaller1: entered allmulticast mode
[  348.015105][T29599] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10582'.
[  348.042108][T29599] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10582'.
[  348.089851][T29610] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10586'.
[  348.131893][T29612] sit0: entered allmulticast mode
[  348.140615][T29612] sit0: entered promiscuous mode
[  348.142123][   T23] usb usb8-port1: unable to enumerate USB device
[  348.209610][T29620] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10590'.
[  348.243553][T29623] loop4: detected capacity change from 0 to 2048
[  348.276030][T29623] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.339224][T29632] loop5: detected capacity change from 0 to 164
[  348.375602][T29636] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10597'.
[  348.424035][T29639] syzkaller1: entered promiscuous mode
[  348.429571][T29639] syzkaller1: entered allmulticast mode
[  348.462829][T29641] loop5: detected capacity change from 0 to 128
[  348.535950][T28578] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.608637][T29649] syzkaller1: entered promiscuous mode
[  348.614152][T29649] syzkaller1: entered allmulticast mode
[  348.898553][T29666] bridge0: port 3(syz_tun) entered blocking state
[  348.902394][T29664] loop5: detected capacity change from 0 to 512
[  348.905154][T29666] bridge0: port 3(syz_tun) entered disabled state
[  348.921941][T29664] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  348.948249][T29664] EXT4-fs (loop5): 1 truncate cleaned up
[  348.959696][T29666] syz_tun: entered allmulticast mode
[  348.964489][T29664] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.988320][T29666] syz_tun: entered promiscuous mode
[  348.995147][T29666] bridge0: port 3(syz_tun) entered blocking state
[  349.001714][T29666] bridge0: port 3(syz_tun) entered forwarding state
[  349.011221][T29668] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10608'.
[  349.040617][T29674] syz_tun: left allmulticast mode
[  349.045717][T29674] syz_tun: left promiscuous mode
[  349.050762][T29674] bridge0: port 3(syz_tun) entered disabled state
[  349.067317][T29664] sg_write: data in/out 11329/120 bytes for SCSI command 0x0-- guessing data in;
[  349.067317][T29664]    program syz.5.10609 not setting count and/or reply_len properly
[  349.124956][T29674] bridge_slave_0: left allmulticast mode
[  349.130670][T29674] bridge_slave_0: left promiscuous mode
[  349.136432][T29674] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.145743][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.159370][T29674] bridge_slave_1: left allmulticast mode
[  349.165247][T29674] bridge_slave_1: left promiscuous mode
[  349.171123][T29674] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.193363][T29674] team0: Port device team_slave_0 removed
[  349.203389][T29674] team0: Port device team_slave_1 removed
[  349.238597][T29678] loop3: detected capacity change from 0 to 2048
[  349.275704][T29678] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.434096][T29690] 8021q: adding VLAN 0 to HW filter on device bond1
[  349.473998][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.495416][T29690] vlan2: entered allmulticast mode
[  349.500588][T29690] bond1: entered allmulticast mode
[  349.509816][T29694] sctp: [Deprecated]: syz.5.10621 (pid 29694) Use of struct sctp_assoc_value in delayed_ack socket option.
[  349.509816][T29694] Use struct sctp_sack_info instead
[  349.612069][T29705] netlink: zone id is out of range
[  349.623758][T29705] netlink: zone id is out of range
[  349.629315][T29705] netlink: del zone limit has 8 unknown bytes
[  350.371619][    T9] usb usb8-port1: attempt power cycle
[  352.114268][    T9] usb usb8-port1: unable to enumerate USB device
[  352.161147][   T29] kauditd_printk_skb: 904 callbacks suppressed
[  352.161197][   T29] audit: type=1400 audit(353.479:34978): avc:  denied  { prog_load } for  pid=29712 comm="syz.5.10628" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  352.186117][   T29] audit: type=1400 audit(353.479:34979): avc:  denied  { bpf } for  pid=29712 comm="syz.5.10628" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  352.206385][   T29] audit: type=1400 audit(353.479:34980): avc:  denied  { perfmon } for  pid=29712 comm="syz.5.10628" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  352.227054][   T29] audit: type=1400 audit(353.479:34981): avc:  denied  { bpf } for  pid=29713 comm="syz.3.10629" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  352.247505][   T29] audit: type=1400 audit(353.479:34982): avc:  denied  { prog_run } for  pid=29712 comm="syz.5.10628" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  352.266135][   T29] audit: type=1400 audit(353.479:34983): avc:  denied  { watch watch_reads } for  pid=29709 comm="syz.6.10626" path="/383" dev="tmpfs" ino=1985 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  352.301451][   T29] audit: type=1400 audit(353.532:34984): avc:  denied  { name_bind } for  pid=29707 comm="syz.4.10636" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  352.322787][   T29] audit: type=1400 audit(353.532:34985): avc:  denied  { node_bind } for  pid=29707 comm="syz.4.10636" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  352.343978][T29715] netlink: 'syz.5.10628': attribute type 2 has an invalid length.
[  352.368826][   T29] audit: type=1400 audit(353.689:34986): avc:  denied  { prog_load } for  pid=29708 comm="syz.0.10627" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  352.387606][   T29] audit: type=1400 audit(353.689:34987): avc:  denied  { bpf } for  pid=29708 comm="syz.0.10627" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  352.498447][T29726] __nla_validate_parse: 2 callbacks suppressed
[  352.498462][T29726] netlink: 100 bytes leftover after parsing attributes in process `syz.4.10631'.
[  352.597156][T29730] loop5: detected capacity change from 0 to 128
[  352.799721][T29738] sit0: entered allmulticast mode
[  352.812378][T29738] sit0: entered promiscuous mode
[  352.920263][T29754] netlink: 'syz.3.10642': attribute type 83 has an invalid length.
[  353.212194][T29779] loop3: detected capacity change from 0 to 1024
[  353.240945][T29779] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.467740][T29779] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  353.536596][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.659613][T29806] loop3: detected capacity change from 0 to 2368
[  353.677391][T29806] iso9660: Bad value for 'check'
[  353.738867][T29806] netlink: 'syz.3.10665': attribute type 10 has an invalid length.
[  353.753147][T29806] ipvlan0: entered allmulticast mode
[  353.758507][T29806] veth0_vlan: entered allmulticast mode
[  353.837946][T29819] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10672'.
[  353.860360][T29819] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10672'.
[  353.969545][T29826] netlink: 24 bytes leftover after parsing attributes in process `syz.6.10675'.
[  354.011660][T29827] netlink: 14593 bytes leftover after parsing attributes in process `syz.4.10676'.
[  354.050293][T29829] netlink: 'syz.3.10677': attribute type 3 has an invalid length.
[  354.161969][T29837] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=29837 comm=syz.3.10681
[  354.174662][T29837] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=29837 comm=syz.3.10681
[  354.401115][T29857] loop5: detected capacity change from 0 to 1024
[  354.448991][T29857] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.470561][T29864] bridge: RTM_NEWNEIGH with invalid ether address
[  354.478967][T29866] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=29866 comm=syz.3.10694
[  354.567107][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.579913][T29872] loop3: detected capacity change from 0 to 512
[  354.619681][T29872] EXT4-fs: Ignoring removed mblk_io_submit option
[  354.635098][T29872] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  354.655283][T29872] EXT4-fs (loop3): 1 truncate cleaned up
[  354.663678][T29872] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  354.688289][T29882] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10702'.
[  354.731258][T29882] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10702'.
[  355.624172][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.803120][T29947] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10729'.
[  355.920278][T29955] netlink: 84 bytes leftover after parsing attributes in process `syz.3.10733'.
[  355.929386][T29955] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10733'.
[  356.371735][    T9] usb usb2-port1: attempt power cycle
[  356.914235][T29980] bridge0: port 3(syz_tun) entered blocking state
[  356.920759][T29980] bridge0: port 3(syz_tun) entered disabled state
[  356.928918][T29980] syz_tun: entered allmulticast mode
[  356.932214][   T29] kauditd_printk_skb: 1310 callbacks suppressed
[  356.932227][   T29] audit: type=1326 audit(358.487:36298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29979 comm="syz.0.10744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1054abebe9 code=0x7ffc0000
[  356.935248][T29980] syz_tun: entered promiscuous mode
[  356.964605][   T29] audit: type=1326 audit(358.497:36299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29979 comm="syz.0.10744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1054abebe9 code=0x7ffc0000
[  356.970324][ T3412] usb usb8-port1: attempt power cycle
[  356.991814][   T29] audit: type=1326 audit(358.497:36300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29979 comm="syz.0.10744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1054abebe9 code=0x7ffc0000
[  356.991840][   T29] audit: type=1326 audit(358.497:36301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29979 comm="syz.0.10744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f1054abebe9 code=0x7ffc0000
[  356.991860][   T29] audit: type=1326 audit(358.497:36302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29979 comm="syz.0.10744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1054abebe9 code=0x7ffc0000
[  356.999459][T29980] bridge0: port 3(syz_tun) entered blocking state
[  357.020290][   T29] audit: type=1326 audit(358.497:36303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29979 comm="syz.0.10744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f1054abebe9 code=0x7ffc0000
[  357.043294][T29980] bridge0: port 3(syz_tun) entered forwarding state
[  357.066322][   T29] audit: type=1326 audit(358.497:36304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29979 comm="syz.0.10744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1054abebe9 code=0x7ffc0000
[  357.125360][   T29] audit: type=1326 audit(358.497:36305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29979 comm="syz.0.10744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1054abebe9 code=0x7ffc0000
[  357.162144][   T29] audit: type=1400 audit(358.728:36306): avc:  denied  { read write } for  pid=19467 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  357.186002][   T29] audit: type=1400 audit(358.728:36307): avc:  denied  { open } for  pid=19467 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  357.213439][T29980] syz_tun: left allmulticast mode
[  357.218489][T29980] syz_tun: left promiscuous mode
[  357.223637][T29980] bridge0: port 3(syz_tun) entered disabled state
[  357.241443][T29980] bridge_slave_0: left allmulticast mode
[  357.243706][T29986] loop3: detected capacity change from 0 to 1024
[  357.247133][T29980] bridge_slave_0: left promiscuous mode
[  357.259183][T29980] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.269836][T29980] bridge_slave_1: left allmulticast mode
[  357.270116][T29986] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  357.275554][T29980] bridge_slave_1: left promiscuous mode
[  357.275844][T29980] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.303382][T29980] bond0: (slave bond_slave_0): Releasing backup interface
[  357.303461][T29986] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.10747: lblock 3 mapped to illegal pblock 3 (length 3)
[  357.326341][T29986] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  357.338813][T29986] EXT4-fs (loop3): This should not happen!! Data will be lost
[  357.338813][T29986] 
[  357.349082][T29980] bond0: (slave bond_slave_1): Releasing backup interface
[  357.360026][T29986] EXT4-fs error (device loop3): ext4_ext_remove_space:2955: inode #15: comm syz.3.10747: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  357.378385][T29986] EXT4-fs error (device loop3) in ext4_setattr:6071: Corrupt filesystem
[  357.380949][T29980] team0: Port device team_slave_0 removed
[  357.388239][T29986] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: comm syz.3.10747: lblock 0 mapped to illegal pblock 0 (length 1)
[  357.406074][T29986] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  357.408018][T29980] team0: Port device team_slave_1 removed
[  357.418423][T29986] EXT4-fs (loop3): This should not happen!! Data will be lost
[  357.418423][T29986] 
[  357.435555][T29980] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  357.443121][T29980] batman_adv: batadv0: Removing interface: batadv_slave_0
[  357.451307][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  357.452363][T29980] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  357.467692][T29980] batman_adv: batadv0: Removing interface: batadv_slave_1
[  357.493886][T29984] vlan3: entered allmulticast mode
[  357.531078][T29991] wg2: entered promiscuous mode
[  357.536120][T29991] wg2: entered allmulticast mode
[  357.553902][T29993] __nla_validate_parse: 8 callbacks suppressed
[  357.553919][T29993] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10749'.
[  357.633810][T30000] loop3: detected capacity change from 0 to 512
[  357.641670][T30000] EXT4-fs: Ignoring removed i_version option
[  357.647691][T30000] EXT4-fs: Ignoring removed nobh option
[  357.655410][T30000] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  357.682695][T30000] EXT4-fs (loop3): 1 truncate cleaned up
[  357.696128][T30000] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.759117][T30010] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30010 comm=syz.0.10756
[  357.785505][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.797099][T30010] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10756'.
[  357.833817][T30013] sd 0:0:1:0: device reset
[  357.861907][T30015] loop5: detected capacity change from 0 to 2048
[  357.894343][T30015] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.903604][T30023] loop3: detected capacity change from 0 to 512
[  357.914897][T30023] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  357.936022][T30023] EXT4-fs (loop3): 1 truncate cleaned up
[  357.943843][T30023] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.944165][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.096234][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.200895][    T9] usb usb2-port1: unable to enumerate USB device
[  358.207377][T29880] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  358.220334][T29880] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  358.810824][ T3412] usb usb8-port1: unable to enumerate USB device
[  358.819478][T29912] hub 8-0:1.0: USB hub found
[  358.824233][T29912] hub 8-0:1.0: 8 ports detected
[  359.060394][T30105] infiniband syz1: set active
[  359.065135][T30105] infiniband syz1: added syz_tun
[  359.083696][T30105] RDS/IB: syz1: added
[  359.091583][T30105] smc: adding ib device syz1 with port count 1
[  359.106997][T30105] smc:    ib device syz1 port 1 has pnetid 
[  359.247191][T30127] netlink: 272 bytes leftover after parsing attributes in process `syz.5.10807'.
[  359.649077][T30153] sd 0:0:1:0: device reset
[  359.737381][T30149] netlink: 'syz.6.10818': attribute type 21 has an invalid length.
[  359.745496][T30149] netlink: 164 bytes leftover after parsing attributes in process `syz.6.10818'.
[  360.103362][T30184] netlink: 228 bytes leftover after parsing attributes in process `syz.3.10830'.
[  360.359959][T30192] block device autoloading is deprecated and will be removed.
[  360.412511][T30200] netlink: 'syz.0.10836': attribute type 1 has an invalid length.
[  360.420464][T30200] netlink: 'syz.0.10836': attribute type 4 has an invalid length.
[  360.428268][T30200] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.10836'.
[  360.439550][T30200] netlink: 'syz.0.10836': attribute type 1 has an invalid length.
[  360.447421][T30200] netlink: 'syz.0.10836': attribute type 4 has an invalid length.
[  360.455275][T30200] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.10836'.
[  360.494331][T30204] netlink: 'syz.3.10838': attribute type 12 has an invalid length.
[  360.562891][ T5958] usb usb8-port1: attempt power cycle
[  361.020652][T30230] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30230 comm=syz.4.10848
[  361.116340][T30236] netlink: 'syz.4.10850': attribute type 12 has an invalid length.
[  361.193070][T30239] loop4: detected capacity change from 0 to 128
[  361.231157][T30239] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  361.287709][T30239] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  361.359285][ T3606] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  361.465447][T30255] loop3: detected capacity change from 0 to 1024
[  361.491170][T30255] EXT4-fs: Ignoring removed nomblk_io_submit option
[  361.526876][T30257] atomic_op ffff888143b9d528 conn xmit_atomic 0000000000000000
[  361.548046][T30255] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  361.609545][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.625331][T30270] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10862'.
[  361.625526][T30268] bond1: entered promiscuous mode
[  361.634343][T30270] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10862'.
[  361.648327][T30268] bond1: entered allmulticast mode
[  361.653807][T30268] 8021q: adding VLAN 0 to HW filter on device bond1
[  361.670881][T30268] bond1 (unregistering): Released all slaves
[  361.679259][T30274] loop3: detected capacity change from 0 to 512
[  361.689371][T30274] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  361.697868][T30274] System zones: 1-12
[  361.702796][T30274] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.10866: corrupted in-inode xattr: e_value size too large
[  361.709211][   T29] kauditd_printk_skb: 1343 callbacks suppressed
[  361.709278][   T29] audit: type=1400 audit(363.495:37651): avc:  denied  { open } for  pid=30277 comm="syz.6.10867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  361.720197][T30274] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.10866: couldn't read orphan inode 15 (err -117)
[  361.723101][   T29] audit: type=1400 audit(363.495:37652): avc:  denied  { perfmon } for  pid=30277 comm="syz.6.10867" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  361.774675][   T29] audit: type=1400 audit(363.495:37653): avc:  denied  { kernel } for  pid=30277 comm="syz.6.10867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  361.796128][T30274] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  361.818379][   T29] audit: type=1400 audit(363.547:37654): avc:  denied  { perfmon } for  pid=30277 comm="syz.6.10867" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  361.838953][   T29] audit: type=1400 audit(363.547:37655): avc:  denied  { tracepoint } for  pid=30277 comm="syz.6.10867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  361.858463][   T29] audit: type=1400 audit(363.579:37656): avc:  denied  { allowed } for  pid=30277 comm="syz.6.10867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  361.877417][   T29] audit: type=1400 audit(363.589:37657): avc:  denied  { create } for  pid=30277 comm="syz.6.10867" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  361.898398][   T29] audit: type=1400 audit(363.600:37658): avc:  denied  { mount } for  pid=30273 comm="syz.3.10866" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  361.919727][   T29] audit: type=1400 audit(363.600:37659): avc:  denied  { read write } for  pid=30273 comm="syz.3.10866" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  361.943365][   T29] audit: type=1400 audit(363.600:37660): avc:  denied  { open } for  pid=30273 comm="syz.3.10866" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  362.142712][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.289132][T30299] netlink: 'syz.6.10874': attribute type 1 has an invalid length.
[  362.297072][T30299] netlink: 'syz.6.10874': attribute type 4 has an invalid length.
[  362.304874][T30299] netlink: 9462 bytes leftover after parsing attributes in process `syz.6.10874'.
[  362.314374][ T5958] usb usb8-port1: unable to enumerate USB device
[  362.333132][T30299] netlink: 'syz.6.10874': attribute type 1 has an invalid length.
[  362.341030][T30299] netlink: 9462 bytes leftover after parsing attributes in process `syz.6.10874'.
[  362.703545][T30331] loop5: detected capacity change from 0 to 256
[  363.013649][ T9334] hid_parser_main: 33 callbacks suppressed
[  363.013667][ T9334] hid-generic 0003:0004:0000.0020: unknown main item tag 0x0
[  363.026978][ T9334] hid-generic 0003:0004:0000.0020: unknown main item tag 0x0
[  363.034427][ T9334] hid-generic 0003:0004:0000.0020: unknown main item tag 0x0
[  363.047320][T30347] loop5: detected capacity change from 0 to 8192
[  363.063706][ T9334] hid-generic 0003:0004:0000.0020: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  363.073919][T30347] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  363.312170][T30368] loop5: detected capacity change from 0 to 128
[  363.335357][T30370] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  363.345930][T30368] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  363.353841][T30368] FAT-fs (loop5): Filesystem has been set read-only
[  363.368262][T30368] bio_check_eod: 101 callbacks suppressed
[  363.368275][T30368] syz.5.10906: attempt to access beyond end of device
[  363.368275][T30368] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  363.410659][T30368] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  363.418515][T30368] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  363.439206][T30368] syz.5.10906: attempt to access beyond end of device
[  363.439206][T30368] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  363.456406][T30368] syz.5.10906: attempt to access beyond end of device
[  363.456406][T30368] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  363.585570][T30383] loop5: detected capacity change from 0 to 1024
[  363.614327][T30383] EXT4-fs: inline encryption not supported
[  363.630293][T30383] EXT4-fs: Ignoring removed bh option
[  363.671090][T30383] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.763778][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.022611][T30411] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10921'.
[  364.043952][T30411] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10921'.
[  364.109653][T30413] loop5: detected capacity change from 0 to 2048
[  364.174153][T30413]  loop5: p1 < > p4
[  364.178515][T30413] loop5: p4 size 8388608 extends beyond EOD, truncated
[  364.353614][T30432] loop3: detected capacity change from 0 to 512
[  364.382036][T30432] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  364.436142][T30432] EXT4-fs (loop3): 1 truncate cleaned up
[  364.446100][T30432] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.540854][T30442] ref_ctr increment failed for inode: 0x8a6 offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff8881164dcac0
[  364.554990][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.566665][T30445] loop5: detected capacity change from 0 to 164
[  364.587591][T30440] uprobe: syz.6.10932:30440 failed to unregister, leaking uprobe
[  364.604012][T30445] syz.5.10931: attempt to access beyond end of device
[  364.604012][T30445] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  364.618931][T30445] syz.5.10931: attempt to access beyond end of device
[  364.618931][T30445] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  364.705309][T30454] bridge0: entered promiscuous mode
[  364.720741][T30454] macvtap1: entered allmulticast mode
[  364.726198][T30454] bridge0: entered allmulticast mode
[  364.742662][T30454] bridge0: port 1(macvtap1) entered blocking state
[  364.749318][T30454] bridge0: port 1(macvtap1) entered disabled state
[  364.759602][T30454] bridge0: left allmulticast mode
[  364.764796][T30454] bridge0: left promiscuous mode
[  364.785680][T30463] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  364.792239][T30463] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  364.799877][T30463] vhci_hcd vhci_hcd.0: Device attached
[  364.826282][T30467] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 0
[  364.834112][ T3606] vhci_hcd: stop threads
[  364.838363][ T3606] vhci_hcd: release socket
[  364.842879][ T3606] vhci_hcd: disconnect device
[  364.845939][T30464] infiniband syz!: set down
[  364.852109][T30464] infiniband syz!: added team_slave_0
[  364.864617][T30464] RDS/IB: syz!: added
[  364.868778][T30464] smc: adding ib device syz! with port count 1
[  364.875005][T30464] smc:    ib device syz! port 1 has pnetid 
[  365.591401][T30503] serio: Serial port ptm0
[  365.782448][T30522] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10956'.
[  365.973526][T30537] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10969'.
[  366.108878][T30549] netlink: 204 bytes leftover after parsing attributes in process `syz.3.10973'.
[  366.429900][T30575] validate_nla: 1 callbacks suppressed
[  366.429954][T30575] netlink: 'syz.3.10987': attribute type 1 has an invalid length.
[  366.446248][T30577] loop5: detected capacity change from 0 to 512
[  366.478294][   T29] kauditd_printk_skb: 1420 callbacks suppressed
[  366.478308][   T29] audit: type=1400 audit(368.503:39081): avc:  denied  { prog_load } for  pid=30579 comm="syz.0.10989" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  366.503368][   T29] audit: type=1400 audit(368.503:39082): avc:  denied  { bpf } for  pid=30579 comm="syz.0.10989" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  366.523600][   T29] audit: type=1400 audit(368.503:39083): avc:  denied  { mounton } for  pid=30576 comm="syz.5.10988" path="/251/file1" dev="tmpfs" ino=1331 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  366.609461][T30577] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.635353][   T29] audit: type=1400 audit(368.513:39084): avc:  denied  { prog_load } for  pid=30581 comm="syz.6.10990" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  366.636841][T30588] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10991'.
[  366.654121][   T29] audit: type=1400 audit(368.513:39085): avc:  denied  { bpf } for  pid=30581 comm="syz.6.10990" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  366.683248][   T29] audit: type=1400 audit(368.513:39086): avc:  denied  { map_create } for  pid=30581 comm="syz.6.10990" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  366.702024][   T29] audit: type=1400 audit(368.513:39087): avc:  denied  { bpf } for  pid=30581 comm="syz.6.10990" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  366.722249][   T29] audit: type=1400 audit(368.524:39088): avc:  denied  { map_read map_write } for  pid=30581 comm="syz.6.10990" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  366.741897][   T29] audit: type=1400 audit(368.524:39089): avc:  denied  { prog_load } for  pid=30581 comm="syz.6.10990" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  366.760609][   T29] audit: type=1400 audit(368.524:39090): avc:  denied  { perfmon } for  pid=30581 comm="syz.6.10990" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  366.811080][T30588] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10991'.
[  366.860593][T27979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.942864][T30604] bridge0: entered promiscuous mode
[  366.948200][T30604] macvtap1: entered allmulticast mode
[  366.953702][T30604] bridge0: entered allmulticast mode
[  366.959669][T30604] bridge0: port 1(macvtap1) entered blocking state
[  366.966603][T30604] bridge0: port 1(macvtap1) entered disabled state
[  366.976470][T30604] bridge0: left allmulticast mode
[  366.981508][T30604] bridge0: left promiscuous mode
[  367.051357][T30615] SELinux:  policydb magic number 0x4c5047 does not match expected magic number 0xf97cff8c
[  367.061560][T30615] SELinux: failed to load policy
[  367.139820][T30624] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11005'.
[  367.384609][T30644] loop4: detected capacity change from 0 to 512
[  367.392390][T30644] EXT4-fs: Ignoring removed orlov option
[  367.400656][T30644] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  367.413351][T30644] EXT4-fs (loop4): orphan cleanup on readonly fs
[  367.425275][T30646] serio: Serial port ptm0
[  367.430792][T30644] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.11016: bg 0: block 248: padding at end of block bitmap is not set
[  367.445575][T30644] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.11016: Failed to acquire dquot type 1
[  367.458187][T30644] EXT4-fs (loop4): 1 truncate cleaned up
[  367.464602][T30644] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  367.497063][T30644] EXT4-fs: Ignoring removed orlov option
[  367.503519][T30644] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  367.512765][T30644] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  367.535996][T30644] EXT4-fs error (device loop4): __ext4_remount:6740: comm syz.4.11016: Abort forced by user
[  367.546451][T30644] EXT4-fs (loop4): Remounting filesystem read-only
[  367.552973][T30644] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  367.585367][T28578] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.815520][T30678] netlink: 5 bytes leftover after parsing attributes in process `syz.6.11029'.
[  367.825172][T30678] 0{X功: renamed from gretap0 (while UP)
[  367.837814][T30678] 0{X功: entered allmulticast mode
[  367.845161][T30678] A link change request failed with some changes committed already. Interface 
30{X功 may have been left with an inconsistent configuration, please check.
[  367.936081][T30685] netem: incorrect ge model size
[  367.959960][T30690] serio: Serial port ptm0
[  368.389991][T30715] netlink: 5 bytes leftover after parsing attributes in process `syz.3.11044'.
[  368.400328][T30715] 0{X功: renamed from gretap0
[  368.413305][T30715] 0{X功: entered allmulticast mode
[  368.429847][T30715] A link change request failed with some changes committed already. Interface 
30{X功 may have been left with an inconsistent configuration, please check.
[  368.760071][T30742] netlink: 2028 bytes leftover after parsing attributes in process `syz.5.11055'.
[  368.769360][T30742] netlink: 24 bytes leftover after parsing attributes in process `syz.5.11055'.
[  369.110942][T30764] loop3: detected capacity change from 0 to 512
[  369.126812][T30764] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  369.158905][T30764] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  369.177615][T30764] System zones: 1-12
[  369.184281][T30764] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.11066: corrupted in-inode xattr: e_value size too large
[  369.215404][T30764] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.11066: couldn't read orphan inode 15 (err -117)
[  369.247147][T30764] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.268247][T30776] netlink: 12 bytes leftover after parsing attributes in process `syz.6.11071'.
[  369.348371][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.756934][T30805] loop3: detected capacity change from 0 to 2048
[  369.799308][T30805]  loop3: p2 p3 p7
[  369.858267][T30805] netlink: 36 bytes leftover after parsing attributes in process `syz.3.11083'.
[  369.889927][T30818] SELinux: failed to load policy
[  369.979776][T30824] tipc: Started in network mode
[  369.984875][T30824] tipc: Node identity 92bbd94da856, cluster identity 4711
[  369.992103][T30824] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  370.035645][T30824] tipc: Disabling bearer <eth:syzkaller0>
[  370.090577][T30835] netlink: 96 bytes leftover after parsing attributes in process `syz.0.11098'.
[  370.436581][T30857] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.518369][T30857] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.538799][T30865] loop5: detected capacity change from 0 to 164
[  370.553074][T30865] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  370.570206][T30865] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  370.579290][T30865] rock: directory entry would overflow storage
[  370.585517][T30865] rock: sig=0x4f50, size=4, remaining=3
[  370.591125][T30865] iso9660: Corrupted directory entry in block 4 of inode 1792
[  370.610215][T30857] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.674222][T30857] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.724738][ T3619] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  370.739107][ T3618] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  370.767560][ T3618] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  370.785822][T30881] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11116'.
[  370.806600][ T3618] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  370.924730][T30895] loop4: detected capacity change from 0 to 512
[  370.933096][T30895] EXT4-fs: Ignoring removed nobh option
[  370.943906][T30895] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.11125: iget: bad i_size value: 38620345925642
[  370.973159][T30895] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.11125: couldn't read orphan inode 15 (err -117)
[  370.985925][T30895] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  371.023338][T30900] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ0
[  371.032484][T30900] smc: net device bond0 erased user defined pnetid SYZ
[  371.039363][T30900] smc: ib device syz1 ibport 1 erased user defined pnetid SYZ0
[  371.117030][T30897] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  371.243634][T28578] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.255647][   T29] kauditd_printk_skb: 1800 callbacks suppressed
[  371.255722][   T29] audit: type=1400 audit(373.521:40889): avc:  denied  { read write } for  pid=28578 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  371.285819][   T29] audit: type=1400 audit(373.521:40890): avc:  denied  { open } for  pid=28578 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  371.317807][   T29] audit: type=1400 audit(373.521:40891): avc:  denied  { map_create } for  pid=30910 comm="syz.0.11130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  371.336704][   T29] audit: type=1400 audit(373.521:40892): avc:  denied  { perfmon } for  pid=30910 comm="syz.0.11130" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  371.357301][   T29] audit: type=1400 audit(373.531:40893): avc:  denied  { map_read map_write } for  pid=30910 comm="syz.0.11130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  371.377035][   T29] audit: type=1400 audit(373.531:40894): avc:  denied  { prog_load } for  pid=30910 comm="syz.0.11130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  371.395750][   T29] audit: type=1400 audit(373.531:40895): avc:  denied  { bpf } for  pid=30910 comm="syz.0.11130" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  371.415998][   T29] audit: type=1400 audit(373.531:40896): avc:  denied  { perfmon } for  pid=30910 comm="syz.0.11130" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  371.436525][   T29] audit: type=1400 audit(373.531:40897): avc:  denied  { prog_load } for  pid=30910 comm="syz.0.11130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  371.455274][   T29] audit: type=1400 audit(373.531:40898): avc:  denied  { prog_run } for  pid=30910 comm="syz.0.11130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  371.755258][T30938] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11142'.
[  371.770147][T30938] hsr_slave_0: left promiscuous mode
[  371.776848][T30938] hsr_slave_1: left promiscuous mode
[  372.066332][T30965] netlink: 36 bytes leftover after parsing attributes in process `syz.6.11153'.
[  372.124755][T30971] pim6reg: entered allmulticast mode
[  372.134383][T30971] pim6reg: left allmulticast mode
[  372.302465][T30983] loop3: detected capacity change from 0 to 1024
[  372.315750][T30983] EXT4-fs: Ignoring removed nobh option
[  372.319367][T30985] sd 0:0:1:0: device reset
[  372.322663][T30983] EXT4-fs: Ignoring removed bh option
[  372.353248][T30983] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.391047][T30983] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  372.427159][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.689215][T31013] netlink: 28 bytes leftover after parsing attributes in process `syz.3.11173'.
[  372.756152][T31021] loop4: detected capacity change from 0 to 1024
[  372.770807][T31021] EXT4-fs: Ignoring removed nobh option
[  372.777671][T31021] EXT4-fs: Ignoring removed bh option
[  372.804330][T31021] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.841931][T31021] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  372.862199][T31031] loop3: detected capacity change from 0 to 512
[  372.872825][T31031] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.11181: casefold flag without casefold feature
[  372.886814][T31031] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.11181: couldn't read orphan inode 15 (err -117)
[  372.905950][T31031] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.927636][T28578] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.988173][ T3357] Process accounting resumed
[  372.997055][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.135464][T31053] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11189'.
[  373.144695][T31053] hsr_slave_0: left promiscuous mode
[  373.150523][T31053] hsr_slave_1: left promiscuous mode
[  373.181980][T31059] netlink: 'syz.6.11191': attribute type 1 has an invalid length.
[  373.189891][T31059] netlink: 199820 bytes leftover after parsing attributes in process `syz.6.11191'.
[  373.304377][T31066] pimreg: entered allmulticast mode
[  373.322162][T31068] smc: net device bond0 applied user defined pnetid SYZ0
[  373.329403][T31066] pimreg: left allmulticast mode
[  373.341854][T31068] smc: net device bond0 erased user defined pnetid SYZ0
[  373.453819][T31082] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11204'.
[  373.468501][T31082] netem: change failed
[  373.852505][T31116] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11217'.
[  373.867528][T31116] netem: change failed
[  373.901861][ T5958] Process accounting resumed
[  374.075411][T31135] tipc: Started in network mode
[  374.080405][T31135] tipc: Node identity 4, cluster identity 4711
[  374.086611][T31135] tipc: Node number set to 4
[  374.131396][T31141] loop3: detected capacity change from 0 to 512
[  374.155431][T31141] EXT4-fs (loop3): orphan cleanup on readonly fs
[  374.172497][T31141] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.11229: bad orphan inode 13
[  374.204945][T31141] ext4_test_bit(bit=12, block=18) = 1
[  374.210352][T31141] is_bad_inode(inode)=0
[  374.214574][T31141] NEXT_ORPHAN(inode)=2130706432
[  374.219438][T31141] max_ino=32
[  374.222660][T31141] i_nlink=1
[  374.233540][T31141] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  374.315316][T19467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.454024][T31169] wireguard0: entered promiscuous mode
[  374.459689][T31169] wireguard0: entered allmulticast mode
[  374.876926][T31208] syzkaller0: entered promiscuous mode
[  374.882568][T31208] syzkaller0: entered allmulticast mode
[  374.913760][T31217] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  375.067562][T31230] tipc: New replicast peer: 100.1.1.1
[  375.073200][T31230] tipc: Enabled bearer <udp:syz2>, priority 10
[  375.212612][T31247] netlink: 'syz.0.11278': attribute type 4 has an invalid length.
[  375.254912][T31250] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11280'.
[  375.266776][T31252] netlink: 'syz.0.11278': attribute type 4 has an invalid length.
[  375.720291][T31297] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11301'.
[  375.732552][T31297] ip6gre1: entered allmulticast mode
[  375.745444][T31296] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.804507][T31296] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.861509][T31296] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.909635][T31314] rdma_op ffff88811b7a3d80 conn xmit_rdma 0000000000000000
[  375.910202][T31296] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.012626][ T3606] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  376.027585][   T29] kauditd_printk_skb: 2064 callbacks suppressed
[  376.027600][   T29] audit: type=1400 audit(378.539:42963): avc:  denied  { module_request } for  pid=31298 comm="syz.3.11302" kmod="block-major-0-0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  376.069211][ T3606] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  376.097003][T31330] gtp0: entered promiscuous mode
[  376.104506][   T29] audit: type=1400 audit(378.550:42964): avc:  denied  { map_create } for  pid=31325 comm="syz.0.11310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  376.123424][   T29] audit: type=1400 audit(378.550:42965): avc:  denied  { bpf } for  pid=31325 comm="syz.0.11310" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  376.143744][   T29] audit: type=1400 audit(378.550:42966): avc:  denied  { map_read map_write } for  pid=31325 comm="syz.0.11310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  376.154780][ T3606] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  376.163348][   T29] audit: type=1400 audit(378.550:42967): avc:  denied  { prog_load } for  pid=31325 comm="syz.0.11310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  376.163369][   T29] audit: type=1400 audit(378.550:42968): avc:  denied  { perfmon } for  pid=31325 comm="syz.0.11310" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  376.196574][ T3606] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  376.210704][   T29] audit: type=1400 audit(378.550:42969): avc:  denied  { prog_load } for  pid=31325 comm="syz.0.11310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  376.210729][   T29] audit: type=1400 audit(378.550:42970): avc:  denied  { bpf } for  pid=31325 comm="syz.0.11310" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  376.257786][   T29] audit: type=1400 audit(378.550:42971): avc:  denied  { perfmon } for  pid=31325 comm="syz.0.11310" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  376.268074][T31334] bridge0: port 1(gretap0) entered blocking state
[  376.278307][   T29] audit: type=1400 audit(378.550:42972): avc:  denied  { bpf } for  pid=31325 comm="syz.0.11310" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  376.305060][T31334] bridge0: port 1(gretap0) entered disabled state
[  376.313906][T31334] gretap0: entered allmulticast mode
[  376.319804][T31334] gretap0: entered promiscuous mode
[  376.328791][T31334] bridge0: port 1(gretap0) entered blocking state
[  376.335380][T31334] bridge0: port 1(gretap0) entered forwarding state
[  376.476655][T31348] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11317'.
[  376.527411][T31348] ip6gre1: entered allmulticast mode
[  376.687522][T31360] netlink: 96 bytes leftover after parsing attributes in process `syz.5.11322'.
[  376.850384][T31376] openvswitch: netlink: Message has 6 unknown bytes.
[  376.966202][T31392] loop4: detected capacity change from 0 to 128
[  376.987507][T31392] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  377.053796][T31398] loop5: detected capacity change from 0 to 128
[  377.080330][T31402] syz_tun: entered allmulticast mode
[  377.090889][T31402] pimreg: entered allmulticast mode
[  377.099579][T31400] syz_tun: left allmulticast mode
[  377.110916][T28578] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  377.509543][T31415] ==================================================================
[  377.517635][T31415] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  377.525447][T31415] 
[  377.527746][T31415] write to 0xffffea00042b1498 of 8 bytes by task 31419 on cpu 0:
[  377.535432][T31415]  __filemap_remove_folio+0x1a5/0x2a0
[  377.540780][T31415]  filemap_remove_folio+0x6d/0x1d0
[  377.545881][T31415]  truncate_inode_folio+0x42/0x50
[  377.550879][T31415]  shmem_undo_range+0x244/0xa80
[  377.555705][T31415]  shmem_fallocate+0x799/0x840
[  377.560441][T31415]  vfs_fallocate+0x3b6/0x400
[  377.565005][T31415]  __x64_sys_fallocate+0x7a/0xd0
[  377.569924][T31415]  x64_sys_call+0x2514/0x2ff0
[  377.574574][T31415]  do_syscall_64+0xd2/0x200
[  377.579054][T31415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.584920][T31415] 
[  377.587218][T31415] read to 0xffffea00042b1498 of 8 bytes by task 31415 on cpu 1:
[  377.594817][T31415]  folio_mapping+0xa1/0x120
[  377.599298][T31415]  move_folios_to_lru+0x128/0x6a0
[  377.604317][T31415]  evict_folios+0x3155/0x3520
[  377.608977][T31415]  try_to_shrink_lruvec+0x5b5/0x950
[  377.614168][T31415]  shrink_lruvec+0x22e/0x1b50
[  377.618816][T31415]  shrink_node+0x686/0x2120
[  377.623297][T31415]  do_try_to_free_pages+0x3f6/0xcd0
[  377.628469][T31415]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  377.634335][T31415]  try_charge_memcg+0x358/0x9e0
[  377.639157][T31415]  obj_cgroup_charge_pages+0xa6/0x150
[  377.644521][T31415]  __memcg_kmem_charge_page+0x9f/0x170
[  377.649958][T31415]  __alloc_frozen_pages_noprof+0x188/0x360
[  377.655758][T31415]  alloc_pages_mpol+0xb3/0x250
[  377.660498][T31415]  alloc_pages_noprof+0x90/0x130
[  377.665412][T31415]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  377.671203][T31415]  __kvmalloc_node_noprof+0x30f/0x4e0
[  377.676548][T31415]  ip_set_alloc+0x1f/0x30
[  377.680871][T31415]  hash_netiface_create+0x282/0x740
[  377.686049][T31415]  ip_set_create+0x3cc/0x960
[  377.690628][T31415]  nfnetlink_rcv_msg+0x4c3/0x590
[  377.695542][T31415]  netlink_rcv_skb+0x123/0x220
[  377.700281][T31415]  nfnetlink_rcv+0x16b/0x1690
[  377.704933][T31415]  netlink_unicast+0x5bd/0x690
[  377.709676][T31415]  netlink_sendmsg+0x58b/0x6b0
[  377.714412][T31415]  __sock_sendmsg+0x145/0x180
[  377.719066][T31415]  ____sys_sendmsg+0x31e/0x4e0
[  377.723800][T31415]  ___sys_sendmsg+0x17b/0x1d0
[  377.728448][T31415]  __x64_sys_sendmsg+0xd4/0x160
[  377.733289][T31415]  x64_sys_call+0x191e/0x2ff0
[  377.737941][T31415]  do_syscall_64+0xd2/0x200
[  377.742440][T31415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.748306][T31415] 
[  377.750616][T31415] value changed: 0xffff88811a42b070 -> 0x0000000000000000
[  377.757710][T31415] 
[  377.760022][T31415] Reported by Kernel Concurrency Sanitizer on:
[  377.766161][T31415] CPU: 1 UID: 0 PID: 31415 Comm: syz.3.11348 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  377.777590][T31415] Tainted: [W]=WARN
[  377.781364][T31415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  377.791393][T31415] ==================================================================
[  378.116874][T31415] syz.3.11348 (31415) used greatest stack depth: 6056 bytes left