last executing test programs:

3m2.39769859s ago: executing program 32 (id=122):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
r0 = socket(0x840000000002, 0x3, 0xff)
sendmmsg$inet(r0, &(0x7f0000000240)=[{{&(0x7f00000007c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x34}}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e1504511602000000", 0x13}, {&(0x7f0000000800)="17", 0x1}], 0x2}}], 0x1, 0x4004044)

2m59.203397666s ago: executing program 33 (id=200):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

2m50.333854933s ago: executing program 34 (id=373):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x74, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x44, 0x2, {{0xa}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0xa, 0x1, {0x10}}]}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x74}}, 0x0)

2m48.705761051s ago: executing program 35 (id=406):
r0 = socket(0x10, 0x3, 0x0)
connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbff, 0x2000}, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x70bd29, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0xc010}, 0x4040040)

2m29.134948912s ago: executing program 0 (id=791):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000740)=[@fadd={0x58, 0x114, 0x6, {{0x5, 0x6}, &(0x7f0000000400)=0x7, 0x0, 0xf, 0x4, 0x9, 0xfffffffffffffff9, 0x0, 0x7}}], 0x58, 0x8000}, 0x0)

2m28.971954119s ago: executing program 0 (id=796):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000240)='nv', 0x2)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="4c000000120001030000000000000000000600004e2300000000000000000000810000000000000001000000fdffffff00000100000000", @ANYRES32=0x0, @ANYBLOB="0000a37bc4d24bfedeff"], 0x4c}, 0x1, 0x0, 0x0, 0x20044190}, 0x40000)

2m28.833638445s ago: executing program 0 (id=800):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='mm_page_alloc\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x9, 0x7, 0x0, 0x0, 0x0, 0x40008, 0x590, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x4c58, 0x4, 0x0, 0x0, 0x8, 0x4ac, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r2, 0x0)

2m28.683783731s ago: executing program 0 (id=804):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0xaae, &(0x7f00000003c0)={0x0, 0xffffeffa, 0x800, 0x7, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

2m28.555171427s ago: executing program 0 (id=809):
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000005c0)={0x0, 0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

2m28.509189178s ago: executing program 0 (id=810):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x189, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000380)='oom_adj\x00')
setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff)
cachestat(r1, &(0x7f0000000000)={0x264}, 0x0, 0x0)

2m13.439589208s ago: executing program 36 (id=810):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x189, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000380)='oom_adj\x00')
setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff)
cachestat(r1, &(0x7f0000000000)={0x264}, 0x0, 0x0)

2m4.377720652s ago: executing program 3 (id=1206):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c00028008000140000000080800034000000110"], 0xc4}, 0x1, 0x0, 0x0, 0x44c10}, 0x20050890)

2m4.235956608s ago: executing program 3 (id=1210):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
sysinfo(&(0x7f0000000440)=""/231)

2m4.133892233s ago: executing program 3 (id=1212):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000140)=@OVL_FILEID_V1={0x18, 0x300fb, {'\x00', {0x0, 0xfb, 0x15, 0x7, 0x5, "e8371f2efe0868327a31a705ec978547"}}}, 0x830200)

2m4.019342148s ago: executing program 3 (id=1216):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond0\x00', <r3=>0x0})
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130720000000fcdbdf25e0000001000000000000000000000000ff020000000000000000000000000001000400004e2100020000000021000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e000000200000000000000000000000000000000000000000000000000000000020000000000000009000000000000000d00000000000000000000000000000001000080000000004305000000000000040000000000000000000000000000800000000000000000fdfffffff9ffffff0000000000000000000000002cbd70000035100002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32=r3], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x10)

2m3.837888865s ago: executing program 3 (id=1220):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
mkdir(&(0x7f0000001a80)='./file0\x00', 0xea)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

2m3.801788527s ago: executing program 3 (id=1222):
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f903", 0x11}], 0x1}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd4242"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1m55.657889012s ago: executing program 8 (id=1367):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m55.607124604s ago: executing program 8 (id=1370):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0xe0, &(0x7f0000000240)={0x3, 0x0, 0xfffa, 0x4360}, 0x8, 0x6, 0x7d, 0x0, 0x1, 0x101, 0x0})
ioctl$USBDEVFS_REAPURBNDELAY(r2, 0x4008550d, &(0x7f0000000080))

1m55.320440437s ago: executing program 8 (id=1372):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000300)={@fallback, 0x5, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

1m54.212852804s ago: executing program 8 (id=1374):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0x0, 0x5200, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

1m54.155355656s ago: executing program 8 (id=1375):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0b00000007000000080000000808000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r2)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0180000000000000000001000000000000000b00000000030014"], 0x28}}, 0x40000)

1m53.879030638s ago: executing program 8 (id=1378):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r2, &(0x7f0000000180)="e502", 0x2)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1m53.81366144s ago: executing program 37 (id=1378):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r2, &(0x7f0000000180)="e502", 0x2)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1m48.713382167s ago: executing program 38 (id=1222):
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f903", 0x11}], 0x1}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd4242"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1m20.387815429s ago: executing program 7 (id=2069):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x30, r2, 0xc4fc9e906872338b, 0x70bd2e, 0x0, {{0x15}, {@void, @val={0xc, 0x99, {0x4, 0x3a}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x4}]}]}]}]}, 0x30}}, 0x40000)

1m20.302149712s ago: executing program 7 (id=2070):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r1, &(0x7f00000008c0)={0xa, 0x0, 0x2001, @loopback}, 0x1c)

1m20.232772665s ago: executing program 7 (id=2071):
unshare(0x22020600)
r0 = fsopen(&(0x7f0000000080)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x18)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000140)='./file0\x00')
openat2(r1, &(0x7f00000003c0)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x8}, 0x18)

1m20.12714952s ago: executing program 7 (id=2073):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xc}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0xd)
r2 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r2, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)

1m19.666264379s ago: executing program 7 (id=2078):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_GET_BYINDEX(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000000f0601040000000800000000000105000000000000000004000000000000000060e194bffd5ec7d696b4320af43a163b59c3a318dee98a5c55a4fb82e352fb28c07fc5b502d335fbcf8d3beecc66d79ab29af026f27805aaadb9574fd4788b1e223c090850554841726e5ba8bb3152d979d1a49d541d45322e42f04d"], 0x24}, 0x1, 0x0, 0x0, 0x20040800}, 0x40080)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000005c0)={0x0, 0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

1m18.854800344s ago: executing program 7 (id=2097):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, 0x0, 0x149c, 0x503, 0xffffff81, 0x0, 0x0, 0x0, 0x7, 0xffff80fe}, 0x7)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0x8, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1m3.738208586s ago: executing program 39 (id=2097):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, 0x0, 0x149c, 0x503, 0xffffff81, 0x0, 0x0, 0x0, 0x7, 0xffff80fe}, 0x7)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0x8, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

29.124737254s ago: executing program 9 (id=3380):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000000020000000900020073797a32000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000040000000000a40000000160a01080000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c000000170a03000000000000000000020000020900010073797a3000000000090002"], 0x2c}, 0x1, 0x0, 0x0, 0x40005}, 0x0)

29.042738558s ago: executing program 9 (id=3381):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
setgroups(0x0, 0x0)

28.885467774s ago: executing program 9 (id=3385):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$getregset(0x4204, r0, 0x2, 0x0)
r1 = open(0x0, 0x64842, 0x86)
pwritev2(r1, 0x0, 0x0, 0x7800, 0x0, 0x0)

28.856335966s ago: executing program 9 (id=3386):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@abort}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f0000000040)='./bus\x00', 0x400141042, 0x2a)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
write$tun(r0, 0x0, 0x110d)

28.396732655s ago: executing program 9 (id=3391):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x34, r2, 0x1, 0x70bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa5}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}]}, 0x34}}, 0x20)

28.105076188s ago: executing program 9 (id=3401):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000140)=[{0x20, 0x1, 0x0, 0xfffff034}, {0x6, 0x0, 0x0, 0x4}]}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184"], 0xfdef)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)

28.104921878s ago: executing program 40 (id=3401):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000140)=[{0x20, 0x1, 0x0, 0xfffff034}, {0x6, 0x0, 0x0, 0x4}]}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184"], 0xfdef)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)

962.779189ms ago: executing program 1 (id=4097):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x24, r2, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x8, 0x2a, [@perr={0x84, 0xffffffffffffff21}]}]}, 0x24}}, 0x0)

890.324782ms ago: executing program 4 (id=4102):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$sg(&(0x7f0000000740), 0x0, 0x40000)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0xec}}, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)

860.947914ms ago: executing program 1 (id=4104):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r3, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}}, 0x800)

841.636534ms ago: executing program 2 (id=4106):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newqdisc={0x110, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}, @TCA_STAB={0xd8, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xcd, 0x7f, 0x8, 0x0, 0x0, 0x0, 0x2}}, {0x4}}, {{0x1c, 0x1, {0x2, 0xec, 0x3, 0xd, 0x0, 0x8001, 0x7, 0x1}}, {0x6, 0x2, [0x8001]}}, {{0x1c, 0x1, {0x6, 0x2, 0x7d4, 0x10000000, 0x1, 0x0, 0x8001, 0x3}}, {0xa, 0x2, [0x600, 0x8000, 0x7]}}, {{0xfffffffffffffe3c, 0x1, {0xa0, 0x8, 0x83c5, 0x2a, 0x2, 0x1, 0xfffffffa}}, {0x4}}, {{0x1c, 0x1, {0x4, 0x2, 0x6, 0x77dd, 0x1, 0x7, 0x9, 0x4}}, {0xc, 0x2, [0x1, 0x1000, 0x69c4, 0xfff6]}}, {{0x1c, 0x1, {0x7, 0x79, 0x8, 0x8, 0x0, 0x41, 0xf}}, {0x4}}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x4008094}, 0x8840)

812.752395ms ago: executing program 1 (id=4107):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kfree\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
recvmmsg(r1, &(0x7f0000001b40)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/189, 0xbd}, {&(0x7f00000003c0)=""/152, 0x98}, {&(0x7f0000000480)=""/4096, 0x1000}], 0x3}}], 0x7, 0x0, 0x0)

812.540325ms ago: executing program 4 (id=4108):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x14, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000780)='kfree\x00', r3}, 0x18)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000002c0)=@raw={'raw\x00', 0xe501, 0x3, 0x208, 0xb8, 0xa, 0x1000000, 0x0, 0x0, 0x170, 0x230, 0x230, 0x170, 0x223, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x20c49a, 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0xb8}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x20c49a, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x268)

764.370898ms ago: executing program 2 (id=4109):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x42082)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000040)={{0x1, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r2, 0xc0f85403, &(0x7f0000000040))

741.360559ms ago: executing program 2 (id=4110):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcf3, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x103040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)

738.808309ms ago: executing program 4 (id=4111):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x25c, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
tgkill(r1, r1, 0x21)
wait4(r1, 0x0, 0x40000000, 0x0)

663.696002ms ago: executing program 1 (id=4112):
io_setup(0x9, &(0x7f0000000340)=<r0=>0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
ioprio_set$pid(0x2, 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f00000005c0)=[&(0x7f00000004c0)={0x0, 0x0, 0x20, 0x7, 0x9, r1, 0x0, 0x0, 0xfffffffffffffff5}])

614.660864ms ago: executing program 2 (id=4114):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0xfffc, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000000c0)={0xfd, 0x0, 0xfe, 0x22, 0x0, 0x7, 0x6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3}, 0xe)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000040)=0x10001, 0x4)
shutdown(r0, 0x1)
recvmmsg(r0, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0)

607.854234ms ago: executing program 4 (id=4115):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f00000001c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000600)=ANY=[@ANYBLOB="02011400012918000e1a80009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206", @ANYRES8=r2, @ANYBLOB="887f318e60836ab46228ae6901ddbf4c74dc42e3f6c119b67036b2f6af787d03a6812a8a134fba001a30cae6c50d7a195bbfba06aab4"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000007}, 0x4000)

555.857987ms ago: executing program 4 (id=4118):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
r1 = epoll_create(0x3ff)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0xa0000000})
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000280)={0x2000000})

549.383437ms ago: executing program 5 (id=4119):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newqdisc={0x110, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}, @TCA_STAB={0xd8, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xcd, 0x7f, 0x8, 0x0, 0x0, 0x0, 0x2}}, {0x4}}, {{0x1c, 0x1, {0x2, 0xec, 0x3, 0xd, 0x0, 0x8001, 0x7, 0x1}}, {0x6, 0x2, [0x8001]}}, {{0x1c, 0x1, {0x6, 0x2, 0x7d4, 0x10000000, 0x1, 0x0, 0x8001, 0x3}}, {0xa, 0x2, [0x600, 0x8000, 0x7]}}, {{0xfffffffffffffe3c, 0x1, {0xa0, 0x8, 0x83c5, 0x2a, 0x2, 0x1, 0xfffffffa}}, {0x4}}, {{0x1c, 0x1, {0x4, 0x2, 0x6, 0x77dd, 0x1, 0x7, 0x9, 0x4}}, {0xc, 0x2, [0x1, 0x1000, 0x69c4, 0xfff6]}}, {{0x1c, 0x1, {0x7, 0x79, 0x8, 0x8, 0x0, 0x41, 0xf}}, {0x4}}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x4008094}, 0x8840)

532.427287ms ago: executing program 1 (id=4120):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x10)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
r1 = epoll_create(0x4)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x20000009})
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(&(0x7f0000001500)='./file0/../file0/file0\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x1a738a2, 0x0)

491.072699ms ago: executing program 2 (id=4121):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x2c, r3, 0x301, 0x70bd26, 0x25dfdbfb, {0x1c}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x40006)

483.951719ms ago: executing program 6 (id=4122):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6b, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x8000, 0x0, 0x0, 0x401, 0x0, 0x4507}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)

474.40194ms ago: executing program 4 (id=4123):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x1, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_open_procfs$namespace(r0, &(0x7f0000000240)='ns/time\x00')

473.87594ms ago: executing program 1 (id=4124):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x10, &(0x7f0000001280), 0x4)
recvmsg(r1, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2100)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r0}})

451.645391ms ago: executing program 2 (id=4125):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x42, 0x61)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

428.547741ms ago: executing program 6 (id=4126):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
open(&(0x7f0000000080)='./bus\x00', 0x143142, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x2008440, &(0x7f0000000300)='trans=rdma,')

428.015572ms ago: executing program 5 (id=4127):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000280)={&(0x7f0000000040), 0x10, 0x0}, 0x0)

383.552584ms ago: executing program 5 (id=4128):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x18, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000009000000000000000200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000088500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000400000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000030000008500000082000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='tlb_flush\x00', r1}, 0x10)
mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x9, 0x5d032, 0xffffffffffffffff, 0x0)

371.368094ms ago: executing program 6 (id=4129):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x20048810)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd000005000500000000000a"], 0x70}}, 0x0)
sendmmsg(r1, &(0x7f0000000180), 0x3ef, 0x0)

337.531456ms ago: executing program 6 (id=4130):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000001c0)='kfree\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x10000, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x84000000, 0x2}, 0x50)

157.271373ms ago: executing program 6 (id=4131):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00006003ffffffffffffbbbbbbbbbbbb88a8010081004c0008004500001c00670000032f90"], 0x36)

139.200984ms ago: executing program 5 (id=4132):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0xffffffffffffff22}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
mount$9p_unix(&(0x7f0000000240)='./cgroup.cpu/cpuset.cpus\x00', &(0x7f0000000b40)='./file0\x00', 0x0, 0x12c9498, 0x0)
fspick(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

95.969236ms ago: executing program 5 (id=4133):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
recvmmsg(r0, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}, 0x353}], 0x1, 0x40000121, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x5, @loopback, 0x4}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x4b, &(0x7f0000000080)=0x2, 0x4)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x80, 0x0, 0x0)

33.492728ms ago: executing program 6 (id=4134):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x183, 0x6}, 0x6025, 0x4005, 0xb, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000480)={[{@resgid}, {}, {@data_err_ignore}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f0000000c40)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
fallocate(r0, 0x0, 0x3, 0x800000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x101042, 0x1b6)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

0s ago: executing program 5 (id=4135):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)

kernel console output (not intermixed with test programs):

gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10154 comm="syz.2.2498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  166.846769][   T29] audit: type=1326 audit(166.721:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10154 comm="syz.2.2498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  166.885919][   T29] audit: type=1326 audit(166.721:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10154 comm="syz.2.2498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  166.980055][   T29] audit: type=1326 audit(166.951:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10168 comm="syz.6.2503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  167.075540][   T29] audit: type=1326 audit(166.951:2553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10168 comm="syz.6.2503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  167.103918][   T29] audit: type=1326 audit(166.951:2554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10168 comm="syz.6.2503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  167.135579][   T29] audit: type=1326 audit(166.951:2555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10168 comm="syz.6.2503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  167.166994][   T29] audit: type=1326 audit(166.951:2556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10168 comm="syz.6.2503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  167.326276][T10191] Falling back ldisc for ttyS3.
[  167.447645][T10206] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2520'.
[  167.700863][T10225] loop5: detected capacity change from 0 to 164
[  167.738374][T10225] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  167.760331][T10225] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  167.794567][T10225] Symlink component flag not implemented
[  167.801371][T10225] Symlink component flag not implemented
[  167.846682][T10225] Symlink component flag not implemented (7)
[  167.855625][T10225] Symlink component flag not implemented (116)
[  167.951593][T10239] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2534'.
[  168.096022][T10271] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2547'.
[  168.107435][T10271] netlink: 'syz.6.2547': attribute type 30 has an invalid length.
[  168.122082][ T6453] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  168.137766][ T6453] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  168.148785][   T41] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  168.162874][   T41] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  169.368661][T10352] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  169.405882][T10352] vhci_hcd: invalid port number 96
[  169.414567][T10352] vhci_hcd: default hub control req: 0311 v0005 i0060 l7
[  169.483418][T10358] loop4: detected capacity change from 0 to 764
[  169.528311][T10360] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  169.551587][T10358] rock: directory entry would overflow storage
[  169.559003][T10358] rock: sig=0x4f50, size=4, remaining=3
[  169.565268][T10358] iso9660: Corrupted directory entry in block 6 of inode 1792
[  169.804801][T10382] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  169.841860][T10385] hub 6-0:1.0: USB hub found
[  169.849842][T10385] hub 6-0:1.0: 8 ports detected
[  169.860988][ T3428] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  169.864584][T10382] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  169.899567][ T3428] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  170.162027][T10410] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2609'.
[  170.174585][T10410] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2609'.
[  170.277037][T10410] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2609'.
[  170.291649][T10410] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2609'.
[  170.434274][T10410] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2609'.
[  170.444293][T10410] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2609'.
[  170.724127][   T82] I/O error, dev loop9, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 2
[  170.763188][T10453] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2625'.
[  170.776349][T10453] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2625'.
[  170.941804][T10463] loop4: detected capacity change from 0 to 512
[  170.963870][T10463] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  170.990512][T10463] EXT4-fs (loop4): mount failed
[  171.113675][T10475] hub 6-0:1.0: USB hub found
[  171.120925][T10475] hub 6-0:1.0: 8 ports detected
[  171.122126][T10477] loop4: detected capacity change from 0 to 8192
[  171.252503][T10488] IPv6: Can't replace route, no match found
[  171.345353][T10501] serio: Serial port ttyS3
[  171.377324][T10503] netlink: 'syz.5.2646': attribute type 3 has an invalid length.
[  171.795677][   T29] kauditd_printk_skb: 76 callbacks suppressed
[  171.795694][   T29] audit: type=1326 audit(524459.764:2632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10531 comm="syz.6.2658" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x0
[  171.871996][   T29] audit: type=1400 audit(524459.804:2633): avc:  denied  { firmware_load } for  pid=10533 comm="syz.2.2659" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  172.018914][   T29] audit: type=1400 audit(524459.982:2634): avc:  denied  { connect } for  pid=10537 comm="syz.5.2660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  172.056084][   T29] audit: type=1326 audit(524460.022:2635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10539 comm="syz.2.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  172.089810][   T29] audit: type=1326 audit(524460.022:2636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10539 comm="syz.2.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  172.121705][   T29] audit: type=1326 audit(524460.022:2637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10539 comm="syz.2.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  172.153091][   T29] audit: type=1326 audit(524460.022:2638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10539 comm="syz.2.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  172.182562][   T29] audit: type=1326 audit(524460.022:2639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10539 comm="syz.2.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  172.212594][   T29] audit: type=1326 audit(524460.022:2640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10539 comm="syz.2.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  172.241991][   T29] audit: type=1326 audit(524460.022:2641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10539 comm="syz.2.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  172.497776][T10554] veth0: entered promiscuous mode
[  173.183831][T10629] loop5: detected capacity change from 0 to 128
[  173.497712][T10648] loop6: detected capacity change from 0 to 512
[  173.518374][T10648] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.562610][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.680310][T10661] netlink: 'syz.5.2707': attribute type 10 has an invalid length.
[  173.680372][T10661] __nla_validate_parse: 4 callbacks suppressed
[  173.680382][T10661] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2707'.
[  173.680401][T10661] dummy0: entered promiscuous mode
[  173.681269][T10661] bridge0: port 3(dummy0) entered blocking state
[  173.727517][T10661] bridge0: port 3(dummy0) entered disabled state
[  173.735235][T10661] dummy0: entered allmulticast mode
[  173.735996][T10661] bridge0: port 3(dummy0) entered blocking state
[  173.750549][T10661] bridge0: port 3(dummy0) entered forwarding state
[  173.945024][T10674] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.945166][T10674] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  174.272724][T10692] netlink: 'syz.4.2722': attribute type 3 has an invalid length.
[  174.282494][T10692] netlink: 'syz.4.2722': attribute type 4 has an invalid length.
[  174.282511][T10692] netlink: 9067 bytes leftover after parsing attributes in process `syz.4.2722'.
[  174.655965][T10716] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2731'.
[  174.763971][T10722] pimreg: entered allmulticast mode
[  174.773706][T10722] pimreg: left allmulticast mode
[  175.015474][T10740] ip6_vti0 speed is unknown, defaulting to 1000
[  175.077783][T10743] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2744'.
[  175.357035][T10766] loop5: detected capacity change from 0 to 512
[  175.375888][T10766] EXT4-fs: Ignoring removed nomblk_io_submit option
[  175.418720][T10766] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  175.429504][T10766] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  175.474839][T10766] EXT4-fs (loop5): couldn't mount RDWR because of unsupported optional features (80)
[  175.486425][T10766] EXT4-fs (loop5): Skipping orphan cleanup due to unknown ROCOMPAT features
[  175.499153][T10766] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  175.522163][T10766] EXT4-fs: Ignoring removed nomblk_io_submit option
[  175.559095][T10766] EXT4-fs (loop5): couldn't mount RDWR because of unsupported optional features (80)
[  175.603317][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.737804][T10791] sch_tbf: peakrate 7 is lower than or equals to rate 7 !
[  175.841720][T10801] netlink: 92 bytes leftover after parsing attributes in process `syz.6.2770'.
[  175.856611][T10801] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2770'.
[  175.980655][T10809] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2774'.
[  176.078090][T10811] loop5: detected capacity change from 0 to 8192
[  176.104111][T10811] x_tables: duplicate entry at hook 1
[  176.114698][T10817] netlink: 'syz.2.2778': attribute type 1 has an invalid length.
[  176.158008][T10821] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  176.420801][T10842] loop4: detected capacity change from 0 to 8192
[  176.434830][T10842] syz.4.2788: attempt to access beyond end of device
[  176.434830][T10842] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  176.454334][T10842] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1)
[  176.463321][T10842] FAT-fs (loop4): Filesystem has been set read-only
[  176.498254][T10842] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1)
[  176.515233][T10842] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1)
[  176.619341][T10856] loop6: detected capacity change from 0 to 512
[  176.642288][T10856] EXT4-fs (loop6): orphan cleanup on readonly fs
[  176.659293][T10856] EXT4-fs warning (device loop6): ext4_xattr_inode_get:546: inode #11: comm syz.6.2794: ea_inode file size=4 entry size=6
[  176.676734][T10856] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  176.694863][T10856] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #15: comm syz.6.2794: corrupted inode contents
[  176.710489][T10856] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #15: comm syz.6.2794: mark_inode_dirty error
[  176.727903][T10856] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #15: comm syz.6.2794: corrupted inode contents
[  176.749200][T10856] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2996: inode #15: comm syz.6.2794: mark_inode_dirty error
[  176.790575][T10856] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2999: inode #15: comm syz.6.2794: mark inode dirty (error -117)
[  176.826256][T10856] EXT4-fs warning (device loop6): ext4_evict_inode:274: xattr delete (err -117)
[  176.841068][T10856] EXT4-fs (loop6): 1 orphan inode deleted
[  176.853380][T10856] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  176.858532][T10873] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2803'.
[  176.921036][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.929253][T10873] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2803'.
[  177.016746][T10883] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  177.028076][T10883] IPv6: NLM_F_CREATE should be set when creating new route
[  177.076894][T10887] loop6: detected capacity change from 0 to 128
[  177.160638][T10887] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  177.173020][T10887] FAT-fs (loop6): Filesystem has been set read-only
[  177.281675][   T29] kauditd_printk_skb: 96 callbacks suppressed
[  177.281692][   T29] audit: type=1400 audit(524465.213:2738): avc:  denied  { read } for  pid=10904 comm="syz.4.2817" path="socket:[30545]" dev="sockfs" ino=30545 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  177.452438][T10912] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  177.462084][T10912] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  177.473812][T10912] vhci_hcd vhci_hcd.0: Device attached
[  177.486161][T10918] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(6)
[  177.493349][T10918] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  177.503503][T10918] vhci_hcd vhci_hcd.0: Device attached
[  177.538128][T10912] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(5)
[  177.545655][T10912] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  177.557834][T10912] vhci_hcd vhci_hcd.0: Device attached
[  177.571368][T10912] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(9)
[  177.579608][T10912] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  177.587751][T10912] vhci_hcd vhci_hcd.0: Device attached
[  177.612016][T10912] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(11)
[  177.619591][T10912] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  177.628696][T10912] vhci_hcd vhci_hcd.0: Device attached
[  177.643012][T10912] vhci_hcd vhci_hcd.0: pdev(5) rhport(5) sockfd(13)
[  177.651707][T10912] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  177.652452][T10926] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[  177.659960][T10912] vhci_hcd vhci_hcd.0: Device attached
[  177.680314][ T3395] vhci_hcd: vhci_device speed not set
[  177.700890][T10931] vhci_hcd: connection closed
[  177.701034][ T6473] vhci_hcd: stop threads
[  177.717526][ T6473] vhci_hcd: release socket
[  177.724594][ T6473] vhci_hcd: disconnect device
[  177.724744][T10921] vhci_hcd: connection closed
[  177.732901][T10927] vhci_hcd: connection closed
[  177.737906][T10923] vhci_hcd: connection closed
[  177.743707][T10919] vhci_hcd: connection closed
[  177.744886][ T3395] usb 11-1: new full-speed USB device number 2 using vhci_hcd
[  177.751674][T10913] vhci_hcd: connection closed
[  177.763778][T10914] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  177.784847][ T6473] vhci_hcd: stop threads
[  177.792581][ T6473] vhci_hcd: release socket
[  177.798068][ T6473] vhci_hcd: disconnect device
[  177.823841][ T6473] vhci_hcd: stop threads
[  177.827837][   T29] audit: type=1326 audit(524465.749:2739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.6.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  177.829259][ T6473] vhci_hcd: release socket
[  177.861594][   T29] audit: type=1326 audit(524465.749:2740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.6.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  177.861685][   T29] audit: type=1326 audit(524465.749:2741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.6.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  177.861710][   T29] audit: type=1326 audit(524465.749:2742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.6.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  177.867007][ T6473] vhci_hcd: disconnect device
[  177.898625][   T29] audit: type=1326 audit(524465.749:2743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.6.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  177.931013][ T6473] vhci_hcd: stop threads
[  177.998743][   T29] audit: type=1400 audit(524465.928:2744): avc:  denied  { create } for  pid=10939 comm="syz.2.2828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  177.999142][ T6473] vhci_hcd: release socket
[  178.030082][ T6473] vhci_hcd: disconnect device
[  178.035960][   T29] audit: type=1400 audit(524465.958:2745): avc:  denied  { write } for  pid=10939 comm="syz.2.2828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  178.060449][   T29] audit: type=1326 audit(524465.988:2746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.6.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  178.195716][   T29] audit: type=1326 audit(524465.988:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.6.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  178.232146][ T6473] vhci_hcd: stop threads
[  178.237066][ T6473] vhci_hcd: release socket
[  178.241971][ T6473] vhci_hcd: disconnect device
[  178.273057][ T6473] vhci_hcd: stop threads
[  178.278952][ T6473] vhci_hcd: release socket
[  178.284519][ T6473] vhci_hcd: disconnect device
[  178.290257][T10954] IPv6: Can't replace route, no match found
[  178.500745][T10976] syzkaller1: entered promiscuous mode
[  178.507259][T10976] syzkaller1: entered allmulticast mode
[  178.555894][T10991] loop5: detected capacity change from 0 to 1024
[  178.571664][T10991] EXT4-fs: Ignoring removed mblk_io_submit option
[  178.618812][T10991] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.640201][T10999] syzkaller1: entered promiscuous mode
[  178.646955][T10999] syzkaller1: entered allmulticast mode
[  178.717968][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.724843][T10998] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  178.748448][T10998] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.817757][T11017] loop5: detected capacity change from 0 to 1024
[  178.838333][T11017] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.2860: Failed to acquire dquot type 0
[  178.842437][T11015] loop6: detected capacity change from 0 to 512
[  178.876167][T11017] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  178.900878][T11015] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.912837][T11017] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.2860: corrupted inode contents
[  178.942449][T11015] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  178.945880][T11017] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #13: comm syz.5.2860: mark_inode_dirty error
[  178.979523][T11017] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.2860: corrupted inode contents
[  178.998920][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.007124][T11017] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.2860: mark_inode_dirty error
[  179.025247][T11017] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.2860: corrupted inode contents
[  179.053055][T11017] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[  179.063893][T11017] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.2860: corrupted inode contents
[  179.081148][T11017] EXT4-fs error (device loop5): ext4_truncate:4637: inode #13: comm syz.5.2860: mark_inode_dirty error
[  179.102222][T11017] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[  179.124648][T11017] EXT4-fs (loop5): 1 truncate cleaned up
[  179.142660][T11029] loop4: detected capacity change from 0 to 2048
[  179.172316][T11017] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.244249][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.303908][T11042] __nla_validate_parse: 2 callbacks suppressed
[  179.303921][T11042] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2872'.
[  179.360034][ T6473] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  179.370946][T11042] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2872'.
[  179.388371][ T6473] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  179.400739][ T6473] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  179.415750][ T6473] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  179.706113][T11058] loop6: detected capacity change from 0 to 32768
[  179.846111][ T6423] Bluetooth: hci0: Frame reassembly failed (-84)
[  180.812888][T11162] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2920'.
[  180.981253][T11178] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[  181.113714][T11185] netlink: 96 bytes leftover after parsing attributes in process `syz.5.2930'.
[  181.518186][T11213] loop5: detected capacity change from 0 to 1024
[  181.531957][T11213] EXT4-fs: Ignoring removed orlov option
[  181.551041][T11213] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.903277][ T5938] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  181.911600][ T3840] Bluetooth: hci0: command 0x1003 tx timeout
[  181.978275][T11228] xt_policy: neither incoming nor outgoing policy selected
[  182.009546][T11232] netlink: 'syz.6.2950': attribute type 39 has an invalid length.
[  182.030234][T11234] netlink: 19 bytes leftover after parsing attributes in process `syz.4.2952'.
[  182.432474][   T29] kauditd_printk_skb: 65 callbacks suppressed
[  182.432573][   T29] audit: type=1400 audit(524470.328:2811): avc:  denied  { unmount } for  pid=7472 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  182.488106][T11258] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2964'.
[  182.570408][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.615672][T11267] sch_fq: defrate 6 ignored.
[  182.658824][T11274] loop4: detected capacity change from 0 to 128
[  182.763798][T11274] syz.4.2972: attempt to access beyond end of device
[  182.763798][T11274] loop4: rw=2049, sector=185, nr_sectors = 16 limit=128
[  182.781889][T11274] syz.4.2972: attempt to access beyond end of device
[  182.781889][T11274] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[  182.832886][   T29] audit: type=1400 audit(524470.725:2812): avc:  denied  { setopt } for  pid=11291 comm="syz.6.2979" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  182.835509][T11274] syz.4.2972: attempt to access beyond end of device
[  182.835509][T11274] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[  182.880204][ T3395] usb 11-1: enqueue for inactive port 0
[  182.888064][ T3395] usb 11-1: enqueue for inactive port 0
[  182.898635][T11274] syz.4.2972: attempt to access beyond end of device
[  182.898635][T11274] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[  182.921753][T11274] syz.4.2972: attempt to access beyond end of device
[  182.921753][T11274] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[  182.954437][T11274] syz.4.2972: attempt to access beyond end of device
[  182.954437][T11274] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128
[  182.962122][ T3395] vhci_hcd: vhci_device speed not set
[  182.975806][T11274] syz.4.2972: attempt to access beyond end of device
[  182.975806][T11274] loop4: rw=2049, sector=289, nr_sectors = 8 limit=128
[  183.015359][T11274] syz.4.2972: attempt to access beyond end of device
[  183.015359][T11274] loop4: rw=2049, sector=305, nr_sectors = 8 limit=128
[  183.055538][   T29] audit: type=1400 audit(524470.924:2813): avc:  denied  { write } for  pid=11299 comm="syz.9.2982" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  183.060959][T11274] syz.4.2972: attempt to access beyond end of device
[  183.060959][T11274] loop4: rw=2049, sector=321, nr_sectors = 8 limit=128
[  183.097119][T11274] syz.4.2972: attempt to access beyond end of device
[  183.097119][T11274] loop4: rw=2049, sector=337, nr_sectors = 8 limit=128
[  183.187510][T11309] netlink: 'syz.9.2986': attribute type 12 has an invalid length.
[  183.200343][T11309] netlink: 'syz.9.2986': attribute type 29 has an invalid length.
[  183.211160][T11309] netlink: 148 bytes leftover after parsing attributes in process `syz.9.2986'.
[  183.223558][T11309] netlink: 'syz.9.2986': attribute type 2 has an invalid length.
[  183.236798][T11309] netlink: 'syz.9.2986': attribute type 3 has an invalid length.
[  183.251520][T11309] netlink: 15 bytes leftover after parsing attributes in process `syz.9.2986'.
[  183.430496][T11326] loop6: detected capacity change from 0 to 512
[  183.438852][T11326] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  183.456046][T11328] atomic_op ffff8881161df128 conn xmit_atomic 0000000000000000
[  183.474460][T11326] EXT4-fs (loop6): invalid journal inode
[  183.496641][T11326] EXT4-fs (loop6): can't get journal size
[  183.505798][T11326] EXT4-fs (loop6): 1 truncate cleaned up
[  183.519741][T11326] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.528487][T11331] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2998'.
[  183.535861][T11326] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  183.557706][   T29] audit: type=1400 audit(524471.441:2814): avc:  denied  { relabelto } for  pid=11325 comm="syz.6.2995" name="/" dev="loop6" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  183.663263][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.729693][T11341] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3003'.
[  183.818535][   T29] audit: type=1326 audit(524471.709:2815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11346 comm="syz.6.3006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  183.856537][   T29] audit: type=1326 audit(524471.709:2816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11346 comm="syz.6.3006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  183.899686][   T29] audit: type=1326 audit(524471.788:2817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11346 comm="syz.6.3006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  184.008279][   T29] audit: type=1326 audit(524471.788:2818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11346 comm="syz.6.3006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  184.037843][   T29] audit: type=1326 audit(524471.788:2819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11346 comm="syz.6.3006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  184.073452][   T29] audit: type=1326 audit(524471.788:2820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11346 comm="syz.6.3006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  184.385087][T11380] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  184.525093][T11390] batadv0: mtu less than device minimum
[  184.534886][T11390] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  184.547854][T11390] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  184.560225][T11390] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  184.574295][T11390] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  184.585842][T11390] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  184.600429][T11390] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  184.615695][T11390] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  184.628411][T11390] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  184.640781][T11390] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  184.839213][T11418] random: crng reseeded on system resumption
[  184.956659][T11433] netlink: 'syz.6.3045': attribute type 14 has an invalid length.
[  184.964985][T11433] __nla_validate_parse: 1 callbacks suppressed
[  184.965004][T11433] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3045'.
[  185.035588][T11433] netlink: 'syz.6.3045': attribute type 14 has an invalid length.
[  185.045451][T11433] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3045'.
[  185.195242][T11451] program syz.4.3052 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  185.318803][T11461] loop5: detected capacity change from 0 to 4096
[  185.344265][T11461] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.411960][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.639641][T11497] loop6: detected capacity change from 0 to 512
[  185.819020][T11512] vhci_hcd: invalid port number 254
[  185.916063][T11523] loop6: detected capacity change from 0 to 512
[  185.916448][T11521] SELinux: failed to load policy
[  186.004834][T11523] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  186.036666][T11523] EXT4-fs (loop6): 1 truncate cleaned up
[  186.064645][T11523] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.105569][T11534] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3090'.
[  186.133058][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.293302][T11544] vhci_hcd: default hub control req: 8017 v0006 i0003 l0
[  186.310992][T11549] netlink: 'syz.9.3098': attribute type 21 has an invalid length.
[  186.326811][T11549] netlink: 132 bytes leftover after parsing attributes in process `syz.9.3098'.
[  186.413030][T11558] netlink: 'syz.9.3101': attribute type 3 has an invalid length.
[  186.544416][T11563] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  186.719998][T11578] loop4: detected capacity change from 0 to 1024
[  186.761922][T11578] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.856707][T11578] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.3112: Allocating blocks 449-513 which overlap fs metadata
[  186.961771][T11577] EXT4-fs (loop4): pa ffff88810722e9a0: logic 48, phys. 177, len 21
[  186.976290][T11577] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  187.041663][T11600] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3119'.
[  187.061358][ T7665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.206659][T11604] macvtap0: entered promiscuous mode
[  187.276312][T11604] macvtap0: left promiscuous mode
[  187.296659][T11608] veth0_vlan: entered allmulticast mode
[  187.316352][T11612] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3125'.
[  187.342151][T11610] IPVS: stopping master sync thread 11614 ...
[  187.342808][T11614] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  187.498858][   T29] kauditd_printk_skb: 158 callbacks suppressed
[  187.498875][   T29] audit: type=1400 audit(524475.366:2979): avc:  denied  { module_load } for  pid=11628 comm="syz.2.3132" path="/346/bus" dev="tmpfs" ino=1793 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[  187.539674][T11631] Invalid ELF header magic: != ELF
[  187.555189][   T29] audit: type=1107 audit(524475.415:2980): pid=11632 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='ÊÃå'
[  187.647945][T11641] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3138'.
[  187.754609][T11649] netlink: 'syz.9.3142': attribute type 1 has an invalid length.
[  188.006239][T11662] IPv6: Can't replace route, no match found
[  188.365400][T11678] serio: Serial port ptm0
[  188.483024][   T29] audit: type=1326 audit(524476.330:2981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11684 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  188.524381][   T29] audit: type=1326 audit(524476.380:2982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11684 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  188.554745][   T29] audit: type=1326 audit(524476.380:2983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11684 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  188.584684][   T29] audit: type=1326 audit(524476.380:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11684 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  188.612802][   T29] audit: type=1326 audit(524476.380:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11684 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  188.644493][   T29] audit: type=1326 audit(524476.380:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11684 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  188.676514][   T29] audit: type=1326 audit(524476.380:2987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11684 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  188.687194][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  188.712087][   T29] audit: type=1326 audit(524476.380:2988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11684 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  188.955329][T11703] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3167'.
[  189.033270][T11715] IPv6: NLM_F_CREATE should be specified when creating new route
[  189.147798][T11730] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3179'.
[  189.151922][T11728] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125
[  189.159912][T11730] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3179'.
[  189.484305][T11768] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  189.639177][T11788] loop6: detected capacity change from 0 to 128
[  190.002537][T11817] ip6_vti0 speed is unknown, defaulting to 1000
[  190.030877][ T6445] bio_check_eod: 97 callbacks suppressed
[  190.030895][ T6445] kworker/u8:32: attempt to access beyond end of device
[  190.030895][ T6445] loop6: rw=1, sector=153, nr_sectors = 8 limit=128
[  190.143189][ T6445] kworker/u8:32: attempt to access beyond end of device
[  190.143189][ T6445] loop6: rw=1, sector=169, nr_sectors = 24 limit=128
[  190.176811][T11823] netlink: 180 bytes leftover after parsing attributes in process `syz.4.3222'.
[  190.182606][ T6445] kworker/u8:32: attempt to access beyond end of device
[  190.182606][ T6445] loop6: rw=1, sector=201, nr_sectors = 8 limit=128
[  190.233086][ T6445] kworker/u8:32: attempt to access beyond end of device
[  190.233086][ T6445] loop6: rw=1, sector=217, nr_sectors = 8 limit=128
[  190.263301][ T6445] kworker/u8:32: attempt to access beyond end of device
[  190.263301][ T6445] loop6: rw=1, sector=233, nr_sectors = 8 limit=128
[  190.299926][ T6445] kworker/u8:32: attempt to access beyond end of device
[  190.299926][ T6445] loop6: rw=1, sector=249, nr_sectors = 8 limit=128
[  190.339094][T11829] atomic_op ffff88810e364528 conn xmit_atomic 0000000000000000
[  190.362310][ T6445] kworker/u8:32: attempt to access beyond end of device
[  190.362310][ T6445] loop6: rw=1, sector=265, nr_sectors = 8 limit=128
[  190.388303][ T6445] kworker/u8:32: attempt to access beyond end of device
[  190.388303][ T6445] loop6: rw=1, sector=281, nr_sectors = 8 limit=128
[  190.450299][ T6445] kworker/u8:32: attempt to access beyond end of device
[  190.450299][ T6445] loop6: rw=1, sector=297, nr_sectors = 8 limit=128
[  190.476703][ T6445] kworker/u8:32: attempt to access beyond end of device
[  190.476703][ T6445] loop6: rw=1, sector=313, nr_sectors = 8 limit=128
[  190.637075][T11861] loop4: detected capacity change from 0 to 512
[  190.720073][T11874] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3241'.
[  190.801169][T11882] 9pnet_fd: Insufficient options for proto=fd
[  191.348301][T11926] ip6_vti0 speed is unknown, defaulting to 1000
[  191.362934][T11932] loop5: detected capacity change from 0 to 164
[  191.381241][T11934] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3272'.
[  191.393576][T11934] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3272'.
[  191.401984][T11918] Restarting kernel threads ...
[  191.414321][T11932] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  191.424647][T11918] Done restarting kernel threads.
[  191.434442][T11932] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  191.448938][T11932] Symlink component flag not implemented
[  191.452855][T11934] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3272'.
[  191.456198][T11932] Symlink component flag not implemented
[  191.472010][T11934] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3272'.
[  191.483228][T11936] tipc: Started in network mode
[  191.497156][T11936] tipc: Node identity ac14140f, cluster identity 4711
[  191.509256][T11932] Symlink component flag not implemented (7)
[  191.512668][T11936] tipc: Enabled bearer <udp:syz2>, priority 10
[  191.516519][T11932] Symlink component flag not implemented (116)
[  191.525923][ T6458] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  191.550367][ T6458] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  191.613296][ T6458] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  191.635983][ T6458] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  191.676236][T11943] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0
[  191.688591][T11942] IPVS: stopping master sync thread 11943 ...
[  192.073559][T11976] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3291'.
[  192.082894][T11976] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3291'.
[  192.564581][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  192.564598][   T29] audit: type=1326 audit(524480.396:3066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  192.613674][   T29] audit: type=1326 audit(524480.446:3067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  192.655332][ T1035] tipc: Node number set to 2886997007
[  192.655499][   T29] audit: type=1326 audit(524480.446:3068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  192.697584][   T29] audit: type=1326 audit(524480.446:3069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  192.738218][   T29] audit: type=1326 audit(524480.446:3070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  192.775634][   T29] audit: type=1326 audit(524480.446:3071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  192.806807][   T29] audit: type=1326 audit(524480.446:3072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  192.838850][   T29] audit: type=1326 audit(524480.446:3073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  192.874174][   T29] audit: type=1326 audit(524480.486:3074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  192.960082][   T29] audit: type=1326 audit(524480.496:3075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  193.409586][T12043] netlink: 'syz.5.3320': attribute type 3 has an invalid length.
[  193.548874][ T6477] Bluetooth: hci0: Frame reassembly failed (-84)
[  193.561896][T12026] loop9: detected capacity change from 0 to 512
[  193.585831][T12026] EXT4-fs: Ignoring removed bh option
[  193.618060][T12026] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  193.651709][ T6449] Bluetooth: hci1: Frame reassembly failed (-84)
[  193.662651][T12063] loop2: detected capacity change from 0 to 512
[  193.663598][T12026] EXT4-fs (loop9): 1 truncate cleaned up
[  193.683732][T12026] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.694014][T12063] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.750874][T12063] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  193.765476][T12063] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  193.796172][ T6605] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.816948][ T7472] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.864695][T12068] x_tables: ip6_tables: NETMAP.0 target: invalid size 40 (kernel) != (user) 0
[  193.884827][T12072] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3330'.
[  193.904655][T12074] loop2: detected capacity change from 0 to 512
[  193.923316][T12074] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.973809][ T7472] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.343982][T12095] loop4: detected capacity change from 0 to 256
[  194.655054][T12119] team_slave_0: entered promiscuous mode
[  194.661867][T12119] team_slave_1: entered promiscuous mode
[  194.674825][T12118] netlink: 'syz.9.3351': attribute type 10 has an invalid length.
[  194.693321][T12118] ipvlan0: entered allmulticast mode
[  194.699534][T12118] veth0_vlan: entered allmulticast mode
[  194.715891][T12118] team0: Device ipvlan0 failed to register rx_handler
[  194.726612][T12119] team_slave_0: left promiscuous mode
[  194.737980][T12119] team_slave_1: left promiscuous mode
[  194.871965][T12133] loop9: detected capacity change from 0 to 164
[  194.895538][T12133] Unable to read rock-ridge attributes
[  194.979190][T12140] netlink: 'syz.9.3362': attribute type 39 has an invalid length.
[  195.200077][T12153] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  195.336636][T12157] ip6_vti0 speed is unknown, defaulting to 1000
[  195.587957][ T5938] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  195.595627][T12061] Bluetooth: hci0: command 0x1003 tx timeout
[  195.604508][T12177] loop4: detected capacity change from 0 to 256
[  195.655749][T12177] FAT-fs (loop4): bogus number of FAT sectors
[  195.665521][ T5938] Bluetooth: hci1: command 0x1003 tx timeout
[  195.666047][T12177] FAT-fs (loop4): Can't find a valid FAT filesystem
[  195.677423][ T3840] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  195.779609][T12184] SELinux: failed to load policy
[  195.844979][ T6445] Bluetooth: hci0: Frame reassembly failed (-84)
[  195.859288][T12186] loop5: detected capacity change from 0 to 8192
[  195.909432][ T8918]  loop5: p2 p3 p4
[  195.919042][ T8918] loop5: p2 start 164919041 is beyond EOD, truncated
[  195.927065][ T8918] loop5: p3 size 66846464 extends beyond EOD, truncated
[  195.935907][T12194] loop9: detected capacity change from 0 to 1024
[  195.948451][ T8918] loop5: p4 size 37048832 extends beyond EOD, truncated
[  195.949707][T12194] EXT4-fs: Ignoring removed bh option
[  195.979511][T12186]  loop5: p2 p3 p4
[  195.984353][T12186] loop5: p2 start 164919041 is beyond EOD, truncated
[  195.997692][T12186] loop5: p3 size 66846464 extends beyond EOD, truncated
[  196.008945][T12186] loop5: p4 size 37048832 extends beyond EOD, truncated
[  196.020754][T12194] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.091402][T12201] loop5: detected capacity change from 0 to 1024
[  196.101459][T12201] EXT4-fs: Ignoring removed mblk_io_submit option
[  196.111175][T12194] loop9: detected capacity change from 1024 to 0
[  196.121129][ T8918] udevd[8918]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  196.123710][ T3511] udevd[3511]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  196.141582][T12202] EXT4-fs error (device loop9): ext4_get_inode_loc:4970: inode #18: block 9: comm syz.9.3386: unable to read itable block
[  196.168920][T12202] buffer_io_error: 15 callbacks suppressed
[  196.168938][T12202] Buffer I/O error on dev loop9, logical block 1, lost sync page write
[  196.196939][T12202] EXT4-fs (loop9): I/O error while writing superblock
[  196.200917][T12206] netlink: 104 bytes leftover after parsing attributes in process `syz.6.3389'.
[  196.204699][T12202] EXT4-fs (loop9): Remounting filesystem read-only
[  196.229677][T12201] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.288917][ T8918] udevd[8918]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  196.303148][T12201] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  196.304917][ T3511] udevd[3511]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  196.379360][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.408977][T12191] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.433490][T12195] Buffer I/O error on dev loop9, logical block 64, lost sync page write
[  196.575389][T12229] loop5: detected capacity change from 0 to 512
[  196.584705][T12229] EXT4-fs: Ignoring removed nobh option
[  196.596524][T12229] EXT4-fs (loop5): orphan cleanup on readonly fs
[  196.606554][ T6445] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.637834][T12229] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  196.655197][T12229] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it
[  196.667475][T12229] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.3400: Corrupt directory, running e2fsck is recommended
[  196.693273][T12229] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  196.739852][T12229] EXT4-fs error (device loop5): ext4_iget_extra_inode:5075: inode #15: comm syz.5.3400: corrupted in-inode xattr: invalid ea_ino
[  196.757824][ T6445] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.778415][T12229] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3400: couldn't read orphan inode 15 (err -117)
[  196.801846][T12229] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  196.849537][T12229] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  196.849578][T12229] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it
[  196.849597][T12229] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.3400: Corrupt directory, running e2fsck is recommended
[  196.851292][T12229] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  196.851376][T12229] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it
[  196.851394][T12229] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.3400: Corrupt directory, running e2fsck is recommended
[  196.852969][T12229] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  196.852995][T12229] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it
[  196.853091][T12229] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.3400: Corrupt directory, running e2fsck is recommended
[  196.854939][ T6445] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.870628][T12229] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  196.882548][T12232] ip6_vti0 speed is unknown, defaulting to 1000
[  196.884982][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.922923][ T6445] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.252032][T12260] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12260 comm=syz.4.3411
[  197.252058][T12260] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12260 comm=syz.4.3411
[  197.323805][ T6445] bridge_slave_1: left allmulticast mode
[  197.323826][ T6445] bridge_slave_1: left promiscuous mode
[  197.324109][ T6445] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.344889][ T6445] bridge_slave_0: left allmulticast mode
[  197.344943][ T6445] bridge_slave_0: left promiscuous mode
[  197.345045][ T6445] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.543610][T12274] loop5: detected capacity change from 0 to 512
[  197.560427][ T6445] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  197.573462][ T6445] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  197.574483][ T6445] bond0 (unregistering): Released all slaves
[  197.584862][T12274] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.644003][T12274] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.3417: corrupted inode contents
[  197.660282][T12274] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #2: comm syz.5.3417: mark_inode_dirty error
[  197.660456][T12274] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.3417: corrupted inode contents
[  197.660619][T12274] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.3417: mark_inode_dirty error
[  197.671536][T12232] chnl_net:caif_netlink_parms(): no params data found
[  197.715962][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.800342][ T6445] hsr_slave_0: left promiscuous mode
[  197.818940][ T6445] hsr_slave_1: left promiscuous mode
[  197.829995][ T6445] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  197.839056][ T6445] net_ratelimit: 10 callbacks suppressed
[  197.839079][ T6445] batadv0: mtu less than device minimum
[  197.853730][ T6445] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  197.865484][ T6445] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  197.879744][ T6445] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  197.893564][ T6445] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  197.905745][ T6445] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  197.917075][ T6445] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  197.917234][ T5938] Bluetooth: hci0: command 0x1003 tx timeout
[  197.932548][ T6445] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  197.938545][ T3840] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  197.950038][ T6445] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  197.969861][ T6445] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  197.986105][ T6445] batman_adv: batadv0: Removing interface: batadv_slave_0
[  198.068521][ T6445] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  198.086646][ T6445] batman_adv: batadv0: Removing interface: batadv_slave_1
[  198.122776][ T6445] batman_adv: batadv0: Interface deactivated: dummy0
[  198.123177][T12297] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3425'.
[  198.131850][ T6445] batman_adv: batadv0: Removing interface: dummy0
[  198.165157][ T6445] veth1_macvtap: left promiscuous mode
[  198.179171][ T6445] veth0_macvtap: left promiscuous mode
[  198.184709][T12297] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  198.198831][ T6445] veth1_vlan: left promiscuous mode
[  198.210873][ T6445] veth0_vlan: left promiscuous mode
[  198.321943][T12311] loop2: detected capacity change from 0 to 1024
[  198.352628][T12311] EXT4-fs: Ignoring removed nobh option
[  198.360443][T12311] EXT4-fs: inline encryption not supported
[  198.403906][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  198.403924][   T29] audit: type=1326 audit(524486.205:3112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12316 comm="syz.5.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  198.444777][ T6445] team0 (unregistering): Port device team_slave_1 removed
[  198.453795][   T29] audit: type=1326 audit(524486.245:3113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12316 comm="syz.5.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  198.484880][   T29] audit: type=1326 audit(524486.245:3114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12316 comm="syz.5.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  198.515029][   T29] audit: type=1326 audit(524486.245:3115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12316 comm="syz.5.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  198.550667][ T6445] team0 (unregistering): Port device team_slave_0 removed
[  198.585509][   T29] audit: type=1326 audit(524486.255:3116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12316 comm="syz.5.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  198.591265][T12311] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.613707][   T29] audit: type=1326 audit(524486.255:3117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12316 comm="syz.5.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  198.629990][T12327] netlink: 'syz.5.3436': attribute type 4 has an invalid length.
[  198.656877][   T29] audit: type=1326 audit(524486.255:3118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12316 comm="syz.5.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  198.725013][T12331] netlink: 'syz.5.3436': attribute type 4 has an invalid length.
[  198.742256][T12311] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  198.792898][ T7472] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.849149][T12341] program syz.2.3442 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  198.870942][T12232] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.880264][T12232] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.891838][T12232] bridge_slave_0: entered allmulticast mode
[  198.902561][T12232] bridge_slave_0: entered promiscuous mode
[  198.911757][T12232] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.921994][T12232] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.930490][T12232] bridge_slave_1: entered allmulticast mode
[  198.939183][T12232] bridge_slave_1: entered promiscuous mode
[  198.981580][   T29] audit: type=1400 audit(524486.772:3119): avc:  denied  { create } for  pid=12345 comm="syz.2.3444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  198.983401][T12232] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  199.073482][   T29] audit: type=1400 audit(524486.812:3120): avc:  denied  { bind } for  pid=12345 comm="syz.2.3444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  199.073492][T12232] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  199.098229][   T29] audit: type=1326 audit(524486.851:3121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12351 comm="syz.6.3448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1452ddf749 code=0x7ffc0000
[  199.189186][T12362] loop6: detected capacity change from 0 to 512
[  199.203435][T12362] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  199.215565][T12232] team0: Port device team_slave_0 added
[  199.224606][T12232] team0: Port device team_slave_1 added
[  199.243967][T12362] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.3452: iget: bad i_size value: 38620345925642
[  199.281571][T12362] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.3452: couldn't read orphan inode 15 (err -117)
[  199.316462][T12232] batman_adv: batadv0: Adding interface: batadv_slave_0
[  199.324014][T12232] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  199.358572][T12232] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  199.409635][T12362] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.441972][T12232] batman_adv: batadv0: Adding interface: batadv_slave_1
[  199.447654][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.450915][T12232] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  199.494258][T12232] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.658488][T12232] hsr_slave_0: entered promiscuous mode
[  199.668930][T12232] hsr_slave_1: entered promiscuous mode
[  199.677467][T12232] debugfs: 'hsr0' already exists in 'hsr'
[  199.684376][T12232] Cannot create hsr debugfs directory
[  199.694145][T12389] $Hÿ: renamed from bond0 (while UP)
[  199.742388][T12389] $Hÿ: entered promiscuous mode
[  199.744062][T12395] loop6: detected capacity change from 0 to 512
[  199.753703][T12389] bond_slave_0: entered promiscuous mode
[  199.753914][T12389] bond_slave_1: entered promiscuous mode
[  199.805038][T12395] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback.
[  199.886033][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0007-000000000000.
[  200.025114][ T6445] Bluetooth: hci0: Frame reassembly failed (-84)
[  200.296528][T12232] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  200.324397][T12232] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  200.351802][T12232] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  200.379658][T12232] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  200.456771][T12232] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.488822][T12232] 8021q: adding VLAN 0 to HW filter on device team0
[  200.543984][ T6449] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.553071][ T6449] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.604639][ T6445] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.617264][ T6445] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.749900][ T6483] Bluetooth: hci1: Frame reassembly failed (-84)
[  200.780555][T12232] 8021q: adding VLAN 0 to HW filter on device batadv0
[  200.962492][T12232] veth0_vlan: entered promiscuous mode
[  200.977700][T12232] veth1_vlan: entered promiscuous mode
[  200.994195][T12469] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  201.023859][T12232] veth0_macvtap: entered promiscuous mode
[  201.057211][T12232] veth1_macvtap: entered promiscuous mode
[  201.099518][T12477] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  201.113326][T12477] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.135478][T12232] batman_adv: batadv0: Interface activated: batadv_slave_0
[  201.156183][T12232] batman_adv: batadv0: Interface activated: batadv_slave_1
[  201.176489][ T6449] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.196329][T12477] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  201.210758][T12477] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.227995][ T6457] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.264454][ T6445] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.281552][T12477] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  201.295548][T12477] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.323898][ T6445] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.330884][T12486] loop9: detected capacity change from 0 to 7
[  201.333536][T12486] Buffer I/O error on dev loop9, logical block 0, async page read
[  201.333570][T12486] Buffer I/O error on dev loop9, logical block 0, async page read
[  201.333585][T12486]  loop9: unable to read partition table
[  201.333610][T12486] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  201.333610][T12486] 
) failed (rc=-5)
[  201.396479][T12477] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  201.396532][T12477] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.468111][ T6449] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  201.481739][ T6449] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.503037][ T6449] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  201.515429][ T6449] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.526686][ T6449] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  201.538130][ T6449] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.573681][ T6449] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  201.583192][ T6449] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.683942][T12505] netlink: 204 bytes leftover after parsing attributes in process `syz.2.3506'.
[  201.824689][T12516] loop4: detected capacity change from 0 to 512
[  201.838736][T12516] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  202.080174][T12525] SELinux: failed to load policy
[  202.098258][T12061] Bluetooth: hci0: command 0x1003 tx timeout
[  202.105829][ T3840] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  202.237228][T12529] loop6: detected capacity change from 0 to 8192
[  202.284029][T12529] FAT-fs (loop6): error, clusters badly computed (2 != 1)
[  202.294729][T12529] FAT-fs (loop6): Filesystem has been set read-only
[  202.775412][T12564] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3533'.
[  202.779961][ T3396] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  202.797426][ T3396] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  202.806554][ T3396] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  202.817295][ T3396] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  202.827002][ T3396] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  202.837115][ T3396] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  202.837259][ T5938] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  202.847214][ T3396] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  202.847241][ T3396] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  202.878071][ T3396] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  202.888624][ T3396] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  202.912275][ T3396] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  203.559891][   T29] kauditd_printk_skb: 27 callbacks suppressed
[  203.559907][   T29] audit: type=1326 audit(524491.339:3149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.1.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  203.612407][   T29] audit: type=1326 audit(524491.339:3150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.1.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  203.642683][   T29] audit: type=1326 audit(524491.339:3151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.1.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  203.671925][   T29] audit: type=1326 audit(524491.359:3152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.1.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  203.702597][   T29] audit: type=1326 audit(524491.359:3153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.1.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  203.736020][   T29] audit: type=1326 audit(524491.359:3154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.1.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  203.767508][   T29] audit: type=1326 audit(524491.359:3155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.1.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  203.797695][   T29] audit: type=1326 audit(524491.359:3156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.1.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  203.827532][   T29] audit: type=1326 audit(524491.359:3157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.1.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  203.858728][   T29] audit: type=1326 audit(524491.359:3158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.1.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  203.989357][T12606] loop1: detected capacity change from 0 to 128
[  204.023239][T12608] Falling back ldisc for ttyS3.
[  204.057922][T12606] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  204.077896][T12606] EXT4-fs error (device loop1): ext4_xattr_block_get:597: inode #2: comm syz.1.3552: corrupted xattr block 5: invalid header
[  204.105999][T12606] SELinux: (dev loop1, type ext4) getxattr errno 117
[  204.138798][T12606] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  204.235107][T12612] 9pnet: Could not find request transport: r
[  204.253059][T12624] loop4: detected capacity change from 0 to 128
[  204.287046][T12624] bio_check_eod: 100 callbacks suppressed
[  204.287067][T12624] syz.4.3558: attempt to access beyond end of device
[  204.287067][T12624] loop4: rw=2049, sector=154, nr_sectors = 6 limit=128
[  204.318977][T12624] syz.4.3558: attempt to access beyond end of device
[  204.318977][T12624] loop4: rw=2049, sector=158, nr_sectors = 2 limit=128
[  204.338778][T12624] Buffer I/O error on dev loop4, logical block 79, lost async page write
[  204.398941][T12624] syz.4.3558: attempt to access beyond end of device
[  204.398941][T12624] loop4: rw=2049, sector=160, nr_sectors = 2 limit=128
[  204.420632][T12624] Buffer I/O error on dev loop4, logical block 80, lost async page write
[  204.431128][T12624] syz.4.3558: attempt to access beyond end of device
[  204.431128][T12624] loop4: rw=2049, sector=162, nr_sectors = 6 limit=128
[  204.456341][T12632] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  204.465103][T12624] syz.4.3558: attempt to access beyond end of device
[  204.465103][T12624] loop4: rw=2049, sector=166, nr_sectors = 2 limit=128
[  204.471883][T12632] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.485777][T12624] Buffer I/O error on dev loop4, logical block 83, lost async page write
[  204.486007][T12624] syz.4.3558: attempt to access beyond end of device
[  204.486007][T12624] loop4: rw=2049, sector=168, nr_sectors = 2 limit=128
[  204.527569][T12624] Buffer I/O error on dev loop4, logical block 84, lost async page write
[  204.545596][T12624] syz.4.3558: attempt to access beyond end of device
[  204.545596][T12624] loop4: rw=2049, sector=186, nr_sectors = 6 limit=128
[  204.560742][T12624] syz.4.3558: attempt to access beyond end of device
[  204.560742][T12624] loop4: rw=2049, sector=190, nr_sectors = 2 limit=128
[  204.578952][T12624] Buffer I/O error on dev loop4, logical block 95, lost async page write
[  204.589217][T12624] syz.4.3558: attempt to access beyond end of device
[  204.589217][T12624] loop4: rw=2049, sector=192, nr_sectors = 2 limit=128
[  204.605922][T12624] Buffer I/O error on dev loop4, logical block 96, lost async page write
[  204.619455][T12624] syz.4.3558: attempt to access beyond end of device
[  204.619455][T12624] loop4: rw=2049, sector=194, nr_sectors = 6 limit=128
[  204.650102][T12632] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  204.662094][T12632] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.690027][T12624] Buffer I/O error on dev loop4, logical block 99, lost async page write
[  204.701712][T12624] Buffer I/O error on dev loop4, logical block 100, lost async page write
[  204.737987][T12632] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  204.751541][T12632] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.823947][T12632] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  204.836968][T12632] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.922011][ T6445] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  204.934313][ T6445] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  204.973425][ T6445] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  204.983646][ T6445] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.021665][ T6445] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  205.036111][ T6445] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.046056][T12658] random: crng reseeded on system resumption
[  205.083198][T12653] ip6_vti0 speed is unknown, defaulting to 1000
[  205.097103][ T6445] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  205.108519][ T6445] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.259626][T12676] loop5: detected capacity change from 0 to 128
[  205.486780][T12689] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3588'.
[  205.605819][T12701] loop2: detected capacity change from 0 to 512
[  205.634537][T12701] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.3594: inode has both inline data and extents flags
[  205.659182][T12701] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3594: couldn't read orphan inode 15 (err -117)
[  205.685623][T12701] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.781956][ T7472] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.842170][T12721] loop5: detected capacity change from 0 to 1024
[  205.887499][T12721] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  205.913908][T12721] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: comm syz.5.3602: lblock 0 mapped to illegal pblock 0 (length 1)
[  205.931934][T12721] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  205.950059][T12721] EXT4-fs (loop5): This should not happen!! Data will be lost
[  205.950059][T12721] 
[  205.984308][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  206.044399][T12731] syz_tun: refused to change device tx_queue_len
[  206.165251][T12741] netlink: 332 bytes leftover after parsing attributes in process `syz.2.3610'.
[  206.478880][T12773] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3627'.
[  206.616234][T12789] loop6: detected capacity change from 0 to 512
[  206.677511][T12789] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.3633: inode has both inline data and extents flags
[  206.709031][T12789] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.3633: couldn't read orphan inode 15 (err -117)
[  206.734373][T12802] loop1: detected capacity change from 0 to 128
[  206.741962][T12789] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.781905][ T3396] Process accounting resumed
[  206.816443][T12806] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3640'.
[  206.872122][T12802] buffer_io_error: 48 callbacks suppressed
[  206.872157][T12802] Buffer I/O error on dev loop1, logical block 79, lost async page write
[  206.906362][T12802] Buffer I/O error on dev loop1, logical block 80, lost async page write
[  206.933091][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.946645][T12802] Buffer I/O error on dev loop1, logical block 83, lost async page write
[  207.009441][T12802] Buffer I/O error on dev loop1, logical block 84, lost async page write
[  207.087616][T12802] Buffer I/O error on dev loop1, logical block 95, lost async page write
[  207.104996][T12802] Buffer I/O error on dev loop1, logical block 96, lost async page write
[  207.152190][T12802] Buffer I/O error on dev loop1, logical block 99, lost async page write
[  207.181770][T12802] Buffer I/O error on dev loop1, logical block 100, lost async page write
[  207.232695][T12802] Buffer I/O error on dev loop1, logical block 111, lost async page write
[  207.256685][T12802] Buffer I/O error on dev loop1, logical block 112, lost async page write
[  207.481038][T12854] wg2: entered promiscuous mode
[  207.488305][T12854] wg2: entered allmulticast mode
[  207.639796][T12868] tipc: Started in network mode
[  207.645129][T12868] tipc: Node identity 4, cluster identity 4711
[  207.657130][T12868] tipc: Node number set to 4
[  207.683498][T12867] loop6: detected capacity change from 0 to 512
[  207.783758][T12875] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  207.825160][T12867] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.3669: couldn't read orphan inode 26 (err -116)
[  207.915941][T12867] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.018406][T12867] EXT4-fs (loop6): shut down requested (2)
[  208.032384][T12895] syz.2.3678: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  208.051138][T12895] CPU: 0 UID: 0 PID: 12895 Comm: syz.2.3678 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  208.051235][T12895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  208.051248][T12895] Call Trace:
[  208.051257][T12895]  <TASK>
[  208.051266][T12895]  __dump_stack+0x1d/0x30
[  208.051289][T12895]  dump_stack_lvl+0xe8/0x140
[  208.051310][T12895]  dump_stack+0x15/0x1b
[  208.051326][T12895]  warn_alloc+0x12b/0x1a0
[  208.051500][T12895]  ? __rcu_read_unlock+0x4f/0x70
[  208.051533][T12895]  __vmalloc_node_range_noprof+0x9d/0xed0
[  208.051616][T12895]  ? __futex_wait+0x1fa/0x260
[  208.051640][T12895]  ? __pfx_futex_wake_mark+0x10/0x10
[  208.051664][T12895]  ? __rcu_read_unlock+0x4f/0x70
[  208.051763][T12895]  ? avc_has_perm_noaudit+0x1b1/0x200
[  208.051786][T12895]  ? should_fail_ex+0x30/0x280
[  208.051857][T12895]  ? xskq_create+0x36/0xe0
[  208.051884][T12895]  vmalloc_user_noprof+0x7d/0xb0
[  208.051954][T12895]  ? xskq_create+0x80/0xe0
[  208.051976][T12895]  xskq_create+0x80/0xe0
[  208.052000][T12895]  xsk_init_queue+0x95/0xf0
[  208.052025][T12895]  xsk_setsockopt+0x477/0x640
[  208.052083][T12895]  ? __pfx_xsk_setsockopt+0x10/0x10
[  208.052154][T12895]  __sys_setsockopt+0x184/0x200
[  208.052188][T12895]  __x64_sys_setsockopt+0x64/0x80
[  208.052284][T12895]  x64_sys_call+0x20ec/0x3000
[  208.052306][T12895]  do_syscall_64+0xd2/0x200
[  208.052326][T12895]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  208.052352][T12895]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  208.052455][T12895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.052477][T12895] RIP: 0033:0x7f0684f6f749
[  208.052510][T12895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.052528][T12895] RSP: 002b:00007f06839d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  208.052548][T12895] RAX: ffffffffffffffda RBX: 00007f06851c5fa0 RCX: 00007f0684f6f749
[  208.052560][T12895] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004
[  208.052599][T12895] RBP: 00007f0684ff3f91 R08: 0000000000000004 R09: 0000000000000000
[  208.052611][T12895] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  208.052623][T12895] R13: 00007f06851c6038 R14: 00007f06851c5fa0 R15: 00007ffd524b8f88
[  208.052641][T12895]  </TASK>
[  208.052647][T12895] Mem-Info:
[  208.365022][T12895] active_anon:7492 inactive_anon:12 isolated_anon:0
[  208.365022][T12895]  active_file:21324 inactive_file:2366 isolated_file:0
[  208.365022][T12895]  unevictable:0 dirty:262 writeback:0
[  208.365022][T12895]  slab_reclaimable:3769 slab_unreclaimable:20853
[  208.365022][T12895]  mapped:29194 shmem:257 pagetables:1488
[  208.365022][T12895]  sec_pagetables:0 bounce:0
[  208.365022][T12895]  kernel_misc_reclaimable:0
[  208.365022][T12895]  free:1867065 free_pcp:8497 free_cma:0
[  208.429623][T12895] Node 0 active_anon:29968kB inactive_anon:48kB active_file:85296kB inactive_file:9464kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:116776kB dirty:1048kB writeback:0kB shmem:1028kB kernel_stack:4672kB pagetables:5952kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  208.465155][T12895] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  208.504135][T12895] lowmem_reserve[]: 0 2881 7859 7859
[  208.510744][T12895] Node 0 DMA32 free:2946624kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950256kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:104kB free_cma:0kB
[  208.551259][T12895] lowmem_reserve[]: 0 0 4978 4978
[  208.558353][T12895] Node 0 Normal free:4506276kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:29968kB inactive_anon:48kB active_file:85296kB inactive_file:9464kB unevictable:0kB writepending:1048kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:30344kB local_pcp:19900kB free_cma:0kB
[  208.601922][T12895] lowmem_reserve[]: 0 0 0 0
[  208.608926][T12895] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  208.624137][T12895] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 2*16kB (M) 2*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946624kB
[  208.644566][T12895] Node 0 Normal: 1221*4kB (UM) 828*8kB (UME) 615*16kB (UME) 138*32kB (UME) 125*64kB (UME) 156*128kB (UME) 85*256kB (UM) 46*512kB (UME) 100*1024kB (UME) 46*2048kB (UME) 1028*4096kB (UM) = 4506340kB
[  208.670997][T12895] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  208.682704][T12895] 23952 total pagecache pages
[  208.690729][T12895] 15 pages in swap cache
[  208.697640][T12895] Free swap  = 124936kB
[  208.702102][T12895] Total swap = 124996kB
[  208.709184][T12895] 2097051 pages RAM
[  208.715280][T12895] 0 pages HighMem/MovableOnly
[  208.722263][T12895] 81087 pages reserved
[  208.732610][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.765912][ T6458] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.855974][   T29] kauditd_printk_skb: 93 callbacks suppressed
[  208.856041][   T29] audit: type=1326 audit(524496.605:3252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12912 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  208.894580][   T29] audit: type=1326 audit(524496.605:3253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12912 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  208.929758][   T29] audit: type=1326 audit(524496.605:3254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12912 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  208.961284][   T29] audit: type=1326 audit(524496.605:3255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12912 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  208.998830][   T29] audit: type=1326 audit(524496.605:3256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12912 comm="syz.2.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0684f6f749 code=0x7ffc0000
[  209.038330][ T6458] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.083429][ T6458] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.101255][T12917] program syz.6.3687 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  209.129466][T12922] loop4: detected capacity change from 0 to 128
[  209.164859][T12922] FAT-fs (loop4): error, invalid access to FAT (entry 0x0fff0000)
[  209.165703][ T6458] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.176197][T12922] FAT-fs (loop4): Filesystem has been set read-only
[  209.211381][   T29] audit: type=1400 audit(524496.964:3257): avc:  denied  { create } for  pid=12927 comm="syz.1.3693" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  209.239765][   T29] audit: type=1326 audit(524496.964:3258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12927 comm="syz.1.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  209.274403][   T29] audit: type=1326 audit(524496.964:3259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12927 comm="syz.1.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  209.304499][   T29] audit: type=1326 audit(524496.984:3260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12927 comm="syz.1.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7fdd5252f749 code=0x7ffc0000
[  209.336600][   T29] audit: type=1400 audit(524496.984:3261): avc:  denied  { write } for  pid=12927 comm="syz.1.3693" name="file0" dev="tmpfs" ino=191 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  209.383036][T12936] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3697'.
[  209.414918][T12936] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  209.475322][T12941] tipc: Started in network mode
[  209.480958][T12941] tipc: Node identity 4, cluster identity 4711
[  209.481336][T12943] loop2: detected capacity change from 0 to 512
[  209.490325][T12941] tipc: Node number set to 4
[  209.533951][T12947] net_ratelimit: 30 callbacks suppressed
[  209.534048][T12947] IPVS: sh: SCTP 172.20.20.187:0 - no destination available
[  209.558739][ T3403] IPVS: starting estimator thread 0...
[  209.598043][T12934] program syz.6.3696 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  209.612084][T12943] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.657417][ T6458] bridge_slave_1: left allmulticast mode
[  209.664436][ T6458] bridge_slave_1: left promiscuous mode
[  209.673597][ T6458] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.682365][T12948] IPVS: using max 3072 ests per chain, 153600 per kthread
[  209.708122][T12952] atomic_op ffff88812916d928 conn xmit_atomic 0000000000000000
[  209.723480][ T6458] bridge_slave_0: left allmulticast mode
[  209.731935][ T6458] bridge_slave_0: left promiscuous mode
[  209.740139][ T6458] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.878408][T12964] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3707'.
[  209.896889][ T7472] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.948992][T12967] loop6: detected capacity change from 0 to 2048
[  209.968503][ T6458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.010193][T12967] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.029904][ T6458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.057247][ T6458] bond0 (unregistering): Released all slaves
[  210.079174][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.121649][T12976] IPVS: sh: SCTP 172.20.20.187:0 - no destination available
[  210.135035][T12978] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3713'.
[  210.144640][ T3396] IPVS: starting estimator thread 0...
[  210.234990][T12979] IPVS: using max 3168 ests per chain, 158400 per kthread
[  210.259214][ T6458] hsr_slave_0: left promiscuous mode
[  210.275821][ T6458] hsr_slave_1: left promiscuous mode
[  210.278270][T12991] loop5: detected capacity change from 0 to 512
[  210.290077][ T6458] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.299141][ T6458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.355915][T12991] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.390730][ T6458] veth1_macvtap: left promiscuous mode
[  210.398968][T13001] loop2: detected capacity change from 0 to 2048
[  210.405759][ T6458] veth0_macvtap: left promiscuous mode
[  210.412985][ T6458] veth1_vlan: left promiscuous mode
[  210.426465][ T6458] veth0_vlan: left promiscuous mode
[  210.489479][T13001] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.519353][T13006] tls_set_device_offload_rx: netdev not found
[  210.568853][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.615820][ T6458] team0 (unregistering): Port device team_slave_1 removed
[  210.640818][ T6458] team0 (unregistering): Port device team_slave_0 removed
[  210.683413][T13010] loop1: detected capacity change from 0 to 2048
[  210.693781][T13012] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.707832][ T7472] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.720167][T13012] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.778676][T13010] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.907920][ T6449] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  210.959729][T13030] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3736'.
[  210.972780][T13030] netlink: 'syz.4.3736': attribute type 7 has an invalid length.
[  210.994926][ T6449] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  210.998659][T13022] Process accounting resumed
[  211.010654][ T6449] EXT4-fs (loop1): This should not happen!! Data will be lost
[  211.010654][ T6449] 
[  211.021647][T13030] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3736'.
[  211.028708][ T6449] EXT4-fs (loop1): Total free blocks count 0
[  211.028793][ T6449] EXT4-fs (loop1): Free/Dirty block details
[  211.028806][ T6449] EXT4-fs (loop1): free_blocks=2415919504
[  211.041510][T13030] netlink: 'syz.4.3736': attribute type 7 has an invalid length.
[  211.048252][ T6449] EXT4-fs (loop1): dirty_blocks=16
[  211.081778][ T6449] EXT4-fs (loop1): Block reservation details
[  211.090313][ T6449] EXT4-fs (loop1): i_reserved_data_blocks=1
[  211.115427][T13032] loop6: detected capacity change from 0 to 128
[  211.124039][T13032] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  211.142991][T12232] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.159523][T13032] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  211.173856][T13034] team_slave_0: entered promiscuous mode
[  211.180202][T13034] team_slave_1: entered promiscuous mode
[  211.205692][T13034] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  211.223152][T13034] team0: Device macvtap1 is already an upper device of the team interface
[  211.237610][T13034] team_slave_0: left promiscuous mode
[  211.246266][T13034] team_slave_1: left promiscuous mode
[  211.252650][ T6483] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  211.381734][T13050] loop1: detected capacity change from 0 to 512
[  211.389011][T13050] EXT4-fs: Ignoring removed bh option
[  211.431129][T13050] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.488894][T12232] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.522456][T13067] sd 0:0:1:0: device reset
[  211.596918][T13075] loop2: detected capacity change from 0 to 512
[  211.604806][T13075] EXT4-fs: Ignoring removed oldalloc option
[  211.682999][T13075] EXT4-fs (loop2): 1 truncate cleaned up
[  211.701541][T13075] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.815292][T13089] loop1: detected capacity change from 0 to 512
[  211.841540][ T7472] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.861136][T13089] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.3760: error while reading EA inode 32 err=-116
[  211.882079][T13089] EXT4-fs (loop1): Remounting filesystem read-only
[  211.915779][T13089] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  211.938136][T13089] EXT4-fs (loop1): 1 orphan inode deleted
[  211.945180][T13089] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.965595][T13089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.101348][T13112] netlink: 7 bytes leftover after parsing attributes in process `syz.1.3772'.
[  212.206610][T13123] loop1: detected capacity change from 0 to 128
[  212.344541][T13134] loop1: detected capacity change from 0 to 128
[  212.476396][T13145] loop4: detected capacity change from 0 to 128
[  212.684512][ T6483] bio_check_eod: 116 callbacks suppressed
[  212.684606][ T6483] kworker/u8:63: attempt to access beyond end of device
[  212.684606][ T6483] loop4: rw=1, sector=153, nr_sectors = 8 limit=128
[  212.732616][ T6483] kworker/u8:63: attempt to access beyond end of device
[  212.732616][ T6483] loop4: rw=1, sector=169, nr_sectors = 8 limit=128
[  212.757989][ T6483] kworker/u8:63: attempt to access beyond end of device
[  212.757989][ T6483] loop4: rw=1, sector=185, nr_sectors = 8 limit=128
[  212.780680][ T6483] kworker/u8:63: attempt to access beyond end of device
[  212.780680][ T6483] loop4: rw=1, sector=201, nr_sectors = 8 limit=128
[  212.805807][ T6483] kworker/u8:63: attempt to access beyond end of device
[  212.805807][ T6483] loop4: rw=1, sector=217, nr_sectors = 8 limit=128
[  212.844200][T13169] random: crng reseeded on system resumption
[  212.876590][ T6483] kworker/u8:63: attempt to access beyond end of device
[  212.876590][ T6483] loop4: rw=1, sector=233, nr_sectors = 8 limit=128
[  212.913069][ T6483] kworker/u8:63: attempt to access beyond end of device
[  212.913069][ T6483] loop4: rw=1, sector=249, nr_sectors = 8 limit=128
[  212.950973][ T6483] kworker/u8:63: attempt to access beyond end of device
[  212.950973][ T6483] loop4: rw=1, sector=265, nr_sectors = 8 limit=128
[  212.974711][ T6483] kworker/u8:63: attempt to access beyond end of device
[  212.974711][ T6483] loop4: rw=1, sector=281, nr_sectors = 8 limit=128
[  212.998114][T13184] loop1: detected capacity change from 0 to 1024
[  213.009472][ T6483] kworker/u8:63: attempt to access beyond end of device
[  213.009472][ T6483] loop4: rw=1, sector=297, nr_sectors = 8 limit=128
[  213.055452][T13184] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.102711][T13199] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3805'.
[  213.123980][T13198] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  213.159421][T12232] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.404793][T13238] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  213.436225][T13238] SELinux: failed to load policy
[  213.483294][T13252] netlink: 830 bytes leftover after parsing attributes in process `syz.4.3819'.
[  213.517129][T13256] IPv6: Can't replace route, no match found
[  213.866693][T13307] syzkaller1: entered promiscuous mode
[  213.873612][T13307] syzkaller1: entered allmulticast mode
[  214.149134][T13361] loop4: detected capacity change from 0 to 256
[  214.398398][   T29] kauditd_printk_skb: 62 callbacks suppressed
[  214.398413][   T29] audit: type=1326 audit(524502.122:3324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13383 comm="syz.4.3854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  214.444713][   T29] audit: type=1326 audit(524502.162:3325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13383 comm="syz.4.3854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  214.472977][   T29] audit: type=1326 audit(524502.162:3326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13383 comm="syz.4.3854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  214.499888][   T29] audit: type=1326 audit(524502.162:3327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13383 comm="syz.4.3854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  214.532445][   T29] audit: type=1326 audit(524502.162:3328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13383 comm="syz.4.3854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  214.567651][   T29] audit: type=1326 audit(524502.162:3329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13383 comm="syz.4.3854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  214.596484][   T29] audit: type=1326 audit(524502.162:3330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13383 comm="syz.4.3854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  214.622764][   T29] audit: type=1326 audit(524502.162:3331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13383 comm="syz.4.3854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  214.657533][   T29] audit: type=1326 audit(524502.172:3332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13383 comm="syz.4.3854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  214.690299][   T29] audit: type=1326 audit(524502.172:3333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13383 comm="syz.4.3854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a344f749 code=0x7ffc0000
[  214.742520][T13392] loop2: detected capacity change from 0 to 512
[  214.752551][T13392] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  215.018481][T13435] loop5: detected capacity change from 0 to 2048
[  215.021354][T13439] loop2: detected capacity change from 0 to 1764
[  215.091675][ T8918]  loop5: p1 < > p4
[  215.100434][ T8918] loop5: p4 size 8388608 extends beyond EOD, truncated
[  215.116248][T13435]  loop5: p1 < > p4
[  215.122648][T13435] loop5: p4 size 8388608 extends beyond EOD, truncated
[  215.160164][T13435] bridge0: entered promiscuous mode
[  215.175523][T13435] macsec1: entered promiscuous mode
[  215.196674][T13435] bridge0: port 4(macsec1) entered blocking state
[  215.206689][T13435] bridge0: port 4(macsec1) entered disabled state
[  215.220684][T13435] macsec1: entered allmulticast mode
[  215.226573][T13435] bridge0: entered allmulticast mode
[  215.250456][T13435] macsec1: left allmulticast mode
[  215.255775][T13435] bridge0: left allmulticast mode
[  215.279977][T13435] bridge0: left promiscuous mode
[  215.294316][T13480] netlink: 'syz.6.3874': attribute type 4 has an invalid length.
[  215.321622][T13473] netlink: 'syz.6.3874': attribute type 4 has an invalid length.
[  215.434607][T13497] loop6: detected capacity change from 0 to 764
[  215.500901][T13497] rock: directory entry would overflow storage
[  215.503199][T13511] netlink: 'syz.1.3885': attribute type 10 has an invalid length.
[  215.509211][T13497] rock: sig=0x4f50, size=4, remaining=3
[  215.526531][T13497] iso9660: Corrupted directory entry in block 6 of inode 1792
[  215.533436][T13511] batadv0: entered allmulticast mode
[  215.563233][T13511] 8021q: adding VLAN 0 to HW filter on device batadv0
[  215.575846][T13511] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  215.615799][T13523] netlink: 'syz.1.3885': attribute type 10 has an invalid length.
[  215.624710][T13523] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3885'.
[  215.697393][T13523] batadv0: entered promiscuous mode
[  215.708085][T13523] bond0: (slave batadv0): Releasing backup interface
[  215.729384][T13523] bridge0: port 3(batadv0) entered blocking state
[  215.737549][T13523] bridge0: port 3(batadv0) entered disabled state
[  215.834480][T13551] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3895'.
[  215.860861][T13558] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13558 comm=syz.6.3898
[  215.879247][ T6444] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  215.890134][ T6444] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  215.927016][T13563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3899'.
[  216.067812][T13587] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  216.139158][T13596] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3908'.
[  216.345832][T13648] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3919'.
[  216.380365][T13638] Falling back ldisc for ttyS3.
[  216.572054][T13685] loop4: detected capacity change from 0 to 128
[  216.581901][T13685] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  216.631731][ T6445] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  216.723856][T13706] loop4: detected capacity change from 0 to 512
[  216.742724][T13706] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.3936: inode has both inline data and extents flags
[  216.773095][T13706] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3936: couldn't read orphan inode 15 (err -117)
[  216.792993][T13706] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.848599][ T7665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.082465][T13745] loop4: detected capacity change from 0 to 164
[  217.162363][T13754] IPv6: Can't replace route, no match found
[  217.383285][T13773] loop6: detected capacity change from 0 to 512
[  217.454136][T13773] EXT4-fs error (device loop6): ext4_get_journal_inode:5808: comm syz.6.3954: inode #1792: comm syz.6.3954: iget: illegal inode #
[  217.514804][T13773] EXT4-fs (loop6): Remounting filesystem read-only
[  217.522766][T13773] EXT4-fs (loop6): no journal found
[  217.529083][T13773] EXT4-fs (loop6): can't get journal size
[  217.555713][T13773] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  217.580930][T13773] EXT4-fs (loop6): Errors on filesystem, clearing orphan list.
[  217.614584][T13773] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.664364][T13791] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3958'.
[  217.693551][T13791] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3958'.
[  217.707322][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.814648][T13801] loop4: detected capacity change from 0 to 512
[  217.847251][T13801] EXT4-fs: Ignoring removed oldalloc option
[  217.876535][T13801] EXT4-fs (loop4): 1 truncate cleaned up
[  217.886556][T13801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.939198][ T7665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.021642][T13822] binfmt_misc: register: failed to install interpreter file ./file2
[  218.176874][T13840] loop4: detected capacity change from 0 to 1024
[  218.202239][T13840] EXT4-fs: Ignoring removed orlov option
[  218.262143][T13840] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.363615][T13857] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  218.433491][T13861] atomic_op ffff888110388d28 conn xmit_atomic 0000000000000000
[  218.716230][T13891] loop6: detected capacity change from 0 to 164
[  218.762146][T13891] Unable to read rock-ridge attributes
[  219.054787][T13911] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3992'.
[  219.160991][ T7665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.306377][T13931] rdma_op ffff88810f8a3980 conn xmit_rdma 0000000000000000
[  219.416483][T13949] netlink: 'syz.6.4003': attribute type 1 has an invalid length.
[  219.427563][T13949] netlink: 'syz.6.4003': attribute type 6 has an invalid length.
[  219.438188][T13949] netlink: 'syz.6.4003': attribute type 3 has an invalid length.
[  219.450367][T13949] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4003'.
[  219.756838][T13966] bond1: entered promiscuous mode
[  219.812532][T14005] pimreg: entered allmulticast mode
[  219.909178][T14005] pimreg: left allmulticast mode
[  219.942318][T14013] netlink: 'syz.1.4013': attribute type 3 has an invalid length.
[  220.101142][T14030] loop6: detected capacity change from 0 to 512
[  220.119608][T14030] ------------[ cut here ]------------
[  220.126184][T14030] EA inode 11 i_nlink=2
[  220.126442][T14030] WARNING: CPU: 1 PID: 14030 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380
[  220.143855][T14030] Modules linked in:
[  220.149239][T14030] CPU: 1 UID: 0 PID: 14030 Comm: syz.6.4021 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  220.161277][T14030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  220.175029][T14030] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380
[  220.182229][T14030] Code: 90 49 8d 7e 40 e8 06 f8 b8 ff 4d 8b 6e 40 4c 89 e7 e8 1a f3 b8 ff 41 8b 56 48 48 c7 c7 a5 d6 55 86 4c 89 ee e8 07 f4 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 88 f2 b5 03 0f 1f 84 00 00 00 00 00
[  220.206572][T14030] RSP: 0018:ffffc9000116f5a0 EFLAGS: 00010246
[  220.215071][T14030] RAX: bb99741a86f93300 RBX: ffff88811aa90eb0 RCX: 0000000000080000
[  220.226429][T14030] RDX: ffffc9000eeff000 RSI: 0000000000003f19 RDI: 0000000000003f1a
[  220.229551][T14040] loop1: detected capacity change from 0 to 164
[  220.236942][T14030] RBP: 0000000000000002 R08: 0001c9000116f427 R09: 0000000000000000
[  220.236970][T14030] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811aa90e60
[  220.236985][T14030] R13: 000000000000000b R14: ffff88811aa90e18 R15: 0000000000000001
[  220.236999][T14030] FS:  00007f145183f6c0(0000) GS:ffff8882aef11000(0000) knlGS:0000000000000000
[  220.259965][T14038] loop5: detected capacity change from 0 to 164
[  220.265415][T14030] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  220.265440][T14030] CR2: 00007f11a3d156c0 CR3: 000000011ae84000 CR4: 00000000003506f0
[  220.311559][T14030] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  220.320410][T14030] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  220.321173][T14038] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  220.330258][T14030] Call Trace:
[  220.341595][T14040] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  220.344266][T14030]  <TASK>
[  220.356813][T14030]  ext4_xattr_set_entry+0x77f/0x1020
[  220.363968][T14030]  ext4_xattr_ibody_set+0x184/0x3c0
[  220.370532][T14030]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[  220.378945][T14030]  __ext4_expand_extra_isize+0x246/0x280
[  220.385308][T14030]  __ext4_mark_inode_dirty+0x29d/0x3f0
[  220.392182][T14030]  ext4_evict_inode+0x80e/0xd90
[  220.398516][T14030]  ? __pfx_ext4_evict_inode+0x10/0x10
[  220.404347][T14030]  evict+0x2e3/0x550
[  220.409069][T14030]  ? __dquot_initialize+0x146/0x7c0
[  220.416289][T14030]  iput+0x4ed/0x650
[  220.421200][T14030]  ext4_process_orphan+0x1a9/0x1c0
[  220.427555][T14030]  ext4_orphan_cleanup+0x6a8/0xa00
[  220.435094][T14030]  ext4_fill_super+0x3483/0x3810
[  220.441715][T14030]  ? snprintf+0x86/0xb0
[  220.447891][T14030]  ? set_blocksize+0x1a8/0x310
[  220.448155][T14038] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  220.455329][T14030]  ? sb_set_blocksize+0xe3/0x100
[  220.472000][T14030]  ? setup_bdev_super+0x30e/0x370
[  220.477809][T14030]  ? __pfx_ext4_fill_super+0x10/0x10
[  220.483603][T14030]  get_tree_bdev_flags+0x291/0x300
[  220.488981][T14030]  ? __pfx_ext4_fill_super+0x10/0x10
[  220.496463][T14030]  get_tree_bdev+0x1f/0x30
[  220.499281][T14038] Symlink component flag not implemented
[  220.502061][T14030]  ext4_get_tree+0x1c/0x30
[  220.509442][T14038] Symlink component flag not implemented
[  220.515306][T14030]  vfs_get_tree+0x57/0x1d0
[  220.515345][T14030]  do_new_mount+0x24d/0x660
[  220.515423][T14030]  path_mount+0x4a5/0xb70
[  220.525143][T14040] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  220.530116][T14030]  ? user_path_at+0x109/0x130
[  220.536237][T14040] Symlink component flag not implemented
[  220.540447][T14030]  __se_sys_mount+0x28c/0x2e0
[  220.550220][T14040] Symlink component flag not implemented
[  220.556999][T14030]  __x64_sys_mount+0x67/0x80
[  220.564455][T14038] Symlink component flag not implemented (7)
[  220.569014][T14030]  x64_sys_call+0x2b51/0x3000
[  220.578313][T14038] Symlink component flag not implemented (116)
[  220.583416][T14030]  do_syscall_64+0xd2/0x200
[  220.595073][T14040] Symlink component flag not implemented (7)
[  220.601485][T14030]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  220.608860][T14040] Symlink component flag not implemented (116)
[  220.614650][T14030]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  220.644501][T14030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.653467][T14030] RIP: 0033:0x7f1452de0eea
[  220.658849][T14030] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.683775][T14030] RSP: 002b:00007f145183ee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  220.696181][T14030] RAX: ffffffffffffffda RBX: 00007f145183eef0 RCX: 00007f1452de0eea
[  220.707773][T14030] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f145183eeb0
[  220.718696][T14030] RBP: 0000200000000180 R08: 00007f145183eef0 R09: 0000000000800700
[  220.730300][T14030] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  220.739995][T14030] R13: 00007f145183eeb0 R14: 000000000000046f R15: 000000000000002c
[  220.750995][T14030]  </TASK>
[  220.755447][T14030] ---[ end trace 0000000000000000 ]---
[  220.763560][T14030] EXT4-fs error (device loop6): ext4_xattr_inode_iget:441: inode #18: comm syz.6.4021: iget: bad extra_isize 90 (inode size 256)
[  220.782398][T14030] EXT4-fs (loop6): Remounting filesystem read-only
[  220.790140][T14030] EXT4-fs warning (device loop6): ext4_evict_inode:274: xattr delete (err -30)
[  220.802591][T14030] EXT4-fs (loop6): 1 orphan inode deleted
[  220.811853][T14030] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.845493][   T29] kauditd_printk_skb: 74 callbacks suppressed
[  220.845510][   T29] audit: type=1326 audit(524508.548:3408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14048 comm="syz.5.4026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  220.892102][   T29] audit: type=1326 audit(524508.598:3409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14048 comm="syz.5.4026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  220.920055][   T29] audit: type=1326 audit(524508.598:3410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14048 comm="syz.5.4026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  220.950429][   T29] audit: type=1326 audit(524508.598:3411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14048 comm="syz.5.4026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  220.979235][   T29] audit: type=1326 audit(524508.598:3412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14048 comm="syz.5.4026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  221.009394][   T29] audit: type=1326 audit(524508.598:3413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14048 comm="syz.5.4026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  221.037138][   T29] audit: type=1326 audit(524508.598:3414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14048 comm="syz.5.4026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  221.065807][   T29] audit: type=1326 audit(524508.627:3415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14048 comm="syz.5.4026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  221.095340][   T29] audit: type=1326 audit(524508.627:3416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14048 comm="syz.5.4026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  221.122298][   T29] audit: type=1326 audit(524508.627:3417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14048 comm="syz.5.4026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a2f8f749 code=0x7ffc0000
[  221.151506][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.247954][T14070] SELinux:  policydb version 0 does not match my version range 15-35
[  221.264391][T14070] SELinux: failed to load policy
[  221.303485][T14079] netlink: 'syz.4.4038': attribute type 3 has an invalid length.
[  221.338885][T14081] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4039'.
[  221.359299][T14081] netlink: 312 bytes leftover after parsing attributes in process `syz.1.4039'.
[  221.372190][T14081] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4039'.
[  221.567410][T14102] loop5: detected capacity change from 0 to 512
[  221.719352][T14102] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.744885][T14102] EXT4-fs error (device loop5): ext4_empty_dir:3077: inode #12: comm syz.5.4047: invalid size
[  221.759161][T14102] EXT4-fs (loop5): Remounting filesystem read-only
[  221.789788][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.802248][ T6445] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  221.821801][T14126] loop2: detected capacity change from 0 to 128
[  221.844413][T14127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4058'.
[  221.856871][T14127] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4058'.
[  221.885992][T14127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4058'.
[  221.956719][T14142] loop2: detected capacity change from 0 to 1024
[  221.986050][T14142] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  222.036869][T14142] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: comm syz.2.4062: lblock 0 mapped to illegal pblock 0 (length 4)
[  222.056604][T14144] ip6_vti0 speed is unknown, defaulting to 1000
[  222.094374][T14142] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117
[  222.110653][T14142] EXT4-fs (loop2): This should not happen!! Data will be lost
[  222.110653][T14142] 
[  222.219972][ T6466] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 4: comm kworker/u8:48: lblock 4 mapped to illegal pblock 4 (length 2)
[  222.337352][ T6466] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 117
[  222.352057][ T6466] EXT4-fs (loop2): This should not happen!! Data will be lost
[  222.352057][ T6466] 
[  222.446213][ T6474] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:55: bg 0: block 112: padding at end of block bitmap is not set
[  222.481917][ T6474] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  222.498324][ T6474] EXT4-fs (loop2): This should not happen!! Data will be lost
[  222.498324][ T6474] 
[  222.543604][ T7472] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  222.576616][T14182] loop1: detected capacity change from 0 to 164
[  222.639229][T14192] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  222.639315][T14193] loop1: detected capacity change from 0 to 512
[  222.673796][T14192] SELinux: failed to load policy
[  222.687705][T14193] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  222.740680][T14200] netlink: 'syz.2.4073': attribute type 27 has an invalid length.
[  222.850153][T14200] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.858781][T14200] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.997180][T14200] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  223.014532][T14200] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  223.052335][T14218] netlink: 'syz.5.4080': attribute type 21 has an invalid length.
[  223.073938][T14200] ip6gre1: left allmulticast mode
[  223.095660][T14218] __nla_validate_parse: 1 callbacks suppressed
[  223.095745][T14218] netlink: 156 bytes leftover after parsing attributes in process `syz.5.4080'.
[  223.121104][ T6430] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  223.137911][ T6430] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  223.165075][T14228] IPVS: sync thread started: state = BACKUP, mcast_ifn = macvlan0, syncid = 0, id = 0
[  223.216242][ T6430] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  223.234329][ T6430] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  223.282161][T14236] loop5: detected capacity change from 0 to 512
[  223.337272][T14236] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.355771][ T6430] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  223.367209][ T6430] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  223.381417][T14230] loop6: detected capacity change from 0 to 8192
[  223.399608][ T6430] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  223.414899][ T6430] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  223.459004][T14247] loop1: detected capacity change from 0 to 1024
[  223.498266][ T8212] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.517627][T14247] EXT4-fs: Ignoring removed orlov option
[  223.535579][T14247] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  223.622914][T14267] netlink: 'syz.6.4094': attribute type 1 has an invalid length.
[  223.634620][T14247] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  223.657719][T14247] EXT4-fs (loop1): This should not happen!! Data will be lost
[  223.657719][T14247] 
[  223.673420][T14247] EXT4-fs (loop1): Total free blocks count 0
[  223.683076][T14247] EXT4-fs (loop1): Free/Dirty block details
[  223.690774][T14247] EXT4-fs (loop1): free_blocks=0
[  223.696582][T14247] EXT4-fs (loop1): dirty_blocks=0
[  223.702761][T14247] EXT4-fs (loop1): Block reservation details
[  223.703676][T14267] 8021q: adding VLAN 0 to HW filter on device bond1
[  223.714432][T14247] EXT4-fs (loop1): i_reserved_data_blocks=0
[  223.836348][T14316] netlink: 'syz.4.4098': attribute type 1 has an invalid length.
[  223.920441][T14332] loop6: detected capacity change from 0 to 1024
[  223.944861][T14335] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4106'.
[  223.963887][T14332] EXT4-fs mount: 2 callbacks suppressed
[  223.963906][T14332] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  224.019044][T14332] EXT4-fs error (device loop6): ext4_map_blocks:814: inode #15: comm syz.6.4105: lblock 0 mapped to illegal pblock 0 (length 6)
[  224.038721][T14332] EXT4-fs error (device loop6): ext4_map_blocks:814: inode #15: comm syz.6.4105: lblock 0 mapped to illegal pblock 0 (length 1)
[  224.091826][T14332] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  224.108756][T14332] EXT4-fs (loop6): This should not happen!! Data will be lost
[  224.108756][T14332] 
[  224.165021][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  224.249081][T14369] netlink: 104 bytes leftover after parsing attributes in process `syz.5.4119'.
[  224.318237][T14390] loop2: detected capacity change from 0 to 1024
[  224.333083][T14390] EXT4-fs: Ignoring removed orlov option
[  224.348648][T14390] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.741939][T14419] loop6: detected capacity change from 0 to 1024
[  224.756648][T14419] EXT4-fs: Ignoring removed orlov option
[  224.764103][T14419] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  224.779053][T14390] ==================================================================
[  224.791844][T14390] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[  224.799931][T14390] 
[  224.802364][T14390] write to 0xffff88811aa35844 of 4 bytes by task 14405 on cpu 1:
[  224.813317][T14390]  xas_set_mark+0x12b/0x140
[  224.818166][T14390]  __folio_start_writeback+0x155/0x390
[  224.824460][T14390]  ext4_bio_write_folio+0x5ad/0x9f0
[  224.832942][T14390]  mpage_process_page_bufs+0x4a1/0x620
[  224.840270][T14390]  mpage_prepare_extent_to_map+0x786/0xc00
[  224.847892][T14390]  ext4_do_writepages+0xa05/0x2750
[  224.855132][T14390]  ext4_writepages+0x176/0x300
[  224.860855][T14390]  do_writepages+0x1c6/0x310
[  224.867304][T14390]  file_write_and_wait_range+0x156/0x2c0
[  224.874743][T14390]  generic_buffers_fsync_noflush+0x45/0x120
[  224.881684][T14390]  ext4_sync_file+0x1ab/0x690
[  224.887183][T14390]  vfs_fsync_range+0x10d/0x130
[  224.895089][T14390]  ext4_buffered_write_iter+0x34f/0x3c0
[  224.901545][T14390]  ext4_file_write_iter+0x387/0xf60
[  224.910585][T14390]  iter_file_splice_write+0x666/0xa60
[  224.916733][T14390]  direct_splice_actor+0x156/0x2a0
[  224.923130][T14390]  splice_direct_to_actor+0x312/0x680
[  224.931038][T14390]  do_splice_direct+0xda/0x150
[  224.938821][T14390]  do_sendfile+0x380/0x650
[  224.944143][T14390]  __x64_sys_sendfile64+0x105/0x150
[  224.951276][T14390]  x64_sys_call+0x2bb4/0x3000
[  224.956852][T14390]  do_syscall_64+0xd2/0x200
[  224.963490][T14390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.972586][T14390] 
[  224.975439][T14390] read to 0xffff88811aa35844 of 4 bytes by task 14390 on cpu 0:
[  224.984544][T14390]  xas_find_marked+0x5dc/0x620
[  224.992346][T14390]  find_get_entry+0x5d/0x380
[  224.998607][T14390]  filemap_get_folios_tag+0x92/0x210
[  225.004433][T14390]  filemap_fdatawait_range+0x88/0x1d0
[  225.011572][T14390]  __writeback_single_inode+0xdb/0x7c0
[  225.018912][T14390]  writeback_single_inode+0x16d/0x3f0
[  225.024755][T14390]  sync_inode_metadata+0x5b/0x90
[  225.033347][T14390]  generic_buffers_fsync_noflush+0xd9/0x120
[  225.039896][T14390]  ext4_sync_file+0x1ab/0x690
[  225.044691][T14390]  vfs_fsync_range+0x10d/0x130
[  225.052043][T14390]  ext4_buffered_write_iter+0x34f/0x3c0
[  225.060436][T14390]  ext4_file_write_iter+0x387/0xf60
[  225.065979][T14390]  iter_file_splice_write+0x666/0xa60
[  225.072683][T14390]  direct_splice_actor+0x156/0x2a0
[  225.078298][T14390]  splice_direct_to_actor+0x312/0x680
[  225.084478][T14390]  do_splice_direct+0xda/0x150
[  225.092222][T14390]  do_sendfile+0x380/0x650
[  225.098110][T14390]  __x64_sys_sendfile64+0x105/0x150
[  225.104733][T14390]  x64_sys_call+0x2bb4/0x3000
[  225.110698][T14390]  do_syscall_64+0xd2/0x200
[  225.116087][T14390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.124086][T14390] 
[  225.127744][T14390] value changed: 0x0a000021 -> 0x04000021
[  225.133831][T14390] 
[  225.136610][T14390] Reported by Kernel Concurrency Sanitizer on:
[  225.144835][T14390] CPU: 0 UID: 0 PID: 14390 Comm: syz.2.4125 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  225.158450][T14390] Tainted: [W]=WARN
[  225.162500][T14390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  225.175654][T14390] ==================================================================
[  225.205206][T14419] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.229130][T14419] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  225.246738][T14419] EXT4-fs (loop6): This should not happen!! Data will be lost
[  225.246738][T14419] 
[  225.259826][T14419] EXT4-fs (loop6): Total free blocks count 0
[  225.268052][T14419] EXT4-fs (loop6): Free/Dirty block details
[  225.276355][T14419] EXT4-fs (loop6): free_blocks=0
[  225.282396][T14419] EXT4-fs (loop6): dirty_blocks=0
[  225.289106][T14419] EXT4-fs (loop6): Block reservation details
[  225.297520][T14419] EXT4-fs (loop6): i_reserved_data_blocks=0
[  225.333789][ T7472] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.345512][ T9847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.658740][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog