last executing test programs:

2m15.810203657s ago: executing program 32 (id=489):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r2, &(0x7f0000000080)='./file0\x00')
readlinkat(r2, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000780)=""/198, 0xc6)

2m7.164372419s ago: executing program 33 (id=778):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ptrace(0x10, r0)
ptrace$pokeuser(0x6, r0, 0x358, 0x0)

2m7.02769961s ago: executing program 34 (id=783):
unshare(0x2040400)
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r0, 0x0, 0x0)

2m4.470123797s ago: executing program 35 (id=820):
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xdd, 0x3, 0x0, 0x0, 0x0, 0x4000000000, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, 0xffffffffffffffff, 0x400000000000, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000c00), &(0x7f0000000340), 0xe9f, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)

1m30.499478795s ago: executing program 36 (id=2028):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_gettime(0x0, &(0x7f0000000180))

1m27.432425273s ago: executing program 4 (id=2136):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESOCT], 0x5c}}, 0x0)

1m27.427554224s ago: executing program 4 (id=2137):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000340)={'wg2\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x34, r3, 0x6a98047402e98331, 0x70bd28, 0x0, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x50}, 0x4000000)

1m27.413536435s ago: executing program 4 (id=2138):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000800010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a, 0x0, 0x0, 0x0, 0x10000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(0x0, 0x0)
dup(0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r0, 0x0, 0x5}, 0x18)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

1m27.35654502s ago: executing program 4 (id=2139):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4002, &(0x7f0000000000)={[{@noquota}, {@dioread_nolock}]}, 0x1, 0xbe4, &(0x7f0000003c00)="$eJzs3N9rXFkdAPDvvTOZJm10UhGxvhgRaUGcJpUUWwRbqfjig6CvQkM6KSHTHySRmjTgRP8BUZ8FXwS1KD7Y574ou6/7stu+7rIPC2XJNruwLLtZ7vxI0s5MkrYzudnm84Ez95x7ZuZ8v/cyc8+BuRPAkTWePaQRpyLiahJRbu1PI6LUqA1H1JvP21hfnflofXUmic3NX7yfRBIRT9ZXZ9rvlbS2J1qN4Yh448dJfOX3neMuLq/MT9dq1YVW++zSjdtnF5dXvjd3Y/p69Xr15uT5H0ydmzo/cWGqb7l+/Pal+x9+66fv1j/5x6f3PvjT35K4FKOtvp159Mt4jG8dk52KETHd78FyUmjlszPPpLjHi9LWdmiAgQEA0FW6Yw73tShHIbYnb+X435u5BgcAAAD0xWYhYhMAAAB4xSXW/wAAAPCKa/8O4Mn66ky75PuLhIP1+HJEjDXz32iVZk8x6o3tcOM21eNPkth5W2vSfNlLG4+Idx5d+HdWYkD3Ie+mvhYRX+92/pNG/mONu7g7808jYqIP448/094j/0IfhnzKy+R/qQ/jP2f+MYhjAMDR8+By80LWef1Lt+Y/0eX6V+xy7XoRXa5/B3p9a8//Njrmf9v5F3rM/36+zzHu/v0vd3r1Zfn/8P5P/tUu2fjZ9qWSeg6P1yK+UeyWf7KVf9Ij/6v7HKP82Z1qr76889/8a8Tp6J5/W7L7/xOdnZ2rVSeaj13HWHt96p+9xt9P/iP9S7dDdv6P98i//f9Pvc7/7X2O8asrV/7TsfPRdnX3/NP3SskvG7VSa89vppeWFiYjSsnPOvef2z2W9nPa75Hlf+bbu3/+u+WffSfUW8chWwustbZZ+3fPjPmje3f/2yue9vovz8//tR7nf2f+rxU7z/8f9jnGd/7/xzO9+nauf7OSjd9eCwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAWxoRo5Gkla16mlYqESci4qtxPK3dWlz67uytX9+8lvVFjMVQOjtXq05ERLnZTrL2ZKO+3T73TPv7EXEyIv5cHmm0KzO3atfyTh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtJyJiNJK0EhFpRGyU07RSyTsqAAAAoO/GXvSFQ/2NAwAAABicF17/AwAAAF8Y1v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM2MlvPniYRET94kijZEqtvqFcIwMGLc07ACA3heZmM8k7EODAFfMOAMjNc67xC4OKA8jPXvP/4Z49x/oeCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH1+lTDx4mEVG/ONIomVKrbyjXyIBBS/MOAMhNYbfO4sHFARw8H3E4uqzxgWSP/uHt59Sf7jk2sJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOHxGGyVJKxFRau2rVCK+FBFjMZTMztWqExHx5Yh4qzx0LGtP5hwzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/be4vDI/XatVF7JKGq3K1p4jWNn8bY+upHnE6rlHqNKfSikORRiHtJL3NxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHlYXF6Zn67VqguLeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1xeWV+ularLgywkneOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADk5/MAAAD//w92C94=")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)

1m27.258042118s ago: executing program 4 (id=2140):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x24, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioperm(0xa, 0x7fb, 0xe0f3)

1m26.876161129s ago: executing program 4 (id=2146):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioperm(0x3c, 0x1, 0x8)

1m26.85524679s ago: executing program 37 (id=2146):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioperm(0x3c, 0x1, 0x8)

1m24.159575749s ago: executing program 9 (id=2222):
socket$phonet_pipe(0x23, 0x5, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x10)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x47, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
splice(r0, 0x0, r2, 0x0, 0xa86, 0x0)

1m24.139221361s ago: executing program 9 (id=2223):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r0, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x8}], 0x2)

1m23.232369595s ago: executing program 9 (id=2249):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

1m23.047515069s ago: executing program 9 (id=2254):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0xc00, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

1m23.022181951s ago: executing program 9 (id=2256):
r0 = msgget$private(0x0, 0x480)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
msgsnd(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="03000000"], 0x401, 0x0)
msgctl$IPC_RMID(r0, 0x0)

1m20.560484482s ago: executing program 9 (id=2336):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="8040deff000001000c002b8008000100", @ANYRES32=r0, @ANYBLOB="08001b"], 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000080)={{}, 0x2, 0x1, 0x4})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001200000008000800000000000800090000000100180001801400020076657468305f746f5f626f6e640000000800090000000000080006"], 0x4c}}, 0x0)

1m20.542874423s ago: executing program 38 (id=2336):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="8040deff000001000c002b8008000100", @ANYRES32=r0, @ANYBLOB="08001b"], 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000080)={{}, 0x2, 0x1, 0x4})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001200000008000800000000000800090000000100180001801400020076657468305f746f5f626f6e640000000800090000000000080006"], 0x4c}}, 0x0)

52.707255282s ago: executing program 8 (id=3288):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x101}, 0x18)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r1, &(0x7f00000005c0)="f5", 0x1, 0x4000010, &(0x7f0000000800)={0xa, 0x4e23, 0xffffbffc, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)

52.684614654s ago: executing program 8 (id=3290):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x200)

52.661700496s ago: executing program 8 (id=3292):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
setrlimit(0x9, &(0x7f0000000380))

52.60747814s ago: executing program 8 (id=3297):
syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000040)='./file2\x00', 0x800810, &(0x7f0000000840)=ANY=[], 0x1f, 0x249, &(0x7f0000000a00)="$eJzs3T9qFGEYBvDXGJM1FqYQbCxGbKwW9QaDRBAHhJUptHIg2mRFmTSj1Z7ATryDF/AGnsJTpEq3kp0hk782mpls5veDMA95GPb9YNnd4vt23977sLP9cff9t1/fYzRKYiViFvsRmwepca25rizyWhw1CwBg2UwmRdr3DFysskyLGxGxfqrJf/QyEAAAAAAAAAAAAP/M/n8AGB77/6++skyLjebz23H2/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD92Z/Pb8//8tf3fADA/+f9HwCG59XrNy/SLNuaJMkoYm9W5VVeX+v+2fNs61GysNnetVdV+fXD/nHdJ0159/7XT4uw0fRPjvfN/Wvx8EHdH3RPX2Yn+vXY7mD9AAAAAAAAAAAAAAAAAAAAcBmMk0Nnnu8fj8/r63Tk+wFOnN9fjVurnS0DAAAAAAAAAAAAAAAAAAAAltru5y87xXT6rmzD71P/GUxILscYXYSb5z8BBKGY9vzCBAAAAAAAAAAAAAAAAAAAA9Qe+u17EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoT/v7/xcXznzgn3c6XysAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsNz+BAAA//9auV53")
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x7, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c675bd9bffbcc2542ded71238259ca171ce1a311ef543dc137661d34f7c700", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204, 0x5]})
mkdir(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)

52.396948547s ago: executing program 8 (id=3306):
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0xc7, 0x2, 0x0, 0x0, 0x0, 0xd, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54b3, 0x0, @perf_bp={0x0, 0x6}, 0x0, 0x80, 0x8000001, 0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x1000000, 0x0, 0x2, 0x9, 0x0, 0x4, 0x5}, 0x20)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_flowlabel\x00')
pread64(r1, &(0x7f0000000580)=""/150, 0x8f, 0x4c00)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f00000005c0)=@newtaction={0x18, 0x30, 0x9, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

52.190741314s ago: executing program 8 (id=3309):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)={0x38, r2, 0x10ada85e65c25359, 0xfffffffd, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x72}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}]}]}, 0x38}}, 0x0)

52.161059786s ago: executing program 39 (id=3309):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)={0x38, r2, 0x10ada85e65c25359, 0xfffffffd, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x72}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}]}]}, 0x38}}, 0x0)

37.248912007s ago: executing program 6 (id=3780):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r1, &(0x7f0000000240), &(0x7f0000000040)=@tcp=r0, 0x2}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r3, &(0x7f0000000880)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)

37.20901562s ago: executing program 6 (id=3784):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0xff, 0x4932, 0x7f, 0x1, 0x1}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{r1}, &(0x7f0000000000)=0x7d8, &(0x7f0000000180)='%ps    \x00'}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000100)=0x7d8, &(0x7f0000000140)='%pi6   \x00'}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000480)={0x0, &(0x7f0000000200)=""/197, &(0x7f0000000380), &(0x7f0000000300), 0x2, r2}, 0x38)

37.126262466s ago: executing program 6 (id=3787):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000080)=0x4)
ioctl$PPPIOCSFLAGS1(r2, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r2, &(0x7f0000000280)=[{&(0x7f00000002c0)='\x00!G', 0x3}], 0x1, 0x8, 0x49d)

37.08096524s ago: executing program 6 (id=3790):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x0)

36.812975072s ago: executing program 6 (id=3796):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

36.405844075s ago: executing program 6 (id=3801):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r2, 0x0)
sendmsg$rds(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {0x0}, &(0x7f0000000340)=[{&(0x7f0000001140)=""/102, 0x66}], 0x1, 0x60, 0xfffffffefffffffe}}], 0x48, 0x8004}, 0x0)

36.383882107s ago: executing program 40 (id=3801):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r2, 0x0)
sendmsg$rds(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {0x0}, &(0x7f0000000340)=[{&(0x7f0000001140)=""/102, 0x66}], 0x1, 0x60, 0xfffffffefffffffe}}], 0x48, 0x8004}, 0x0)

14.007476313s ago: executing program 5 (id=4524):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000018, &(0x7f00000006c0), 0x1, 0x516, &(0x7f0000000dc0)="$eJzs3W1rY1kdAPD/vW26nZmuzarIuODu4q7MLDpJu3V3q8g+gOirBXV9P9Y2LaVpU5p0nZZFu/gBBBEV/AC+EfwAgsxHEGFA34uKIjqjL3WuJLnRtkna0KbNbPr7wWnOuQ/nf86lubkPh3sDuLJeiIi3ImIiIl6OiNl8epqnOGin5nKPHr6/3ExJZNm7f08iyad16mqWJyPiRr7adER846sR306649b39jeWqtXKTl4uNza3y/W9/Tvrm0trlbXK1sLC/GuLry++ujiX5c7Vz2JEvPHlP//4Bz//yhu//tx3/nD3r7e/22zWlz7RbndELJ8rQB/tugutbdHR3EY7FxFsRJr9KUyMuhUAAAyieYz/0Yj4dOv4fzYmWkdzAAAAwDjJ3pyJfycRGQAAADC20oiYiSQt5WMBZiJNS6X2GN6Px/W0Wqs3Prta291aac6LKEYhXV2vVubyscLFKCTN8nw+xrZTfuVYeSEinomIH81ea5VLy7XqyqgvfgAAAMAVceP5o+f//5pNW3kAAABgzBT7FgAAAIBx4ZQfAAAAxp/zfwAAABhrX3vnnWbKOu/xXnlvb3ej9t6dlUp9o7S5u1xaru1sl9ZqtbXWM/s2T6uvWqttfz62du+VG5V6o1zf27+7WdvdatxdP/IKbAAAAOASPfP8/d8nEXHwxWutFPlzAAGO+NOoGwAM08SoGwCMzOSoGwCMTOHUJewhYNwlp8zvHrzTvlYYv7mY9gAAAMN365Pd9/+n8nmnXxsAPsyM9QGAq8fdPbi6CmcdAXhz2C0BRuUj7Y+n+s3v+/COAe7/t68xZNmZGgYAAAzNTCslaSk/Tp+JNC2VIp5uvRagkKyuVytz+fnB72YLTzXL8601k1PHDAMAAAAAAAAAAAAAAAAAAAAAAAAAbVmWRAYAAACMtYj0L0nraf4Rt2Zfmjl6deDYW79+9u5P7i01GjvzEVPJP2abk6YiovHTfPormVcCAAAAwBOgfZ6ef86PujUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjJtHD99f7qTOtLcuIe7f3o6IYq/4kzHd+pyOQkRc/2cSk4fWSyJiYgjxDz6IiJu94ifxOMuyYt6KXvGvXXD8YmvT9I6fRsSNIcSHq+z+2+0dXff3L40XWp+9v3+TeTqv/vu/9H/7v4k++5+nj5X7efbBL8t9438Q8exk7/1PJ37Sjn8kRLPw4oB9/NY39/d7zjhUZa/4h2OVG5vb5fre/p31zaW1ylpla2Fh/rXF1xdfXZwrr65XK/nfnmF++KlfPT6p/9f7xC8e7X/X9n9poN5n8Z8H9x5+rF0o9Ip/+8Xev783+8RP89++z+T55vxbnfxBO3/Yc7/47XMn9X+lT/+nT+n/7YH6H194+evf/2PPOV1bAwC4DPW9/Y2larWyc0JmeoBlLjnz5pPRjCFm4sloxqgy2ffa/4/nq+ecq3dlsvOsPhlDaMZU1/d0Is5aYRJx0KxrwH9IAABgzPz/oP+kO0gAAAAAAAAAAAAAAAAAAADARTrjY8mmI2LghY/HPBhNVwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATvTfAAAA//+EX9G6")
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r0, &(0x7f0000000340)={0x23, 0x0, 0x0, 0x2}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)
ioctl$SIOCPNENABLEPIPE(r0, 0x89ed, 0x0)

13.907913481s ago: executing program 5 (id=4528):
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
r2 = fsopen(&(0x7f0000000000)='tracefs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0xa)

13.815060809s ago: executing program 5 (id=4533):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x1, 0x0)
fchdir(r3)
symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00')

13.814291259s ago: executing program 5 (id=4537):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
open_tree(r0, &(0x7f0000000080)='./file0/file0\x00', 0x1000)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

13.7970566s ago: executing program 5 (id=4539):
r0 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f00000000c0)='./file0\x00', 0x200})
prlimit64(0x0, 0x6, &(0x7f0000000040), 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x0)
setresuid(r3, r3, 0x0)
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0)

10.873009927s ago: executing program 5 (id=4671):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4, 0xc}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x3c}}, 0x0)

10.824384621s ago: executing program 41 (id=4671):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4, 0xc}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x3c}}, 0x0)

1.773076476s ago: executing program 2 (id=4992):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
creat(0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a0103000000000000000002000000540003804000038014000100626f6e645f736c6176655f300000000014000100736974300000000000000000000000000400010073697430000000000000000000000000080002400000000008000140000000000900020073797a31000000000900010073797a30"], 0xa8}, 0x1, 0x0, 0x0, 0x8004}, 0x0)

1.677495464s ago: executing program 2 (id=5000):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
close_range(r2, 0xffffffffffffffff, 0x0)

1.569872273s ago: executing program 0 (id=5002):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r2 = epoll_create(0x3ff)
r3 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)={0xa0000000})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000280)={0x2000000, 0x100000000000})

1.549282754s ago: executing program 2 (id=5003):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

1.522013496s ago: executing program 0 (id=5005):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000380), 0x1000a)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x2000414, &(0x7f0000000340)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000540)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x3fe, 0x0)

1.486349579s ago: executing program 2 (id=5009):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)='./file0/file0/file0\x00', 0x0, 0x1adc51, 0x0)
umount2(&(0x7f0000000080)='./file0/file0\x00', 0x2)

1.47198632s ago: executing program 0 (id=5010):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000000c0)='kfree\x00', r2}, 0x18)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="34000000000883ec0000000000010000000000000400048005000300010000000900010073797a3000000000060002"], 0x34}, 0x1, 0x0, 0x0, 0x81}, 0x0)

1.460862202s ago: executing program 2 (id=5013):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000002dc0)=0x14)
sendmmsg(r2, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

1.431162614s ago: executing program 0 (id=5014):
r0 = epoll_create1(0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000940), 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000000)={0x90000004})

1.244491509s ago: executing program 2 (id=5017):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x204800b}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)

1.244348839s ago: executing program 42 (id=5017):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x204800b}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)

1.165012335s ago: executing program 3 (id=5022):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r0}, 0x18)
perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x65, 0xfc, 0x5, 0x0, 0x0, 0x100007, 0x88008, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc46, 0x0, @perf_bp={0x0}, 0x212, 0xd, 0x7ffffefc, 0x3, 0x1, 0x0, 0x8, 0x0, 0xfc, 0x0, 0x1}, 0x0, 0x400000000007, 0xffffffffffffffff, 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_CREATE(r1, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}}, 0x120)
write$UHID_DESTROY(r1, &(0x7f0000000080), 0x4)

1.055252744s ago: executing program 3 (id=5023):
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x72}, 0x2c)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000001080)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000340)=ANY=[], 0x8)
setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x7f, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

977.6372ms ago: executing program 1 (id=5025):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d697400"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000850}, 0x40)

943.275723ms ago: executing program 1 (id=5026):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000640)='fib6_table_lookup\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x63, 0x8, 0x0, 0x0, 0x0, 0x0, 0x37a05, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x500, 0x6d}, 0x1075, 0x4, 0x0, 0x0, 0xffffffffffffbbfe, 0x7, 0x1, 0x0, 0x0, 0x0, 0x1c0000000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x9)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000080))

902.489487ms ago: executing program 1 (id=5027):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc90, 0x0, 0x0, 0x0, 0x23, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, 0x0, 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
link(0x0, 0x0)

882.818728ms ago: executing program 1 (id=5028):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x4}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0)

848.064351ms ago: executing program 1 (id=5029):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x6, 0x4, 0x8, 0xa, 0x0, 0xffffffffffffffff, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x37e2f4aba9289b81, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8}}, 0x0, 0x100, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000340)={0x3, 0x8, 0x8, 0x1b}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xaaf}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

488.96243ms ago: executing program 0 (id=5030):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'wg1\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r3}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

460.953983ms ago: executing program 7 (id=5032):
r0 = syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0xf07d, 0x400, 0x40000, 0x105}, &(0x7f0000000400)=<r1=>0x0, &(0x7f0000000240)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x4004, @fd_index=0x1, 0x8, &(0x7f0000002a40)=[{&(0x7f0000000280)=""/221, 0xdd}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000002b00)=""/4099, 0x1000}, {&(0x7f0000000440)=""/107}, {&(0x7f0000000500)=""/193}, {&(0x7f00000003c0)=""/18}, {&(0x7f0000000700)=""/148}, {&(0x7f0000002840)=""/245}, {&(0x7f0000002940)=""/226}], 0x11b, 0x1d})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
io_uring_enter(r0, 0x8aa, 0x0, 0x0, 0x0, 0x0)

406.054517ms ago: executing program 7 (id=5033):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000c00)='9p_protocol_dump\x00', r0}, 0x18)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

296.897076ms ago: executing program 7 (id=5034):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
quotactl$Q_GETNEXTQUOTA(0x0, &(0x7f0000002040)=@filename='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)

271.349488ms ago: executing program 7 (id=5035):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r3=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}], 0x1, &(0x7f0000000180)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r3}}], 0x20, 0x2400e044}, 0x0)

214.971252ms ago: executing program 0 (id=5036):
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r1, &(0x7f0000000040)=ANY=[], 0xffffff6a)
r2 = signalfd4(0xffffffffffffffff, &(0x7f00000004c0), 0x8, 0x0)
r3 = io_uring_setup(0x3e76, &(0x7f0000000000))
dup2(r2, r3)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
tee(r0, r4, 0xfffffffffffffc01, 0x0)
tee(r0, r4, 0x60000000000, 0x0)

182.481946ms ago: executing program 7 (id=5037):
r0 = io_uring_setup(0x21a4, &(0x7f0000000000)={0x0, 0x75f, 0x10, 0x1, 0x11cb})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

147.000908ms ago: executing program 7 (id=5038):
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
pipe(&(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)
vmsplice(r0, &(0x7f0000000200), 0x3af, 0x2)

146.580938ms ago: executing program 3 (id=5040):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newtfilter={0x30, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x10000840)

122.27166ms ago: executing program 3 (id=5041):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f0000000280)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000001500)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x8084)

105.434992ms ago: executing program 3 (id=5042):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

79.090044ms ago: executing program 3 (id=5043):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1233, &(0x7f0000000740)="$eJzs28FrHFUcB/BfkqapW5ONWqstiA+9VJChycGLvQRJQbqgtI3QCsLUbHTJuBsyS2BFjJ68+neIIKI3QbzpJRf/A8FbLh4riCPJatvIrrJm7Zby+VzyI+99Z3+Pt7swy5v9S5++t7lRZht5N6anpmJ6KyLdTpFiOv7yUbzw8vc/PHPtxs0rK43G6tWULq9cX3oppbTw7LdvfvD5c991T7/x9cI3c7G3+Nb+L8s/753dO7f/+/V3W2Vqland6aY83ep0uvmtopnWW+VmltLrRTMvm6nVLpvbR8Y3is7WVi/l7fX52tZ2syxT3u6lzWYvdTupu91L+Tt5q52yLEvztWB0J+5Ua5/drqoqoqpm42RUVVU9ErU4HY/GfCxEPRbjsXg8nogz8WScjafi6fjypy96BwkAAAAAAAAAAAAAAAAAAABgfEZ9/v/c4axJdw0AAAAAAAAAAAAAAAAAAAAPl2s3bl5ZaTRWr6Z0KqL4ZGdtZ63/tz++shGtKKIZF6Mev8Xh0/99/fryq43Vi+nQYnxc7P6Z391ZmzmaX4p6vDg4v9TPp6P5uajdm1+OepwZlJ+N5YH5U3Hh+XvyWdTjx7ejE0Wsx0H27ut/uJTSK681/pY/fzhvuJn7sT0AAAAwFlm6Y+D9e5YNG+/nR/h94Mj99UH2/ImJLp2IKHvvb+ZF0dx+SIvZY17nwvHbuBQRY1nOyWFD1W5/M0e54GxEjNbGr1VVPRB7euyiNnpq+CdlLiL+cz9T43pvjL+Y9DcT98PdTR86Zf2rwf+f/v+6AgAAAAAAAAAA4N8MPQY4908nBGdGOk446TUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MEOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCrAAAA///SHczP")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r0, 0x2000009)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a500000005"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0)

0s ago: executing program 1 (id=5044):
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x1, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000803d18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r2}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

kernel console output (not intermixed with test programs):

1334]  </TASK>
[  112.279190][T11334] ---[ end trace 0000000000000000 ]---
[  112.611757][T11389] netem: change failed
[  113.946511][T11445] __nla_validate_parse: 2 callbacks suppressed
[  113.946528][T11445] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2911'.
[  113.969696][T11445] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2911'.
[  114.029967][ T6906] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  114.066970][T11446] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2912'.
[  114.076013][T11446] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2912'.
[  114.149439][ T6906] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  114.157702][ T6906] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  114.166228][ T6906] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  114.175018][   T29] kauditd_printk_skb: 207 callbacks suppressed
[  114.175033][   T29] audit: type=1326 audit(111.597:4469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11460 comm="syz.3.2919" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x0
[  114.695274][   T29] audit: type=1400 audit(112.111:4470): avc:  denied  { ioctl } for  pid=11473 comm="syz.8.2924" path="socket:[33782]" dev="sockfs" ino=33782 ioctlcmd=0x745a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  114.766093][   T29] audit: type=1326 audit(112.177:4471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11477 comm="syz.2.2926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  114.789070][   T29] audit: type=1326 audit(112.177:4472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11477 comm="syz.2.2926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  114.825469][   T29] audit: type=1326 audit(112.177:4473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11477 comm="syz.2.2926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  114.848482][   T29] audit: type=1326 audit(112.177:4474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11477 comm="syz.2.2926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  114.871886][   T29] audit: type=1326 audit(112.177:4475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11477 comm="syz.2.2926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  114.894947][   T29] audit: type=1326 audit(112.223:4476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11477 comm="syz.2.2926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  114.917968][   T29] audit: type=1326 audit(112.223:4477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11477 comm="syz.2.2926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  114.940928][   T29] audit: type=1326 audit(112.223:4478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11477 comm="syz.2.2926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  114.978832][T11485] atomic_op ffff888131387128 conn xmit_atomic 0000000000000000
[  115.182229][T11501] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2937'.
[  115.349971][T11531] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2951'.
[  115.382769][T11537] netlink: 'syz.1.2954': attribute type 3 has an invalid length.
[  115.406765][T11539] pimreg: entered allmulticast mode
[  115.421561][T11539] pimreg: left allmulticast mode
[  115.487508][T11553] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2962'.
[  115.496520][T11553] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2962'.
[  115.540273][T11559] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2965'.
[  115.549305][T11559] netlink: 'syz.3.2965': attribute type 7 has an invalid length.
[  115.557164][T11559] netlink: 'syz.3.2965': attribute type 8 has an invalid length.
[  115.565001][T11559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2965'.
[  115.818189][T11569] netlink: 'syz.3.2968': attribute type 2 has an invalid length.
[  116.105105][T11580] bridge0: entered promiscuous mode
[  116.110328][T11580] macsec1: entered allmulticast mode
[  116.115656][T11580] bridge0: entered allmulticast mode
[  116.121658][T11580] bridge0: port 3(macsec1) entered blocking state
[  116.128134][T11580] bridge0: port 3(macsec1) entered disabled state
[  116.135613][T11580] bridge0: left allmulticast mode
[  116.140720][T11580] bridge0: left promiscuous mode
[  116.419258][T11622] loop6: detected capacity change from 0 to 512
[  116.439925][T11622] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.774559][T11622] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2993: bg 0: block 145: padding at end of block bitmap is not set
[  116.843899][ T5362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.890195][T11671] loop6: detected capacity change from 0 to 1024
[  116.915872][T11671] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.985208][ T5362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.000794][T11677] loop8: detected capacity change from 0 to 764
[  117.007604][T11677] iso9660: Unknown parameter '0xffffffffffffffff'
[  117.109111][T11694] netlink: 'syz.1.3021': attribute type 3 has an invalid length.
[  117.682787][T11769] netlink: 'syz.1.3056': attribute type 1 has an invalid length.
[  117.690699][T11769] netlink: 'syz.1.3056': attribute type 4 has an invalid length.
[  117.749408][T11778] sit0: entered promiscuous mode
[  117.754599][T11778] sit0: entered allmulticast mode
[  118.276589][T11858] netlink: 'syz.3.3094': attribute type 1 has an invalid length.
[  118.661046][T11902] netlink: 'syz.3.3116': attribute type 15 has an invalid length.
[  119.335312][T11931] netlink: 'syz.8.3129': attribute type 1 has an invalid length.
[  119.350897][T11931] 8021q: adding VLAN 0 to HW filter on device bond2
[  119.375177][T11931] bond2: (slave gretap1): making interface the new active one
[  119.383528][T11931] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  119.516998][T11941] loop8: detected capacity change from 0 to 1024
[  119.536326][T11941] EXT4-fs: inline encryption not supported
[  119.547942][T11941] EXT4-fs: Invalid want_extra_isize 131
[  119.569237][   T29] kauditd_printk_skb: 139 callbacks suppressed
[  119.569251][   T29] audit: type=1326 audit(116.667:4618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11937 comm="syz.1.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  119.598687][   T29] audit: type=1326 audit(116.667:4619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11937 comm="syz.1.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  119.622500][   T29] audit: type=1326 audit(116.667:4620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11937 comm="syz.1.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  119.645476][   T29] audit: type=1326 audit(116.667:4621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11937 comm="syz.1.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  119.668347][   T29] audit: type=1326 audit(116.667:4622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11937 comm="syz.1.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  119.691355][   T29] audit: type=1326 audit(116.667:4623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11937 comm="syz.1.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  119.726851][   T29] audit: type=1326 audit(116.676:4624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11937 comm="syz.1.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  119.750137][   T29] audit: type=1326 audit(116.676:4625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11937 comm="syz.1.3131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  119.830657][T11953] __nla_validate_parse: 15 callbacks suppressed
[  119.830670][T11953] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3135'.
[  119.971934][T11952] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.991682][T11952] 8021q: adding VLAN 0 to HW filter on device team0
[  120.016874][T11952] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  120.151607][   T29] audit: type=1326 audit(117.219:4626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11969 comm="syz.2.3143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  120.174710][   T29] audit: type=1326 audit(117.219:4627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11969 comm="syz.2.3143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  120.862516][T12053] wireguard0: entered promiscuous mode
[  120.868025][T12053] wireguard0: entered allmulticast mode
[  121.611608][T12179] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3199'.
[  121.792639][T12209] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3214'.
[  121.936533][T12236] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3225'.
[  121.971859][T12236] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  122.044477][T12254] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3234'.
[  122.055953][T12254] erspan0: entered promiscuous mode
[  122.061540][T12254] macvtap1: entered promiscuous mode
[  122.067057][T12254] macvtap1: entered allmulticast mode
[  122.072527][T12254] erspan0: entered allmulticast mode
[  122.089744][T12254] erspan0: left allmulticast mode
[  122.094964][T12254] erspan0: left promiscuous mode
[  122.159809][T12271] validate_nla: 3 callbacks suppressed
[  122.159873][T12271] netlink: 'syz.6.3240': attribute type 21 has an invalid length.
[  122.175283][T12271] netlink: 132 bytes leftover after parsing attributes in process `syz.6.3240'.
[  122.212138][T12276] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  122.223946][T12276] batman_adv: batadv0: Adding interface: ip6gretap1
[  122.230685][T12276] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  122.256424][T12276] batman_adv: batadv0: Interface activated: ip6gretap1
[  122.628542][T12300] netlink: 'syz.1.3252': attribute type 298 has an invalid length.
[  122.728656][T12308] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3255'.
[  122.789942][T12315] netlink: 'syz.3.3258': attribute type 3 has an invalid length.
[  122.948727][T12335] block device autoloading is deprecated and will be removed.
[  122.980432][ T4345] Process accounting resumed
[  123.220980][T12376] program syz.8.3287 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  123.330510][T12394] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3296'.
[  123.351269][T12399] loop8: detected capacity change from 0 to 512
[  123.360554][T12394] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3296'.
[  123.370636][T12394] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3296'.
[  123.416354][T12399] loop8: detected capacity change from 512 to 64
[  123.434047][T12399] FAT-fs (loop8): Directory bread(block 34) failed
[  123.445600][T12399] FAT-fs (loop8): Directory bread(block 35) failed
[  123.452743][T12399] FAT-fs (loop8): Directory bread(block 36) failed
[  123.459685][T12399] FAT-fs (loop8): Directory bread(block 37) failed
[  123.471168][T12399] FAT-fs (loop8): Directory bread(block 38) failed
[  123.477939][T12399] FAT-fs (loop8): Directory bread(block 39) failed
[  123.484911][T12399] FAT-fs (loop8): Directory bread(block 40) failed
[  123.497352][T12399] FAT-fs (loop8): Directory bread(block 41) failed
[  123.512137][T12399] FAT-fs (loop8): Directory bread(block 34) failed
[  123.519356][T12399] FAT-fs (loop8): Directory bread(block 35) failed
[  123.616542][ T6906] FAT-fs (loop8): Invalid FSINFO signature: 0x00416152, 0x05614172 (sector = 1)
[  123.635672][T12419] netlink: 'syz.3.3308': attribute type 13 has an invalid length.
[  123.643532][T12419] netlink: 'syz.3.3308': attribute type 17 has an invalid length.
[  123.670777][T12419] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  123.770435][T12421] loop3: detected capacity change from 0 to 1024
[  123.807878][T12421] EXT4-fs: inline encryption not supported
[  123.831511][T12421] EXT4-fs: Ignoring removed bh option
[  123.860940][T12421] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.949408][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.076307][T12425] chnl_net:caif_netlink_parms(): no params data found
[  124.099871][T12462] netlink: 'syz.1.3324': attribute type 14 has an invalid length.
[  124.121532][T12462] netlink: 'syz.1.3324': attribute type 14 has an invalid length.
[  124.130378][ T6906] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  124.139650][ T6906] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  124.148971][ T6906] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  124.162651][T12425] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.169819][T12425] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.177605][T12425] bridge_slave_0: entered allmulticast mode
[  124.184141][T12425] bridge_slave_0: entered promiscuous mode
[  124.201514][T12473] block device autoloading is deprecated and will be removed.
[  124.201508][ T6906] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  124.217657][T12425] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.225129][T12425] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.235325][T12425] bridge_slave_1: entered allmulticast mode
[  124.242700][T12425] bridge_slave_1: entered promiscuous mode
[  124.267088][T12425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  124.294696][T12425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  124.326631][T12425] team0: Port device team_slave_0 added
[  124.334052][T12425] team0: Port device team_slave_1 added
[  124.358953][T12425] batman_adv: batadv0: Adding interface: batadv_slave_0
[  124.365908][T12425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  124.392704][T12425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  124.409080][T12425] batman_adv: batadv0: Adding interface: batadv_slave_1
[  124.416152][T12425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  124.442690][T12425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  124.477965][T12425] hsr_slave_0: entered promiscuous mode
[  124.486965][T12425] hsr_slave_1: entered promiscuous mode
[  124.493612][T12425] debugfs: 'hsr0' already exists in 'hsr'
[  124.499411][T12425] Cannot create hsr debugfs directory
[  124.661662][T12504] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  124.670478][T12504] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  124.800292][T12425] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  124.809216][T12425] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  124.821005][T12425] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  124.830121][T12425] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  124.864162][T12425] 8021q: adding VLAN 0 to HW filter on device bond0
[  124.877087][T12425] 8021q: adding VLAN 0 to HW filter on device team0
[  124.886484][ T6888] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.893571][ T6888] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.911153][T12425] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  124.921556][T12425] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  124.935281][ T6888] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.942328][ T6888] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.978597][   T29] kauditd_printk_skb: 242 callbacks suppressed
[  124.978611][   T29] audit: type=1326 audit(121.738:4870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.1.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  125.024256][   T29] audit: type=1326 audit(121.775:4871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.1.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  125.025320][T12425] 8021q: adding VLAN 0 to HW filter on device batadv0
[  125.059780][T12529] rdma_op ffff888104313980 conn xmit_rdma 0000000000000000
[  125.122700][   T29] audit: type=1326 audit(121.869:4872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.1.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9cf884d550 code=0x7ffc0000
[  125.167002][T12425] veth0_vlan: entered promiscuous mode
[  125.174333][   T29] audit: type=1326 audit(121.887:4873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.1.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  125.197368][   T29] audit: type=1326 audit(121.887:4874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.1.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  125.220205][   T29] audit: type=1326 audit(121.887:4875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.1.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf884ebe9 code=0x7ffc0000
[  125.226305][T12425] veth1_vlan: entered promiscuous mode
[  125.243543][   T29] audit: type=1400 audit(121.915:4876): avc:  denied  { bind } for  pid=12536 comm="syz.6.3350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  125.258937][T12425] veth0_macvtap: entered promiscuous mode
[  125.280226][T12425] veth1_macvtap: entered promiscuous mode
[  125.292161][T12425] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.305477][T12425] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.325990][ T6888] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.343445][ T6888] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.366169][ T6888] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.400651][ T6888] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.438137][T12559] loop2: detected capacity change from 0 to 1024
[  125.451500][T12561] loop3: detected capacity change from 0 to 1024
[  125.467059][T12559] EXT4-fs: Ignoring removed oldalloc option
[  125.473145][T12559] EXT4-fs: Ignoring removed bh option
[  125.485162][T12561] EXT4-fs: inline encryption not supported
[  125.492050][T12561] EXT4-fs: Ignoring removed bh option
[  125.495657][T12567] __nla_validate_parse: 3 callbacks suppressed
[  125.495670][T12567] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3362'.
[  125.543813][T12559] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.565749][T12561] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.566974][T12565] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3361'.
[  125.637648][   T29] audit: type=1326 audit(122.308:4877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12560 comm="syz.3.3359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  125.660925][   T29] audit: type=1326 audit(122.308:4878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12560 comm="syz.3.3359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  125.683854][   T29] audit: type=1326 audit(122.308:4879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12560 comm="syz.3.3359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  125.695626][T12565] netem: change failed
[  125.723831][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.745612][ T9633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.786319][T12578] loop3: detected capacity change from 0 to 128
[  125.801185][T12578] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  125.832649][T12578] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  125.843222][T12583] netlink: 44 bytes leftover after parsing attributes in process `wޣ�'.
[  125.851831][T12583] netem: unknown loss type 12
[  125.856712][T12583] netem: change failed
[  125.871758][T12586] loop2: detected capacity change from 0 to 1024
[  125.888999][T12586] EXT4-fs: Ignoring removed orlov option
[  125.917512][T12586] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.996312][T12604] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3375'.
[  126.009941][T12604] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3375'.
[  126.012237][ T6906] netdevsim netdevsim6 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  126.045115][ T9633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.088033][ T6906] netdevsim netdevsim6 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  126.102197][ T6906] netdevsim netdevsim6 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  126.114649][T12612] IPv4: Oversized IP packet from 127.202.26.0
[  126.122368][ T6906] netdevsim netdevsim6 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  126.197285][T12622] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3383'.
[  126.224206][T12616] netlink: 'syz.1.3381': attribute type 13 has an invalid length.
[  126.231125][T12625] loop6: detected capacity change from 0 to 1024
[  126.232936][T12616] netlink: 'syz.1.3381': attribute type 17 has an invalid length.
[  126.253197][T12625] EXT4-fs: inline encryption not supported
[  126.253224][T12616] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  126.259230][T12625] EXT4-fs: Ignoring removed bh option
[  126.306822][T12625] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.379966][ T5362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.448255][T12651] netlink: 'syz.6.3395': attribute type 7 has an invalid length.
[  126.456369][T12651] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3395'.
[  126.608051][T12665] serio: Serial port ptm0
[  126.770318][T12687] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3412'.
[  127.108077][T12710] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3423'.
[  127.165660][T12718] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12718 comm=syz.3.3426
[  127.365185][ T3396] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  127.372744][ T3396] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  127.380132][ T3396] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  127.387619][ T3396] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  127.395034][ T3396] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  127.402579][ T3396] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  127.410096][ T3396] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  127.417590][ T3396] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  127.425160][ T3396] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  127.432562][ T3396] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  127.484297][ T3396] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  127.586389][T12752] loop2: detected capacity change from 0 to 1024
[  127.593444][T12752] EXT4-fs: Ignoring removed bh option
[  127.621805][T12752] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.660211][ T9633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.691133][T12761] loop6: detected capacity change from 0 to 512
[  128.177453][T12796] macvlan0: entered promiscuous mode
[  128.182998][T12796] macvlan0: entered allmulticast mode
[  128.403063][T12805] netlink: zone id is out of range
[  128.415571][T12805] netlink: zone id is out of range
[  128.426509][T12805] netlink: zone id is out of range
[  128.447395][T12805] netlink: zone id is out of range
[  128.525942][T12811] netlink: 'syz.6.3465': attribute type 13 has an invalid length.
[  128.533798][T12811] netlink: 'syz.6.3465': attribute type 17 has an invalid length.
[  128.764996][T12824] skbuff: bad partial csum: csum=65506/2 headroom=146 headlen=65526
[  128.794876][T12811] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  129.021445][T12847] block device autoloading is deprecated and will be removed.
[  129.263420][T12877] netlink: 'syz.0.3491': attribute type 13 has an invalid length.
[  129.271247][T12877] netlink: 'syz.0.3491': attribute type 17 has an invalid length.
[  129.314834][T12877] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  129.451631][T12888] tipc: Started in network mode
[  129.456606][T12888] tipc: Node identity b231451f48da, cluster identity 4711
[  129.463840][T12888] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  129.532335][T12891] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12891 comm=syz.1.3503
[  129.546921][T12888] tipc: Disabling bearer <eth:syzkaller0>
[  129.562274][T12891] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3503'.
[  129.943935][T12931] loop2: detected capacity change from 0 to 512
[  130.027143][T12931] EXT4-fs error (device loop2): __ext4_iget:5464: inode #17: block 1803188595: comm syz.2.3519: invalid block
[  130.063632][T12931] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3519: couldn't read orphan inode 17 (err -117)
[  130.101559][T12931] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.205683][ T9633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.852328][T12967] loop6: detected capacity change from 0 to 512
[  130.864712][T12967] EXT4-fs: Ignoring removed oldalloc option
[  130.871316][T12967] EXT4-fs: inline encryption not supported
[  130.877169][T12967] EXT4-fs: Ignoring removed mblk_io_submit option
[  130.900944][T12967] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  130.949251][T12967] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3534: bg 0: block 64: padding at end of block bitmap is not set
[  130.980600][T12967] __quota_error: 146 callbacks suppressed
[  130.980697][T12967] Quota error (device loop6): write_blk: dquota write failed
[  131.009999][T12967] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  131.027082][T12967] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.3534: Failed to acquire dquot type 0
[  131.040630][T12967] EXT4-fs (loop6): 1 truncate cleaned up
[  131.046697][T12967] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.076596][   T29] audit: type=1400 audit(127.435:5026): avc:  denied  { create } for  pid=12966 comm="syz.6.3534" name=E91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  131.098811][T12967] Quota error (device loop6): write_blk: dquota write failed
[  131.113900][T12967] Quota error (device loop6): qtree_write_dquot: Error -28 occurred while creating quota
[  131.124011][T12967] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.3534: Failed to acquire dquot type 0
[  131.148529][T12986] can0: slcan on ttyS3.
[  131.160236][ T5362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.210846][T12995] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3546'.
[  131.220737][T12985] can0 (unregistered): slcan off ttyS3.
[  131.242853][T12995] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3546'.
[  131.249036][   T29] audit: type=1400 audit(127.594:5027): avc:  denied  { mount } for  pid=12998 comm="syz.3.3547" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  131.255839][T12997] sd 0:0:1:0: device reset
[  131.303088][   T29] audit: type=1326 audit(127.622:5028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12998 comm="syz.3.3547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  131.327124][   T29] audit: type=1326 audit(127.622:5029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12998 comm="syz.3.3547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  131.350353][   T29] audit: type=1326 audit(127.622:5030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12998 comm="syz.3.3547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  131.373320][   T29] audit: type=1326 audit(127.622:5031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12998 comm="syz.3.3547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  131.374168][T13004] loop3: detected capacity change from 0 to 1024
[  131.420069][T13004] EXT4-fs: Mount option(s) incompatible with ext2
[  131.578682][T13035] loop0: detected capacity change from 0 to 1024
[  131.596103][T13035] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  131.665116][T13042] netlink: 'syz.2.3575': attribute type 1 has an invalid length.
[  132.046404][T13056] netlink: 84 bytes leftover after parsing attributes in process `syz.6.3571'.
[  132.067129][T13058] loop3: detected capacity change from 0 to 512
[  132.101672][T13058] EXT4-fs error (device loop3): __ext4_iget:5464: inode #17: block 1803188595: comm syz.3.3572: invalid block
[  132.190933][T13030] syz.0.3564 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  132.205087][T13030] CPU: 1 UID: 0 PID: 13030 Comm: syz.0.3564 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  132.205139][T13030] Tainted: [W]=WARN
[  132.205147][T13030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.205157][T13030] Call Trace:
[  132.205163][T13030]  <TASK>
[  132.205170][T13030]  __dump_stack+0x1d/0x30
[  132.205280][T13030]  dump_stack_lvl+0xe8/0x140
[  132.205302][T13030]  dump_stack+0x15/0x1b
[  132.205320][T13030]  dump_header+0x81/0x220
[  132.205347][T13030]  oom_kill_process+0x342/0x400
[  132.205392][T13030]  out_of_memory+0x979/0xb80
[  132.205427][T13030]  try_charge_memcg+0x5e6/0x9e0
[  132.205459][T13030]  obj_cgroup_charge_pages+0xa6/0x150
[  132.205538][T13030]  __memcg_kmem_charge_page+0x9f/0x170
[  132.205573][T13030]  __alloc_frozen_pages_noprof+0x188/0x360
[  132.205619][T13030]  alloc_pages_mpol+0xb3/0x250
[  132.205665][T13030]  alloc_pages_noprof+0x90/0x130
[  132.205692][T13030]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  132.205767][T13030]  __kvmalloc_node_noprof+0x30f/0x4e0
[  132.205846][T13030]  ? ip_set_alloc+0x1f/0x30
[  132.205907][T13030]  ? ip_set_alloc+0x1f/0x30
[  132.205929][T13030]  ? __kmalloc_cache_noprof+0x189/0x320
[  132.206028][T13030]  ip_set_alloc+0x1f/0x30
[  132.206087][T13030]  hash_netiface_create+0x282/0x740
[  132.206114][T13030]  ? __pfx_hash_netiface_create+0x10/0x10
[  132.206158][T13030]  ip_set_create+0x3cc/0x960
[  132.206182][T13030]  ? __nla_parse+0x40/0x60
[  132.206202][T13030]  nfnetlink_rcv_msg+0x4c6/0x590
[  132.206248][T13030]  netlink_rcv_skb+0x120/0x220
[  132.206342][T13030]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  132.206370][T13030]  nfnetlink_rcv+0x16b/0x1690
[  132.206394][T13030]  ? nlmon_xmit+0x4f/0x60
[  132.206465][T13030]  ? consume_skb+0x49/0x150
[  132.206553][T13030]  ? nlmon_xmit+0x4f/0x60
[  132.206573][T13030]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  132.206592][T13030]  ? __dev_queue_xmit+0x1200/0x2000
[  132.206609][T13030]  ? __dev_queue_xmit+0x182/0x2000
[  132.206690][T13030]  ? ref_tracker_free+0x37d/0x3e0
[  132.206711][T13030]  ? __netlink_deliver_tap+0x4dc/0x500
[  132.206731][T13030]  netlink_unicast+0x5c0/0x690
[  132.206776][T13030]  netlink_sendmsg+0x58b/0x6b0
[  132.206795][T13030]  ? __pfx_netlink_sendmsg+0x10/0x10
[  132.206867][T13030]  __sock_sendmsg+0x145/0x180
[  132.206964][T13030]  ____sys_sendmsg+0x31e/0x4e0
[  132.206984][T13030]  ___sys_sendmsg+0x17b/0x1d0
[  132.207013][T13030]  __x64_sys_sendmsg+0xd4/0x160
[  132.207074][T13030]  x64_sys_call+0x191e/0x2ff0
[  132.207091][T13030]  do_syscall_64+0xd2/0x200
[  132.207113][T13030]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  132.207146][T13030]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  132.207166][T13030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.207184][T13030] RIP: 0033:0x7fc11077ebe9
[  132.207203][T13030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.207236][T13030] RSP: 002b:00007fc10f1e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  132.207256][T13030] RAX: ffffffffffffffda RBX: 00007fc1109a5fa0 RCX: 00007fc11077ebe9
[  132.207267][T13030] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  132.207277][T13030] RBP: 00007fc110801e19 R08: 0000000000000000 R09: 0000000000000000
[  132.207288][T13030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  132.207298][T13030] R13: 00007fc1109a6038 R14: 00007fc1109a5fa0 R15: 00007fffbf74f938
[  132.207314][T13030]  </TASK>
[  132.207381][T13030] memory: usage 307200kB, limit 307200kB, failcnt 147
[  132.245930][T13058] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3572: couldn't read orphan inode 17 (err -117)
[  132.248188][T13030] memory+swap: usage 307212kB, limit 9007199254740988kB, failcnt 0
[  132.248202][T13030] kmem: usage 307024kB, limit 9007199254740988kB, failcnt 0
[  132.253812][T13058] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.256712][T13030] Memory cgroup stats for /syz0:
[  132.257242][T13030] cache 0
[  132.257251][T13030] rss 180224
[  132.257258][T13030] shmem 0
[  132.257265][T13030] mapped_file 0
[  132.257304][T13030] dirty 0
[  132.257311][T13030] writeback 0
[  132.257319][T13030] workingset_refault_anon 0
[  132.257327][T13030] workingset_refault_file 0
[  132.257334][T13030] swap 12288
[  132.257341][T13030] swapcached 0
[  132.257347][T13030] pgpgin 53078
[  132.257354][T13030] pgpgout 53034
[  132.257361][T13030] pgfault 39628
[  132.639457][T13030] pgmajfault 2
[  132.642821][T13030] inactive_anon 0
[  132.646515][T13030] active_anon 0
[  132.649947][T13030] inactive_file 0
[  132.653604][T13030] active_file 0
[  132.657053][T13030] unevictable 180224
[  132.660990][T13030] hierarchical_memory_limit 314572800
[  132.666358][T13030] hierarchical_memsw_limit 9223372036854771712
[  132.672486][T13030] total_cache 0
[  132.675992][T13030] total_rss 180224
[  132.679689][T13030] total_shmem 0
[  132.683138][T13030] total_mapped_file 0
[  132.687356][T13030] total_dirty 0
[  132.691032][T13030] total_writeback 0
[  132.694834][T13030] total_workingset_refault_anon 0
[  132.699888][T13030] total_workingset_refault_file 0
[  132.704930][T13030] total_swap 12288
[  132.708675][T13030] total_swapcached 0
[  132.712557][T13030] total_pgpgin 53078
[  132.716469][T13030] total_pgpgout 53034
[  132.720513][T13030] total_pgfault 39628
[  132.724478][T13030] total_pgmajfault 2
[  132.728370][T13030] total_inactive_anon 0
[  132.732504][T13030] total_active_anon 0
[  132.736547][T13030] total_inactive_file 0
[  132.740696][T13030] total_active_file 0
[  132.744757][T13030] total_unevictable 180224
[  132.749277][T13030] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.3564,pid=13029,uid=0
[  132.763924][T13030] Memory cgroup out of memory: Killed process 13030 (syz.0.3564) total-vm:93692kB, anon-rss:1068kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  132.800886][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.843539][T13070] tipc: Started in network mode
[  132.848593][T13070] tipc: Node identity 769986480b66, cluster identity 4711
[  132.855948][T13070] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  132.873600][T13070] tipc: Disabling bearer <eth:syzkaller0>
[  132.920471][T13082] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3584'.
[  132.959324][T13081] team0: No ports can be present during mode change
[  133.151276][T13097] loop6: detected capacity change from 0 to 512
[  133.185699][T13097] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  133.194510][T13097] EXT4-fs (loop6): orphan cleanup on readonly fs
[  133.204338][T13097] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.3592: Failed to acquire dquot type 1
[  133.230813][T13097] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3592: bg 0: block 40: padding at end of block bitmap is not set
[  133.296691][T13109] netlink: 'syz.0.3597': attribute type 10 has an invalid length.
[  133.307976][T13097] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  133.321327][T13097] EXT4-fs (loop6): 1 truncate cleaned up
[  133.330138][T13097] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  133.344056][T13109] team0 (unregistering): Port device team_slave_0 removed
[  133.362023][ T5362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.375827][T13109] team0 (unregistering): Port device team_slave_1 removed
[  133.397830][T13114] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3600'.
[  133.654687][T13132] loop3: detected capacity change from 0 to 2048
[  133.673689][T13132] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.690213][T13132] EXT4-fs error (device loop3): ext4_free_inode:354: comm syz.3.3608: bit already cleared for inode 15
[  133.715786][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.827210][T13149] netlink: 'syz.3.3613': attribute type 27 has an invalid length.
[  133.886717][T13149] 0��{X��: left allmulticast mode
[  133.942667][T13149] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.949858][T13149] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.993729][T13149] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.005406][T13149] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.053765][ T1082] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  134.062234][ T1082] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.084860][ T1082] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  134.093318][ T1082] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.111495][ T1082] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  134.120002][ T1082] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.129075][ T1082] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  134.137620][ T1082] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.341368][T13183] bridge_slave_0: left allmulticast mode
[  134.347085][T13183] bridge_slave_0: left promiscuous mode
[  134.352739][T13183] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.366130][T13183] bridge_slave_1: left allmulticast mode
[  134.371826][T13183] bridge_slave_1: left promiscuous mode
[  134.377549][T13183] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.392726][T13183] bond0: (slave bond_slave_0): Releasing backup interface
[  134.404080][T13183] bond0: (slave bond_slave_1): Releasing backup interface
[  134.412701][T13183] team0: Port device team_slave_0 removed
[  134.419458][T13183] team0: Port device team_slave_1 removed
[  134.425665][T13183] batman_adv: batadv0: Removing interface: batadv_slave_0
[  134.433956][T13183] batman_adv: batadv0: Removing interface: batadv_slave_1
[  134.486314][T13189] loop3: detected capacity change from 0 to 1024
[  134.493081][T13189] EXT4-fs: Ignoring removed orlov option
[  134.503269][T13189] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.551430][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.600792][T13196] loop3: detected capacity change from 0 to 164
[  134.621060][T13196] syz.3.3632: attempt to access beyond end of device
[  134.621060][T13196] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  134.635713][T13196] syz.3.3632: attempt to access beyond end of device
[  134.635713][T13196] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  135.301834][T13243] bridge_slave_0: left allmulticast mode
[  135.308222][T13243] bridge_slave_0: left promiscuous mode
[  135.314062][T13243] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.337314][T13243] bridge_slave_1: left allmulticast mode
[  135.343007][T13243] bridge_slave_1: left promiscuous mode
[  135.348768][T13243] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.359438][T13243] bond0: (slave bond_slave_0): Releasing backup interface
[  135.380256][T13243] bond0: (slave bond_slave_1): Releasing backup interface
[  135.397802][T13243] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.405931][T13243] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.423774][T13243] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.432002][T13243] batman_adv: batadv0: Removing interface: batadv_slave_1
[  135.589718][T13261] loop2: detected capacity change from 0 to 2048
[  135.639177][T13261] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.656324][T13261] EXT4-fs error (device loop2): ext4_free_inode:354: comm syz.2.3662: bit already cleared for inode 15
[  135.715908][ T9633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.747615][T13283] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3669'.
[  136.063711][T13315] netlink: 5 bytes leftover after parsing attributes in process `syz.6.3685'.
[  136.072928][T13315] 0��{X��: renamed from gretap0 (while UP)
[  136.079951][T13315] 0��{X��: entered allmulticast mode
[  136.087911][T13315] A link change request failed with some changes committed already. Interface 
30��{X�� may have been left with an inconsistent configuration, please check.
[  136.150008][T13324] loop2: detected capacity change from 0 to 128
[  136.214115][T13328] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3691'.
[  136.496076][   T29] kauditd_printk_skb: 207 callbacks suppressed
[  136.496090][   T29] audit: type=1326 audit(132.503:5237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13355 comm="syz.0.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc11077ebe9 code=0x7ffc0000
[  136.564626][   T29] audit: type=1326 audit(132.503:5238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13355 comm="syz.0.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc11077ebe9 code=0x7ffc0000
[  136.588640][   T29] audit: type=1326 audit(132.503:5239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13355 comm="syz.0.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc11077ebe9 code=0x7ffc0000
[  136.611761][   T29] audit: type=1326 audit(132.503:5240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13355 comm="syz.0.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc11077ebe9 code=0x7ffc0000
[  136.635635][   T29] audit: type=1326 audit(132.503:5241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13355 comm="syz.0.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc11077ebe9 code=0x7ffc0000
[  136.659105][   T29] audit: type=1326 audit(132.503:5242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13355 comm="syz.0.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc11077ebe9 code=0x7ffc0000
[  136.682670][   T29] audit: type=1326 audit(132.503:5243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13355 comm="syz.0.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc11077ebe9 code=0x7ffc0000
[  136.705944][   T29] audit: type=1326 audit(132.503:5244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13355 comm="syz.0.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc11077ebe9 code=0x7ffc0000
[  136.729710][   T29] audit: type=1326 audit(132.531:5245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13355 comm="syz.0.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc11077ebe9 code=0x7ffc0000
[  136.752909][   T29] audit: type=1326 audit(132.531:5246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13355 comm="syz.0.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc11077ebe9 code=0x7ffc0000
[  136.800721][T13361] loop0: detected capacity change from 0 to 2048
[  136.835695][T13361] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.852790][T13359] EXT4-fs error (device loop0): ext4_free_inode:354: comm syz.0.3703: bit already cleared for inode 15
[  136.887004][T12425] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.211250][T13397] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3717'.
[  137.276934][T13407] loop6: detected capacity change from 0 to 2048
[  137.287416][T13411] vlan2: entered allmulticast mode
[  137.293503][T13411] dummy0: entered allmulticast mode
[  137.314946][T13407] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.331693][T13407] EXT4-fs error (device loop6): ext4_free_inode:354: comm syz.6.3721: bit already cleared for inode 15
[  137.362590][ T5362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.779274][T13457] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3745'.
[  137.953412][T13475] netlink: 'syz.2.3754': attribute type 10 has an invalid length.
[  137.975582][T13475] netlink: 'syz.2.3754': attribute type 10 has an invalid length.
[  137.983503][T13475] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3754'.
[  138.809885][T13550] loop3: detected capacity change from 0 to 4096
[  138.823388][T13550] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.873247][T13558] loop6: detected capacity change from 0 to 1024
[  138.877553][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.913885][T13558] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.992416][T13570] bridge0: entered promiscuous mode
[  139.002597][T13558] loop6: detected capacity change from 1024 to 0
[  139.011806][T13570] bridge0: port 3(macvtap0) entered blocking state
[  139.018457][T13570] bridge0: port 3(macvtap0) entered disabled state
[  139.019895][    C0] I/O error, dev loop6, sector 32 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  139.025476][T13570] macvtap0: entered allmulticast mode
[  139.040019][T13570] bridge0: entered allmulticast mode
[  139.045867][T13570] macvtap0: left allmulticast mode
[  139.045933][T13572] syz.6.3790: attempt to access beyond end of device
[  139.045933][T13572] loop6: rw=12288, sector=32, nr_sectors = 2 limit=0
[  139.050973][T13570] bridge0: left allmulticast mode
[  139.076755][T13570] bridge0: left promiscuous mode
[  139.117681][ T5362] syz-executor: attempt to access beyond end of device
[  139.117681][ T5362] loop6: rw=12288, sector=32, nr_sectors = 2 limit=0
[  139.190361][ T6880] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.238826][T13584] loop3: detected capacity change from 0 to 512
[  139.246267][ T6880] syz.6.1277: attempt to access beyond end of device
[  139.246267][ T6880] loop6: rw=145409, sector=2, nr_sectors = 2 limit=0
[  139.259812][ T6880] Buffer I/O error on dev loop6, logical block 1, lost sync page write
[  139.270982][ T6880] EXT4-fs (loop6): I/O error while writing superblock
[  139.278377][T13562] kmmpd-loop6: attempt to access beyond end of device
[  139.278377][T13562] loop6: rw=14337, sector=128, nr_sectors = 2 limit=0
[  139.291828][T13562] Buffer I/O error on dev loop6, logical block 64, lost sync page write
[  139.879036][T13617] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  139.887257][T13617] vhci_hcd: invalid port number 129
[  139.892512][T13617] vhci_hcd: default hub control req: 4003 v0017 i0081 l0
[  139.897410][T13593] chnl_net:caif_netlink_parms(): no params data found
[  139.942313][T13593] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.950704][T13593] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.959228][T13593] bridge_slave_0: entered allmulticast mode
[  139.966418][T13593] bridge_slave_0: entered promiscuous mode
[  139.973393][T13593] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.981182][T13593] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.989156][T13593] bridge_slave_1: entered allmulticast mode
[  139.995832][T13593] bridge_slave_1: entered promiscuous mode
[  140.003941][T13635] loop3: detected capacity change from 0 to 1024
[  140.019375][T13593] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  140.025342][T13635] EXT4-fs: Ignoring removed nobh option
[  140.041221][T13593] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  140.050509][T13635] EXT4-fs: Ignoring removed bh option
[  140.062583][T13635] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.094756][T13647] netlink: 332 bytes leftover after parsing attributes in process `syz.2.3819'.
[  140.116704][T13593] team0: Port device team_slave_0 added
[  140.133146][T13593] team0: Port device team_slave_1 added
[  140.147492][T13650] bridge0: entered promiscuous mode
[  140.152881][T13650] macvtap1: entered allmulticast mode
[  140.158333][T13650] bridge0: entered allmulticast mode
[  140.164462][T13650] bridge0: port 3(macvtap1) entered blocking state
[  140.171135][T13650] bridge0: port 3(macvtap1) entered disabled state
[  140.190215][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.204354][T13650] bridge0: left allmulticast mode
[  140.209426][T13650] bridge0: left promiscuous mode
[  140.256222][T13593] batman_adv: batadv0: Adding interface: batadv_slave_0
[  140.263283][T13593] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.289554][T13593] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  140.303912][T13593] batman_adv: batadv0: Adding interface: batadv_slave_1
[  140.311008][T13593] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.337178][T13593] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  140.381195][T13593] hsr_slave_0: entered promiscuous mode
[  140.390142][T13593] hsr_slave_1: entered promiscuous mode
[  140.396516][T13593] debugfs: 'hsr0' already exists in 'hsr'
[  140.402875][T13593] Cannot create hsr debugfs directory
[  140.467843][T13664] netlink: 'syz.0.3826': attribute type 1 has an invalid length.
[  140.504054][T13664] 8021q: adding VLAN 0 to HW filter on device bond1
[  140.535686][T13664] 8021q: adding VLAN 0 to HW filter on device bond1
[  140.556247][T13664] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  140.602005][T13664] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  140.620843][T13677] -: renamed from syzkaller0
[  140.790395][T13593] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  140.799502][T13593] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  140.810283][T13593] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  140.820583][T13593] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  140.872111][T13593] 8021q: adding VLAN 0 to HW filter on device bond0
[  140.887212][T13593] 8021q: adding VLAN 0 to HW filter on device team0
[  140.905885][ T1082] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.913021][ T1082] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.000091][ T6850] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.007225][ T6850] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.053757][T13593] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  141.064217][T13593] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  141.117790][T13593] 8021q: adding VLAN 0 to HW filter on device batadv0
[  141.231991][T13593] veth0_vlan: entered promiscuous mode
[  141.241468][T13593] veth1_vlan: entered promiscuous mode
[  141.263830][T13593] veth0_macvtap: entered promiscuous mode
[  141.272025][T13593] veth1_macvtap: entered promiscuous mode
[  141.283265][T13593] batman_adv: batadv0: Interface activated: batadv_slave_0
[  141.294537][T13593] batman_adv: batadv0: Interface activated: batadv_slave_1
[  141.304838][ T6899] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.313926][ T6899] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.323679][ T6899] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.333003][ T6899] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.775055][T13788] atomic_op ffff88811bc62928 conn xmit_atomic 0000000000000000
[  141.850839][   T29] kauditd_printk_skb: 473 callbacks suppressed
[  141.850854][   T29] audit: type=1326 audit(137.507:5720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13791 comm="syz.5.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f40e5715ba7 code=0x7ffc0000
[  141.881831][   T29] audit: type=1326 audit(137.536:5721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13791 comm="syz.5.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f40e56bade9 code=0x7ffc0000
[  141.905616][   T29] audit: type=1326 audit(137.536:5722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13791 comm="syz.5.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f40e5715ba7 code=0x7ffc0000
[  141.928514][   T29] audit: type=1326 audit(137.536:5723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13791 comm="syz.5.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f40e56bade9 code=0x7ffc0000
[  141.952478][   T29] audit: type=1326 audit(137.536:5724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13791 comm="syz.5.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f40e571ebe9 code=0x7ffc0000
[  141.987143][   T29] audit: type=1326 audit(137.629:5725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13791 comm="syz.5.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f40e5715ba7 code=0x7ffc0000
[  142.010287][   T29] audit: type=1326 audit(137.629:5726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13791 comm="syz.5.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f40e56bade9 code=0x7ffc0000
[  142.033328][   T29] audit: type=1326 audit(137.629:5727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13791 comm="syz.5.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f40e571ebe9 code=0x7ffc0000
[  142.056953][   T29] audit: type=1326 audit(137.629:5728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13791 comm="syz.5.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f40e5715ba7 code=0x7ffc0000
[  142.080313][   T29] audit: type=1326 audit(137.629:5729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13791 comm="syz.5.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f40e56bade9 code=0x7ffc0000
[  142.226550][T13812] -: renamed from syzkaller0
[  142.283464][T13821] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3885'.
[  142.555585][T13833] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3890'.
[  142.755165][T13847] syzkaller1: entered promiscuous mode
[  142.760680][T13847] syzkaller1: entered allmulticast mode
[  142.841003][T13853] netlink: 376 bytes leftover after parsing attributes in process `syz.5.3900'.
[  143.051289][T13874] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3909'.
[  143.158684][T13883] netlink: 'syz.0.3914': attribute type 10 has an invalid length.
[  143.186139][T13883] syz_tun: entered promiscuous mode
[  143.201781][T13883] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  143.212001][ T6899] bond0: (slave syz_tun): interface is now down
[  143.236692][ T6899] bond0: now running without any active interface!
[  143.569626][T13908] netlink: 332 bytes leftover after parsing attributes in process `syz.2.3924'.
[  143.614489][T13910] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3925'.
[  143.637762][T13910] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3925'.
[  144.070896][T13938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3938'.
[  144.158465][T13952] netlink: 'syz.0.3945': attribute type 6 has an invalid length.
[  144.199565][T13956] loop0: detected capacity change from 0 to 128
[  144.281812][T13964] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3952'.
[  144.293977][T13968] loop5: detected capacity change from 0 to 128
[  144.302848][T13968] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  144.339713][T13972] loop0: detected capacity change from 0 to 512
[  144.349139][T13972] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  144.367841][T13972] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.3954: invalid indirect mapped block 83886080 (level 1)
[  144.384728][T13972] EXT4-fs (loop0): Remounting filesystem read-only
[  144.391469][T13972] EXT4-fs (loop0): 1 orphan inode deleted
[  144.397253][T13972] EXT4-fs (loop0): 1 truncate cleaned up
[  144.403653][T13972] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.421054][T13593] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  144.479665][T13980] loop5: detected capacity change from 0 to 4096
[  144.487424][T12425] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.504470][T13980] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.551444][T13990] pim6reg: entered allmulticast mode
[  144.562262][T13986] vlan2: entered allmulticast mode
[  144.567428][T13986] bridge_slave_0: entered allmulticast mode
[  144.578153][T13990] pim6reg: left allmulticast mode
[  144.605218][T13991] EXT4-fs (loop5): shut down requested (0)
[  144.661125][T13993] netlink: 92 bytes leftover after parsing attributes in process `syz.0.3962'.
[  144.709731][T13593] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.750329][T14005] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  144.756858][T14005] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  144.765081][T14005] vhci_hcd vhci_hcd.0: Device attached
[  144.771919][T14006] vhci_hcd: cannot find the pending unlink 6
[  144.778836][T14006] vhci_hcd: connection closed
[  144.780832][ T6877] vhci_hcd: stop threads
[  144.790121][ T6877] vhci_hcd: release socket
[  144.794819][ T6877] vhci_hcd: disconnect device
[  144.814049][T14014] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3970'.
[  144.823834][T14014] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3970'.
[  144.869842][T14016] infiniband syz!: set active
[  144.874584][T14016] infiniband syz!: added team_slave_0
[  144.885143][T14016] RDS/IB: syz!: added
[  144.889432][T14016] smc: adding ib device syz! with port count 1
[  144.895861][T14016] smc:    ib device syz! port 1 has pnetid 
[  145.154135][T14023] sch_tbf: burst 511 is lower than device veth5 mtu (1514) !
[  145.216430][T14029] loop3: detected capacity change from 0 to 1024
[  145.226370][T14029] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.253290][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.468373][T14064] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14064 comm=syz.3.3992
[  145.694964][T14086] SELinux: ebitmap: truncated map
[  145.704522][T14086] SELinux: failed to load policy
[  145.958178][T14125] netlink: 'syz.1.4020': attribute type 1 has an invalid length.
[  145.965985][T14125] netlink: 'syz.1.4020': attribute type 4 has an invalid length.
[  145.974846][T14125] netlink: 'syz.1.4020': attribute type 1 has an invalid length.
[  145.982855][T14125] netlink: 'syz.1.4020': attribute type 4 has an invalid length.
[  146.386173][ T1082] netdevsim netdevsim6 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  146.396454][ T1082] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.509673][ T1082] netdevsim netdevsim6 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  146.519802][ T1082] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.539147][T14157] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14157 comm=syz.3.4032
[  146.551745][T14157] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14157 comm=syz.3.4032
[  146.637029][ T1082] netdevsim netdevsim6 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  146.646942][ T1082] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.673060][T14168] loop2: detected capacity change from 0 to 2048
[  146.723008][T14168]  loop2: p1 < > p4
[  146.723875][ T1082] netdevsim netdevsim6 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  146.727570][T14168] loop2: p4 size 8388608 extends beyond EOD, 
[  146.736800][ T1082] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.753226][T14168] truncated
[  146.816136][T14173] loop3: detected capacity change from 0 to 512
[  146.845215][T14173] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  146.855228][ T1082] bridge_slave_1: left allmulticast mode
[  146.860997][ T1082] bridge_slave_1: left promiscuous mode
[  146.866733][ T1082] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.904917][T14173] EXT4-fs (loop3): 1 truncate cleaned up
[  146.911187][T14173] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.927327][ T1082] bridge_slave_0: left promiscuous mode
[  146.933075][ T1082] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.968602][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.982320][ T1082] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  147.075190][ T1082] batman_adv: batadv0: Removing interface: ip6gretap1
[  147.172678][T14196] loop0: detected capacity change from 0 to 4096
[  147.182155][T14196] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.195242][T14197] loop2: detected capacity change from 0 to 1024
[  147.233904][T14197] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  147.262512][ T1082] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  147.283709][ T1082] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  147.293747][ T1082] bond0 (unregistering): Released all slaves
[  147.306181][ T1082] team0: Port device bond1 removed
[  147.315275][ T1082] bond1 (unregistering): Released all slaves
[  147.365123][ T1082] tipc: Left network mode
[  147.404060][T14201] EXT4-fs (loop0): shut down requested (0)
[  147.429386][ T1082] hsr_slave_0: left promiscuous mode
[  147.443799][ T1082] hsr_slave_1: left promiscuous mode
[  147.458957][ T1082] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  147.466522][ T1082] batman_adv: batadv0: Removing interface: batadv_slave_0
[  147.521369][ T1082] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  147.529017][ T1082] batman_adv: batadv0: Removing interface: batadv_slave_1
[  147.562995][ T1082] veth1_macvtap: left promiscuous mode
[  147.568748][ T1082] veth0_macvtap: left promiscuous mode
[  147.579303][ T1082] veth1_vlan: left promiscuous mode
[  147.587133][ T1082] veth0_vlan: left promiscuous mode
[  147.596046][T12425] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.705860][ T1082] team0 (unregistering): Port device team_slave_1 removed
[  147.727161][ T1082] team0 (unregistering): Port device team_slave_0 removed
[  147.755172][T14219] netlink: 'syz.0.4056': attribute type 1 has an invalid length.
[  147.763718][T14219] netlink: 'syz.0.4056': attribute type 4 has an invalid length.
[  147.766775][ T1082] batadv0 (unregistering): left allmulticast mode
[  147.791861][T14219] netlink: 'syz.0.4056': attribute type 1 has an invalid length.
[  147.799628][T14219] netlink: 'syz.0.4056': attribute type 4 has an invalid length.
[  148.229707][T14231] loop2: detected capacity change from 0 to 2048
[  148.279490][T14233] SELinux: ebitmap: truncated map
[  148.285672][T14231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.299944][   T29] kauditd_printk_skb: 1056 callbacks suppressed
[  148.300023][   T29] audit: type=1326 audit(143.541:6786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14230 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  148.306563][T14233] SELinux: failed to load policy
[  148.356808][   T29] audit: type=1326 audit(143.541:6787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14230 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  148.379808][   T29] audit: type=1326 audit(143.541:6788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14230 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  148.403588][   T29] audit: type=1326 audit(143.541:6789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14230 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  148.426669][   T29] audit: type=1326 audit(143.541:6790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14230 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  148.450443][   T29] audit: type=1326 audit(143.541:6791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14230 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  148.473586][   T29] audit: type=1326 audit(143.541:6792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14230 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  148.497254][   T29] audit: type=1326 audit(143.578:6793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14230 comm="syz.2.4061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  148.530506][ T9633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.558133][T14238] __nla_validate_parse: 8 callbacks suppressed
[  148.558149][T14238] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4063'.
[  148.574042][T14238] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4063'.
[  148.583045][T14238] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4063'.
[  148.593316][T14238] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4063'.
[  148.621997][T14246] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4067'.
[  148.859313][T14272] netlink: 100 bytes leftover after parsing attributes in process `syz.3.4079'.
[  148.873547][   T29] audit: type=1400 audit(144.083:6794): avc:  denied  { mounton } for  pid=14273 comm="syz.5.4080" path="/50/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  149.001991][T14286] pim6reg: entered allmulticast mode
[  149.008859][T14286] pim6reg: left allmulticast mode
[  149.023013][T14289] loop0: detected capacity change from 0 to 128
[  149.158815][   T29] audit: type=1326 audit(144.336:6795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14297 comm="syz.3.4091" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff45ecdebe9 code=0x0
[  149.277432][T14311] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4095'.
[  149.324199][T14314] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4096'.
[  149.333915][T14314] netlink: 108 bytes leftover after parsing attributes in process `syz.0.4096'.
[  149.376871][T14314] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4096'.
[  149.716427][T14335] vlan1: entered allmulticast mode
[  149.758238][T14333] loop2: detected capacity change from 0 to 1024
[  149.774236][T14333] EXT4-fs: Ignoring removed orlov option
[  149.784709][T14333] EXT4-fs: dax option not supported
[  150.125629][T14354] loop5: detected capacity change from 0 to 512
[  150.229616][T14354] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.452728][T13593] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.813188][T14414] netlink: 'syz.2.4142': attribute type 10 has an invalid length.
[  150.821542][T14414] dummy0: entered promiscuous mode
[  150.864226][T14417] netlink: 'syz.1.4143': attribute type 3 has an invalid length.
[  151.296458][T14450] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  151.628470][T14467] openvswitch: netlink: Message has 6 unknown bytes.
[  151.901902][T14499] loop5: detected capacity change from 0 to 1024
[  151.917701][T14499] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.945913][T14499] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4180: bg 0: block 494: padding at end of block bitmap is not set
[  152.013414][T14499] EXT4-fs (loop5): Remounting filesystem read-only
[  152.050787][T14499] EXT4-fs (loop5): error restoring inline_data for inode -- potential data loss! (inode 15, error -30)
[  152.191786][T13593] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.553003][T14573] IPVS: Unknown mcast interface: vcan0
[  152.675836][T14592] netlink: 'syz.1.4220': attribute type 2 has an invalid length.
[  152.683605][T14592] netlink: 'syz.1.4220': attribute type 1 has an invalid length.
[  152.979498][T14611] loop5: detected capacity change from 0 to 512
[  152.997247][T14611] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.021848][T13593] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.045346][T14616] bridge0: entered promiscuous mode
[  153.051183][T14616] bridge0: port 3(macsec0) entered blocking state
[  153.057636][T14616] bridge0: port 3(macsec0) entered disabled state
[  153.067288][T14616] macsec0: entered allmulticast mode
[  153.072706][T14616] bridge0: entered allmulticast mode
[  153.078671][T14616] macsec0: left allmulticast mode
[  153.083772][T14616] bridge0: left allmulticast mode
[  153.089389][T14616] bridge0: left promiscuous mode
[  153.556903][T14668] loop0: detected capacity change from 0 to 1024
[  153.591945][T14668] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.608768][T14668] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 1: comm +}[@: lblock 1 mapped to illegal pblock 1 (length 15)
[  153.623454][T14668] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117
[  153.636051][T14668] EXT4-fs (loop0): This should not happen!! Data will be lost
[  153.636051][T14668] 
[  153.681561][T12425] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.732539][   T29] kauditd_printk_skb: 121 callbacks suppressed
[  153.732553][   T29] audit: type=1400 audit(148.620:6917): avc:  denied  { append } for  pid=14685 comm="syz.1.4264" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  153.944760][T14710] __nla_validate_parse: 15 callbacks suppressed
[  153.944775][T14710] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4272'.
[  153.962149][   T29] audit: type=1400 audit(148.845:6918): avc:  denied  { read } for  pid=14700 comm="syz.1.4268" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  153.984661][   T29] audit: type=1400 audit(148.845:6919): avc:  denied  { open } for  pid=14700 comm="syz.1.4268" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  154.051562][   T29] audit: type=1326 audit(148.919:6920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  154.088977][   T29] audit: type=1326 audit(148.947:6921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  154.112045][   T29] audit: type=1326 audit(148.947:6922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  154.135105][   T29] audit: type=1326 audit(148.947:6923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  154.158023][   T29] audit: type=1326 audit(148.947:6924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  154.181059][   T29] audit: type=1326 audit(148.947:6925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  154.204095][   T29] audit: type=1326 audit(148.947:6926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  154.248016][T14728] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4280'.
[  155.515027][T14783] netlink: 'syz.1.4304': attribute type 39 has an invalid length.
[  155.638983][T14798] loop5: detected capacity change from 0 to 1024
[  155.648392][T14798] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.664622][T14798] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 1: comm +}[@: lblock 1 mapped to illegal pblock 1 (length 15)
[  155.678872][T14798] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117
[  155.691858][T14798] EXT4-fs (loop5): This should not happen!! Data will be lost
[  155.691858][T14798] 
[  155.712082][T13593] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.899257][T14822] loop2: detected capacity change from 0 to 512
[  155.916187][T14822] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.939492][ T9633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.955738][T14828] netlink: 'syz.2.4321': attribute type 39 has an invalid length.
[  156.185192][T14848] loop5: detected capacity change from 0 to 1024
[  156.192765][T14848] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  156.480439][T14863] loop3: detected capacity change from 0 to 256
[  156.567743][T14870] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4340'.
[  156.578686][T14870] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4340'.
[  156.704356][T14885] loop3: detected capacity change from 0 to 512
[  156.730354][T14885] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.859305][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.048497][T14906] loop2: detected capacity change from 0 to 512
[  157.064770][T14904] loop0: detected capacity change from 0 to 2048
[  157.089548][T14910] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4356'.
[  157.105729][T14906] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.119825][T14915] program syz.1.4357 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  157.130955][T14904] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.158229][T14918] loop3: detected capacity change from 0 to 512
[  157.165545][T14915] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  157.192611][T14918] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  157.213942][T14918] EXT4-fs (loop3): orphan cleanup on readonly fs
[  157.237063][ T9633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.262887][T14918] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4358: corrupted inode contents
[  157.282143][T14904] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4354: bg 0: block 120: padding at end of block bitmap is not set
[  157.301681][T14925] loop2: detected capacity change from 0 to 2048
[  157.316476][T14918] EXT4-fs (loop3): Remounting filesystem read-only
[  157.327323][T14918] EXT4-fs (loop3): 1 truncate cleaned up
[  157.333248][ T6899] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  157.343818][ T6899] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  157.356205][T14925] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.367972][T14845] syz.5.4329 (14845) used greatest stack depth: 6104 bytes left
[  157.371471][ T6899] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  157.386552][T14918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  157.408124][T12425] EXT4-fs (loop0): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  157.408807][ T9633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.435949][T14918] tipc: Started in network mode
[  157.440871][T14918] tipc: Node identity ac14140f, cluster identity 4711
[  157.447834][T14918] tipc: New replicast peer: 255.255.255.83
[  157.453846][T14918] tipc: Enabled bearer <udp:�>, priority 10
[  157.477609][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.518766][T14934] loop0: detected capacity change from 0 to 8192
[  157.647884][T14951] loop5: detected capacity change from 0 to 512
[  157.669983][T14951] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  157.690470][T14951] EXT4-fs (loop5): 1 truncate cleaned up
[  157.690865][T14951] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.766599][T14961] bridge: RTM_NEWNEIGH with invalid ether address
[  157.871930][T13593] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.146904][T14980] loop5: detected capacity change from 0 to 256
[  158.651047][   T23] tipc: Node number set to 2886997007
[  158.906005][T15028] loop3: detected capacity change from 0 to 128
[  159.347094][T15059] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4420'.
[  159.363204][T15059] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4420'.
[  159.441384][T15062] loop5: detected capacity change from 0 to 8192
[  159.450614][T15066] loop3: detected capacity change from 0 to 2048
[  159.470319][T15066] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.502565][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.597708][   T29] kauditd_printk_skb: 587 callbacks suppressed
[  159.597799][   T29] audit: type=1326 audit(154.111:7508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.5.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e571ebe9 code=0x7ffc0000
[  159.629735][   T29] audit: type=1326 audit(154.111:7509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.5.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e571ebe9 code=0x7ffc0000
[  159.652879][   T29] audit: type=1326 audit(154.111:7510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.5.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f40e571ebe9 code=0x7ffc0000
[  159.675775][   T29] audit: type=1326 audit(154.111:7511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.5.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e571ebe9 code=0x7ffc0000
[  159.698717][   T29] audit: type=1326 audit(154.111:7512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.5.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e571ebe9 code=0x7ffc0000
[  159.721811][   T29] audit: type=1326 audit(154.111:7513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.5.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f40e5720b07 code=0x7ffc0000
[  159.744728][   T29] audit: type=1326 audit(154.120:7514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.5.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f40e5720a7c code=0x7ffc0000
[  159.767620][   T29] audit: type=1326 audit(154.120:7515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.5.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f40e57209b4 code=0x7ffc0000
[  159.790684][   T29] audit: type=1326 audit(154.120:7516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.5.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f40e57209b4 code=0x7ffc0000
[  159.813705][   T29] audit: type=1326 audit(154.120:7517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.5.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f40e571d84a code=0x7ffc0000
[  159.975446][T15091] loop5: detected capacity change from 0 to 128
[  160.142939][T15109] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4439'.
[  160.154446][T15105] loop3: detected capacity change from 0 to 8192
[  160.358104][T15125] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.409163][T15125] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.446424][T15138] loop3: detected capacity change from 0 to 2368
[  160.473614][T15125] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.474614][T15144] loop0: detected capacity change from 0 to 512
[  160.491789][T15138] iso9660: Bad value for 'check'
[  160.547068][T15125] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.594848][T15162] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4463'.
[  160.641138][T15163] ipip0: entered promiscuous mode
[  160.660916][ T6899] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.673550][ T1082] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.691914][ T1082] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.704350][ T1082] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.866497][T15189] loop3: detected capacity change from 0 to 512
[  160.920630][T15189] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.938428][T15193] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4475'.
[  161.024088][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.116608][T15230] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4490'.
[  161.308551][   T23] Process accounting resumed
[  161.365734][T15254] SELinux: failed to load policy
[  161.482053][T15270] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4507'.
[  161.725252][T15291] loop2: detected capacity change from 0 to 2368
[  161.751881][T15291] iso9660: Bad value for 'check'
[  161.799578][T15297] loop0: detected capacity change from 0 to 128
[  161.950684][T15307] loop5: detected capacity change from 0 to 512
[  161.967532][T15307] EXT4-fs (loop5): 1 orphan inode deleted
[  161.987080][T15307] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.000766][ T6877] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:41: Failed to release dquot type 1
[  162.027024][T15315] loop2: detected capacity change from 0 to 128
[  162.051821][T13593] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.400271][T15360] pimreg: entered allmulticast mode
[  162.407984][T15360] pimreg: left allmulticast mode
[  162.489564][   T47] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 2
[  162.881040][T15408] loop3: detected capacity change from 0 to 128
[  162.909401][T15412] netlink: 'syz.2.4574': attribute type 1 has an invalid length.
[  162.922981][T15412] 8021q: adding VLAN 0 to HW filter on device bond2
[  162.955489][T15412] 8021q: adding VLAN 0 to HW filter on device batadv0
[  162.976908][T15412] bond2: (slave batadv0): making interface the new active one
[  162.986128][T15412] bond2: (slave batadv0): Enslaving as an active interface with an up link
[  163.249513][T15433] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  163.260117][T15433] tipc: Disabling bearer <eth:syzkaller0>
[  163.334218][T15437] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4585'.
[  163.361769][T15442] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4587'.
[  163.555576][T15465] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4598'.
[  163.568349][ T6899] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  163.581909][ T6899] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  163.595261][ T6899] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  163.604755][ T6899] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  164.026691][T15531] cgroup: Unknown subsys name 'cpuset'
[  164.046458][T15527] SELinux: failed to load policy
[  164.126798][T15541] loop3: detected capacity change from 0 to 8192
[  164.157678][T15541]  loop3: p1 p2 < > p3 p4 < p5 >
[  164.162648][T15541] loop3: partition table partially beyond EOD, truncated
[  164.170509][T15541] loop3: p1 size 100663296 extends beyond EOD, truncated
[  164.177986][T15541] loop3: p2 start 591104 is beyond EOD, truncated
[  164.184473][T15541] loop3: p3 start 33572980 is beyond EOD, truncated
[  164.195091][T15541] loop3: p5 size 100663296 extends beyond EOD, truncated
[  164.233402][T15550] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.312654][T15550] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.326127][T15564] loop3: detected capacity change from 0 to 164
[  164.348110][T15562] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  164.361974][T15562] tipc: Disabling bearer <eth:syzkaller0>
[  164.395890][T15550] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.503074][T15550] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.592427][ T6897] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.611671][ T6897] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.620391][ T6897] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.628670][ T6897] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.713581][T15602] __nla_validate_parse: 9 callbacks suppressed
[  164.713593][T15602] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4661'.
[  164.768611][T15610] netlink: 332 bytes leftover after parsing attributes in process `syz.0.4665'.
[  164.837297][ T6877] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.917502][ T6877] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.940618][T15619] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4669'.
[  164.980372][ T6877] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.999501][T15619] netlink: 5448 bytes leftover after parsing attributes in process `syz.0.4669'.
[  165.035521][ T6877] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.120750][ T6877] bridge_slave_1: left allmulticast mode
[  165.126451][ T6877] bridge_slave_1: left promiscuous mode
[  165.132683][ T6877] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.141295][ T6877] bridge_slave_0: left allmulticast mode
[  165.147127][ T6877] bridge_slave_0: left promiscuous mode
[  165.153080][ T6877] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.281695][ T6877] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  165.292171][ T6877] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  165.302298][ T6877] bond0 (unregistering): Released all slaves
[  165.373173][ T6877] hsr_slave_0: left promiscuous mode
[  165.379736][ T6877] hsr_slave_1: left promiscuous mode
[  165.385490][ T6877] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  165.393046][ T6877] batman_adv: batadv0: Removing interface: batadv_slave_0
[  165.401621][ T6877] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  165.409063][ T6877] batman_adv: batadv0: Removing interface: batadv_slave_1
[  165.421477][ T6877] veth1_macvtap: left promiscuous mode
[  165.426970][ T6877] veth0_macvtap: left promiscuous mode
[  165.432718][ T6877] veth1_vlan: left promiscuous mode
[  165.437924][ T6877] veth0_vlan: left promiscuous mode
[  165.504561][ T6877] team0 (unregistering): Port device team_slave_1 removed
[  165.518385][ T6877] team0 (unregistering): Port device team_slave_0 removed
[  165.527562][ T6897] smc: removing ib device syz!
[  165.572534][T15653] pimreg: entered allmulticast mode
[  165.590684][T15653] pimreg: left allmulticast mode
[  165.721736][T15628] chnl_net:caif_netlink_parms(): no params data found
[  165.768434][T15674] loop2: detected capacity change from 0 to 1024
[  165.783598][T15674] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  165.799502][T15628] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.799608][T15668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4686'.
[  165.806756][T15628] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.823016][T15628] bridge_slave_0: entered allmulticast mode
[  165.829879][T15628] bridge_slave_0: entered promiscuous mode
[  165.836872][T15628] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.838813][T15674] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.843929][T15628] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.863524][T15628] bridge_slave_1: entered allmulticast mode
[  165.870218][T15628] bridge_slave_1: entered promiscuous mode
[  165.904395][T15628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  165.915284][T15628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  165.926469][ T9633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.957073][T15628] team0: Port device team_slave_0 added
[  165.967903][   T29] kauditd_printk_skb: 350 callbacks suppressed
[  165.967916][   T29] audit: type=1400 audit(160.069:7867): avc:  denied  { accept } for  pid=15689 comm="syz.2.4691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  165.967961][T15628] team0: Port device team_slave_1 added
[  166.029268][   T29] audit: type=1400 audit(160.125:7868): avc:  denied  { listen } for  pid=15689 comm="syz.2.4691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  166.030385][T15628] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.055296][T15628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.081329][T15628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.114200][T15628] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.121168][T15628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.147349][T15628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.198630][   T29] audit: type=1326 audit(160.284:7869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15696 comm="syz.3.4695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  166.221699][   T29] audit: type=1326 audit(160.284:7870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15696 comm="syz.3.4695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  166.245520][   T29] audit: type=1326 audit(160.331:7871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15696 comm="syz.3.4695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  166.248840][T15628] hsr_slave_0: entered promiscuous mode
[  166.268776][   T29] audit: type=1326 audit(160.331:7872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15696 comm="syz.3.4695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  166.297100][   T29] audit: type=1326 audit(160.331:7873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15696 comm="syz.3.4695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  166.297727][T15628] hsr_slave_1: entered promiscuous mode
[  166.320030][   T29] audit: type=1326 audit(160.359:7874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15696 comm="syz.3.4695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  166.350388][   T29] audit: type=1326 audit(160.434:7875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15696 comm="syz.3.4695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  166.373395][   T29] audit: type=1326 audit(160.434:7876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15696 comm="syz.3.4695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff45ecdebe9 code=0x7ffc0000
[  166.439455][T15704] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  166.461110][T15704] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  166.477001][T15710] netlink: 228 bytes leftover after parsing attributes in process `syz.3.4701'.
[  166.528554][T15713] syzkaller0: entered promiscuous mode
[  166.534158][T15713] syzkaller0: entered allmulticast mode
[  166.536152][T15714] loop0: detected capacity change from 0 to 8192
[  166.595254][T15714]  loop0: p1 p2 < > p3 p4 < p5 >
[  166.600219][T15714] loop0: partition table partially beyond EOD, truncated
[  166.607391][T15714] loop0: p1 size 100663296 extends beyond EOD, truncated
[  166.615147][T15714] loop0: p2 start 591104 is beyond EOD, truncated
[  166.621691][T15714] loop0: p3 start 33572980 is beyond EOD, truncated
[  166.628907][T15714] loop0: p5 size 100663296 extends beyond EOD, truncated
[  166.644517][T15716] netlink: 'syz.3.4704': attribute type 1 has an invalid length.
[  166.652300][T15716] netlink: 198116 bytes leftover after parsing attributes in process `syz.3.4704'.
[  166.718805][T15628] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  166.728657][T15628] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  166.737951][T15628] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  166.746994][T15628] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  166.787669][T15628] 8021q: adding VLAN 0 to HW filter on device bond0
[  166.799160][T15628] 8021q: adding VLAN 0 to HW filter on device team0
[  166.808940][T15735] netlink: 'syz.0.4710': attribute type 1 has an invalid length.
[  166.812577][ T1082] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.823850][ T1082] bridge0: port 1(bridge_slave_0) entered forwarding state
[  166.842601][T15735] 8021q: adding VLAN 0 to HW filter on device bond2
[  166.861322][ T6899] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.868495][ T6899] bridge0: port 2(bridge_slave_1) entered forwarding state
[  166.883679][T15735] vlan2: entered allmulticast mode
[  166.888835][T15735] bond2: entered allmulticast mode
[  166.944781][T15748] loop3: detected capacity change from 0 to 1024
[  166.958544][T15628] 8021q: adding VLAN 0 to HW filter on device batadv0
[  166.962983][T15748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.005199][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.039315][T15762] serio: Serial port ptm0
[  167.056167][T15766] cgroup: Invalid name
[  167.101854][T15628] veth0_vlan: entered promiscuous mode
[  167.113374][T15628] veth1_vlan: entered promiscuous mode
[  167.143426][T15628] veth0_macvtap: entered promiscuous mode
[  167.152188][T15628] veth1_macvtap: entered promiscuous mode
[  167.164784][T15628] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.178172][T15628] batman_adv: batadv0: Interface activated: batadv_slave_1
[  167.189639][ T6861] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  167.194704][T15785] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4725'.
[  167.202125][ T6861] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.221590][T15785] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4725'.
[  167.241334][ T6861] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.277996][ T6861] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  167.307195][T15793] loop2: detected capacity change from 0 to 4096
[  167.317067][T15793] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.491639][ T9633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.509022][T15804] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4731'.
[  167.549646][T15810] netlink: 'syz.3.4734': attribute type 10 has an invalid length.
[  167.572229][T15808] syzkaller0: entered promiscuous mode
[  167.577754][T15808] syzkaller0: entered allmulticast mode
[  167.585364][T15810] team0: Port device dummy0 added
[  167.593001][T15810] netlink: 'syz.3.4734': attribute type 10 has an invalid length.
[  167.603518][T15810] team0: Port device dummy0 removed
[  167.611160][T15810] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  167.634836][   T23] hid_parser_main: 16 callbacks suppressed
[  167.634862][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x1
[  167.648172][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.655773][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.663301][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.670787][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.678310][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.685754][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.693147][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.700629][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.708054][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.717841][   T23] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  167.721060][T15816] random: crng reseeded on system resumption
[  167.965760][   T23] Process accounting resumed
[  168.046518][T15845] loop2: detected capacity change from 0 to 1024
[  168.070311][T15845] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  168.291608][T15881] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  168.416297][T15899] loop0: detected capacity change from 0 to 4096
[  168.424860][T15899] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.547950][T12425] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.558549][T15911] loop3: detected capacity change from 0 to 512
[  168.585850][T15911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  168.629894][T15911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #19: comm syz.3.4777: corrupted inode contents
[  168.660362][T15911] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #19: comm syz.3.4777: mark_inode_dirty error
[  168.675393][T15911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #19: comm syz.3.4777: corrupted inode contents
[  168.688355][T15911] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #19: comm syz.3.4777: mark_inode_dirty error
[  168.703875][T15911] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #19: comm syz.3.4777: mark inode dirty (error -117)
[  168.717082][T15911] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  168.741228][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  168.990948][T15938] xt_policy: neither incoming nor outgoing policy selected
[  169.577688][T16009] $H�: renamed from bond0 (while UP)
[  169.585209][T16009] $H�: entered promiscuous mode
[  169.590355][T16009] bond_slave_0: entered promiscuous mode
[  169.596191][T16009] bond_slave_1: entered promiscuous mode
[  169.602171][T16009] batadv_slave_0: entered promiscuous mode
[  169.729756][T16032] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  169.736379][T16032] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  169.744077][T16032] vhci_hcd vhci_hcd.0: Device attached
[  169.750908][T16036] geneve0: entered allmulticast mode
[  170.036583][ T4351] usb 6-1: SetAddress Request (2) to port 0
[  170.042673][ T4351] usb 6-1: new SuperSpeed USB device number 2 using vhci_hcd
[  170.146994][T16106] loop0: detected capacity change from 0 to 512
[  170.178661][T16106] EXT4-fs: Ignoring removed nomblk_io_submit option
[  170.196761][T16106] EXT4-fs: Ignoring removed nomblk_io_submit option
[  170.215964][T16106] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  170.252871][T16106] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  170.262898][T16106] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  170.274483][T16106] EXT4-fs (loop0): 1 truncate cleaned up
[  170.280597][T16106] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.318993][T16106] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 4: comm syz.0.4843: lblock 0 mapped to illegal pblock 4 (length 1)
[  170.333925][T16106] EXT4-fs (loop0): Remounting filesystem read-only
[  170.341345][T16106] EXT4-fs (loop0): shut down requested (2)
[  170.358483][T12425] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.556802][T16171] __nla_validate_parse: 7 callbacks suppressed
[  170.556819][T16171] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4852'.
[  170.573097][T16171] sctp: [Deprecated]: syz.3.4852 (pid 16171) Use of int in max_burst socket option.
[  170.573097][T16171] Use struct sctp_assoc_value instead
[  170.590398][T16171] loop3: detected capacity change from 0 to 512
[  170.598698][T16171] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2798: inode #11: comm syz.3.4852: corrupted xattr block 95: invalid header
[  170.613206][T16171] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.4852: bg 0: block 7: invalid block bitmap
[  170.626206][T16171] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  170.635320][T16171] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2962: inode #11: comm syz.3.4852: corrupted xattr block 95: invalid header
[  170.655073][T16171] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  170.664515][T16171] EXT4-fs (loop3): 1 orphan inode deleted
[  170.670787][T16171] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.699903][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.750234][T16194] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4854'.
[  170.867022][T16033] vhci_hcd: connection reset by peer
[  170.873673][ T6897] vhci_hcd: stop threads
[  170.878017][ T6897] vhci_hcd: release socket
[  170.882631][ T6897] vhci_hcd: disconnect device
[  171.040825][T16225] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4862'.
[  171.049983][T16225] bridge_slave_1: left allmulticast mode
[  171.055756][T16225] bridge_slave_1: left promiscuous mode
[  171.061445][T16225] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.069536][T16225] bridge_slave_0: left allmulticast mode
[  171.075423][T16225] bridge_slave_0: left promiscuous mode
[  171.081302][T16225] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.244934][T16234] loop7: detected capacity change from 0 to 8192
[  171.382399][T16245] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4871'.
[  171.526212][T16265] netlink: 96 bytes leftover after parsing attributes in process `syz.7.4880'.
[  171.643251][T16284] loop2: detected capacity change from 0 to 164
[  171.650464][T16284] rock: directory entry would overflow storage
[  171.656727][T16284] rock: sig=0x66, size=4, remaining=3
[  171.664228][T16284] rock: directory entry would overflow storage
[  171.670547][T16284] rock: sig=0x66, size=4, remaining=3
[  171.684232][T16284] iso9660: Corrupted directory entry in block 4 of inode 1792
[  171.692827][T16284] rock: directory entry would overflow storage
[  171.699054][T16284] rock: sig=0x66, size=4, remaining=3
[  171.704636][T16284] iso9660: Corrupted directory entry in block 4 of inode 1792
[  171.810714][T16313] SELinux:  Context system_u:object is not valid (left unmapped).
[  171.820174][   T29] kauditd_printk_skb: 797 callbacks suppressed
[  171.820187][   T29] audit: type=1400 audit(165.551:8674): avc:  denied  { relabelto } for  pid=16310 comm="+}[@" name="cgroup.procs" dev="cgroup" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object"
[  171.851139][   T29] audit: type=1400 audit(165.551:8675): avc:  denied  { associate } for  pid=16310 comm="+}[@" name="cgroup.procs" dev="cgroup" ino=249 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object"
[  171.910433][T16315] loop3: detected capacity change from 0 to 164
[  171.918455][T16315] rock: directory entry would overflow storage
[  171.924637][T16315] rock: sig=0x66, size=4, remaining=3
[  171.931881][T16315] rock: directory entry would overflow storage
[  171.938067][T16315] rock: sig=0x66, size=4, remaining=3
[  171.945984][T16315] iso9660: Corrupted directory entry in block 4 of inode 1792
[  171.955245][T16315] rock: directory entry would overflow storage
[  171.961461][T16315] rock: sig=0x66, size=4, remaining=3
[  171.980667][T16315] iso9660: Corrupted directory entry in block 4 of inode 1792
[  172.074158][T16337] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4911'.
[  172.088189][T16337] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4911'.
[  172.160058][T16335] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4908'.
[  172.169096][T16335] unsupported nlmsg_type 40
[  172.182227][T16352] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  172.193240][T16354] syz_tun: entered allmulticast mode
[  172.199339][T16352] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  172.208360][T16353] syz_tun: left allmulticast mode
[  172.228469][T16352] 9pnet: p9_errstr2errno: server reported unknown error �@00000000000000000000010
[  172.286972][T16365] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4920'.
[  172.296712][T16365] batadv_slave_1: entered promiscuous mode
[  172.332293][   T29] audit: type=1400 audit(166.018:8676): avc:  denied  { rename } for  pid=16369 comm="syz.2.4923" name="file0" dev="tmpfs" ino=2624 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  172.381656][   T29] audit: type=1326 audit(166.056:8677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16372 comm="syz.2.4924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  172.404947][   T29] audit: type=1326 audit(166.056:8678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16372 comm="syz.2.4924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  172.428004][   T29] audit: type=1326 audit(166.056:8679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16372 comm="syz.2.4924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  172.451069][   T29] audit: type=1326 audit(166.056:8680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16372 comm="syz.2.4924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  172.474239][   T29] audit: type=1326 audit(166.056:8681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16372 comm="syz.2.4924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  172.497270][   T29] audit: type=1326 audit(166.056:8682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16372 comm="syz.2.4924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  172.520208][   T29] audit: type=1326 audit(166.056:8683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16372 comm="syz.2.4924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcd51ebe9 code=0x7ffc0000
[  172.631697][T16388] loop3: detected capacity change from 0 to 512
[  172.646743][T16388] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.676091][ T9180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.913820][T16416] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4942'.
[  173.073807][T16442] loop0: detected capacity change from 0 to 164
[  173.086821][T16442] rock: directory entry would overflow storage
[  173.093002][T16442] rock: sig=0x66, size=4, remaining=3
[  173.106241][T16442] rock: directory entry would overflow storage
[  173.112419][T16442] rock: sig=0x66, size=4, remaining=3
[  173.118467][T16442] iso9660: Corrupted directory entry in block 4 of inode 1792
[  173.127125][T16442] rock: directory entry would overflow storage
[  173.133295][T16442] rock: sig=0x66, size=4, remaining=3
[  173.139219][T16442] iso9660: Corrupted directory entry in block 4 of inode 1792
[  173.432013][T16457] loop2: detected capacity change from 0 to 1024
[  173.440026][T16457] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  173.449273][T16457] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  173.460194][T16457] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  173.471565][T16457] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  173.485975][T16457] EXT4-fs error (device loop2): ext4_get_journal_inode:5800: inode #17: comm syz.2.4960: iget: bad i_size value: 4398046511204
[  173.505542][T16457] EXT4-fs (loop2): no journal found
[  173.709359][T16474] wg2: entered promiscuous mode
[  173.714281][T16474] wg2: entered allmulticast mode
[  173.887625][T16498] loop7: detected capacity change from 0 to 512
[  173.894636][T16498] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  173.915901][T16498] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.4981: Failed to acquire dquot type 1
[  173.940310][T16498] EXT4-fs (loop7): 1 truncate cleaned up
[  173.946625][T16498] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.981098][T15628] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.005482][T16507] IPv4: Oversized IP packet from 127.202.26.0
[  174.032039][T16511] netlink: zone id is out of range
[  174.043769][T16511] netlink: zone id is out of range
[  174.050227][T16511] netlink: del zone limit has 8 unknown bytes
[  174.291540][T16538] netlink: 'syz.1.4998': attribute type 1 has an invalid length.
[  174.313593][   T23] hid_parser_main: 24 callbacks suppressed
[  174.313612][   T23] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  174.338689][   T23] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  174.666849][ T6899] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  174.742157][ T6899] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  174.778557][   T23] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  174.786094][   T23] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  174.793501][   T23] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  174.801089][   T23] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  174.808494][   T23] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  174.815897][   T23] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  174.823350][   T23] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  174.830786][   T23] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  174.838200][   T23] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  174.854191][T16576] chnl_net:caif_netlink_parms(): no params data found
[  174.861707][   T23] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  174.875389][ T6899] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  174.910995][   T10] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=10 comm=kworker/0:1
[  174.924808][T16576] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.926916][T16601] 9pnet: p9_errstr2errno: server reported unknown error 184467440
[  174.932011][T16576] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.947021][T16576] bridge_slave_0: entered allmulticast mode
[  174.953772][T16576] bridge_slave_0: entered promiscuous mode
[  174.960605][T16576] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.967796][T16576] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.975230][T16576] bridge_slave_1: entered allmulticast mode
[  174.981860][T16576] bridge_slave_1: entered promiscuous mode
[  174.998837][ T6899] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.018674][T16576] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  175.029375][T16576] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  175.052590][T16576] team0: Port device team_slave_0 added
[  175.059901][T16576] team0: Port device team_slave_1 added
[  175.080233][T16576] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.087251][T16576] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.113165][T16576] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.127232][T16576] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.134238][T16576] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.160274][T16576] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.171784][T16612] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.190430][ T6899] bridge_slave_1: left allmulticast mode
[  175.196163][ T6899] bridge_slave_1: left promiscuous mode
[  175.201971][ T6899] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.209740][ T6899] bridge_slave_0: left allmulticast mode
[  175.215426][ T6899] bridge_slave_0: left promiscuous mode
[  175.221289][ T6899] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.308319][ T6899] bond1 (unregistering): (slave bridge1): Releasing active interface
[  175.446031][ T4351] usb 6-1: device descriptor read/8, error -110
[  175.480319][ T6899] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  175.489895][ T6899] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  175.499057][ T6899] bond0 (unregistering): Released all slaves
[  175.508089][ T6899] bond1 (unregistering): Released all slaves
[  175.517096][ T6899] bond2 (unregistering): (slave batadv0): Releasing active interface
[  175.527632][ T6899] bond2 (unregistering): Released all slaves
[  175.538856][T16612] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.564572][ T4351] usb 6-1: new SuperSpeed USB device number 2 using vhci_hcd
[  175.574029][T16576] hsr_slave_0: entered promiscuous mode
[  175.580226][T16576] hsr_slave_1: entered promiscuous mode
[  175.586172][T16576] debugfs: 'hsr0' already exists in 'hsr'
[  175.591886][T16576] Cannot create hsr debugfs directory
[  175.595770][ T4351] usb 6-1: enqueue for inactive port 0
[  175.597744][ T6899] tipc: Left network mode
[  175.603620][ T4351] usb 6-1: enqueue for inactive port 0
[  175.613275][T16612] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.614737][ T4351] usb 6-1: enqueue for inactive port 0
[  175.638436][ T6899] hsr_slave_0: left promiscuous mode
[  175.649174][ T6899] hsr_slave_1: left promiscuous mode
[  175.695792][ T6899] team0 (unregistering): Port device team_slave_1 removed
[  175.706245][ T6899] team0 (unregistering): Port device team_slave_0 removed
[  175.738420][T16612] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.839906][ T6850] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  175.865368][ T6850] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  175.888970][ T6850] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  175.899677][ T6850] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  175.934022][T16643] loop3: detected capacity change from 0 to 8192
[  176.010060][ T5746] ==================================================================
[  176.018168][ T5746] BUG: KCSAN: data-race in copy_folio_from_iter_atomic / fat16_ent_put
[  176.026429][ T5746] 
[  176.028744][ T5746] write to 0xffff888151f3b36c of 2 bytes by task 16643 on cpu 0:
[  176.036440][ T5746]  fat16_ent_put+0x28/0x60
[  176.040850][ T5746]  fat_alloc_clusters+0x4ce/0xa80
[  176.045868][ T5746]  fat_get_block+0x258/0x5e0
[  176.050529][ T5746]  __block_write_begin_int+0x3fd/0xf90
[  176.055982][ T5746]  cont_write_begin+0x5fc/0x970
[  176.060822][ T5746]  fat_write_begin+0x4f/0xe0
[  176.065398][ T5746]  cont_write_begin+0x1ad/0x970
[  176.070239][ T5746]  fat_write_begin+0x4f/0xe0
[  176.074813][ T5746]  generic_cont_expand_simple+0xb0/0x150
[  176.080436][ T5746]  fat_cont_expand+0x3e/0x170
[  176.085102][ T5746]  fat_setattr+0x2a5/0x8a0
[  176.089501][ T5746]  notify_change+0x809/0x890
[  176.094102][ T5746]  do_ftruncate+0x34b/0x450
[  176.098591][ T5746]  __x64_sys_ftruncate+0x68/0xc0
[  176.103512][ T5746]  x64_sys_call+0x2d52/0x2ff0
[  176.108266][ T5746]  do_syscall_64+0xd2/0x200
[  176.112773][ T5746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.118832][ T5746] 
[  176.121146][ T5746] read to 0xffff888151f3b200 of 512 bytes by task 5746 on cpu 1:
[  176.128844][ T5746]  copy_folio_from_iter_atomic+0x7fc/0x1170
[  176.134735][ T5746]  generic_perform_write+0x2c2/0x490
[  176.140007][ T5746]  shmem_file_write_iter+0xc5/0xf0
[  176.145103][ T5746]  lo_rw_aio+0x6a0/0x760
[  176.149336][ T5746]  loop_process_work+0x52d/0xa60
[  176.154261][ T5746]  loop_workfn+0x31/0x40
[  176.158491][ T5746]  process_scheduled_works+0x4ce/0x9d0
[  176.163947][ T5746]  worker_thread+0x582/0x770
[  176.168625][ T5746]  kthread+0x486/0x510
[  176.172763][ T5746]  ret_from_fork+0xda/0x150
[  176.177251][ T5746]  ret_from_fork_asm+0x1a/0x30
[  176.181999][ T5746] 
[  176.184388][ T5746] Reported by Kernel Concurrency Sanitizer on:
[  176.190523][ T5746] CPU: 1 UID: 0 PID: 5746 Comm: kworker/u8:9 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  176.201965][ T5746] Tainted: [W]=WARN
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  176.205746][ T5746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  176.215783][ T5746] Workqueue: loop3 loop_workfn
[  176.220716][ T5746] ==================================================================
[  176.394255][T16576] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  176.516356][T16628] bond0: (slave syz_tun): Releasing backup interface
[  176.659273][ T6866] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.744592][ T6866] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.795229][ T6866] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.891598][ T6866] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.921487][ T4351] usb usb6-port1: attempt power cycle
[  176.997606][ T6866] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.007847][ T6866] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.017352][ T6866] bond0 (unregistering): Released all slaves
[  177.074134][ T6866] hsr_slave_0: left promiscuous mode
[  177.079881][ T6866] hsr_slave_1: left promiscuous mode
[  177.085427][ T6866] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  177.092944][ T6866] batman_adv: batadv0: Removing interface: batadv_slave_0
[  177.100735][ T6866] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  177.108139][ T6866] batman_adv: batadv0: Removing interface: batadv_slave_1
[  177.117736][ T6866] veth1_macvtap: left promiscuous mode
[  177.123221][ T6866] veth0_macvtap: left promiscuous mode
[  177.128860][ T6866] veth1_vlan: left promiscuous mode
[  177.134082][ T6866] veth0_vlan: left promiscuous mode
[  177.187470][ T6866] team0 (unregistering): Port device team_slave_1 removed
[  177.196626][ T6866] team0 (unregistering): Port device team_slave_0 removed
[  177.895837][ T6866] bridge_slave_1: left allmulticast mode
[  177.901480][ T6866] bridge_slave_1: left promiscuous mode
[  177.907262][ T6866] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.914904][ T6866] bridge_slave_0: left allmulticast mode
[  177.920576][ T6866] bridge_slave_0: left promiscuous mode
[  177.926324][ T6866] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.014084][ T6866] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  178.023131][ T6866] bond0 (unregistering): Released all slaves
[  178.088797][ T6866] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  178.098361][ T6866] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  178.107805][ T6866] bond0 (unregistering): Released all slaves
[  178.152426][ T6866] tipc: Disabling bearer <udp:�>
[  178.157479][ T6866] tipc: Left network mode
[  178.164932][ T6866] hsr_slave_0: left promiscuous mode
[  178.170489][ T6866] hsr_slave_1: left promiscuous mode
[  178.177582][ T6866] hsr_slave_0: left promiscuous mode
[  178.183411][ T6866] hsr_slave_1: left promiscuous mode
[  178.188973][ T6866] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.196474][ T6866] batman_adv: batadv0: Removing interface: batadv_slave_1
[  178.266282][ T6866] team0 (unregistering): Port device team_slave_1 removed
[  178.275773][ T6866] team0 (unregistering): Port device team_slave_0 removed
[  178.665160][ T6866] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  178.750389][ T6866] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  178.835988][ T6866] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  178.878033][ T4351] usb usb6-port1: unable to enumerate USB device
[  178.885017][ T6866] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  178.964376][ T6866] bridge_slave_1: left allmulticast mode
[  178.970259][ T6866] bridge_slave_1: left promiscuous mode
[  178.975919][ T6866] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.983465][ T6866] bridge_slave_0: left promiscuous mode
[  178.989169][ T6866] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.167948][ T6866] $H� (unregistering): (slave bond_slave_0): Releasing backup interface
[  179.176651][ T6866] bond_slave_0: left promiscuous mode
[  179.182594][ T6866] $H� (unregistering): (slave bond_slave_1): Releasing backup interface
[  179.191283][ T6866] bond_slave_1: left promiscuous mode
[  179.197174][ T6866] $H� (unregistering): (slave batadv_slave_0): Releasing backup interface
[  179.206124][ T6866] batadv_slave_0: left promiscuous mode
[  179.212504][ T6866] $H� (unregistering): Released all slaves
[  179.220793][ T6866] bond1 (unregistering): Released all slaves
[  179.228482][ T6866] team0: Port device bond2 removed
[  179.234287][ T6866] bond2 (unregistering): Released all slaves
[  179.242360][ T6866] bond3 (unregistering): Released all slaves
[  179.275793][ T6866] tipc: Disabling bearer <udp:syz2>
[  179.281202][ T6866] tipc: Left network mode
[  179.286918][ T6866] hsr_slave_0: left promiscuous mode
[  179.292421][ T6866] hsr_slave_1: left promiscuous mode
[  179.311758][ T6866] team0 (unregistering): Port device team_slave_1 removed
[  179.321077][ T6866] team0 (unregistering): Port device C removed