last executing test programs:

2m41.512912938s ago: executing program 32 (id=1223):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000440)={@val={0x70}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffdd86}}}}}}}, 0xfdef)

2m40.848135621s ago: executing program 33 (id=1236):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x207}, 0x18)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0xe3f6, 0x2, 0x4, 0x5d}, &(0x7f0000000140), &(0x7f0000000280))

2m37.951897627s ago: executing program 34 (id=1284):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0)

1m27.239681237s ago: executing program 0 (id=4009):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000000000)='./bus/file0\x00', 0x2004000, &(0x7f0000000000)=ANY=[], 0xfe, 0x1230, &(0x7f00000024c0)="$eJzs3E9rXFUYB+DXSZrUjPmj1moF6cFudHNJsnCjIEFSkA4obSO0gnBrJjrkOhNyh8CIGF25deMHcCsu3QniTjdx4Wdwl41LF+qVzqS1sSMptM0t4Xk2c5lzfsP7zhkunGHO7L/25UebG2W2kfej8djr0diKmPwrRYpG3PJZvPzqTz+/cOXa9Usrrdbq5ZQurlxdeiWlNHf+h3c/+fbFH/vNd76b+3469hbe2/99+be9s3vn9v+++mGnTJ0ydXv9lKcbvV4/v1G003qn3MxSerto52U7dbple/vQ+EbR29oapLy7Pjuztd0uy5R3B2mzPUj9XupvD1L+Qd7ppizL0uxMcD/WvvmjqqqIqjoVU1FVVfV4zEQjnojZmIv5WIgn46l4Os7EM3E2no3n4txwVt11AwAAAAAAAAAAAAAAAAAAwMky7vx/867z/19FjDv/f77m4gEAAAAAAAAAAAAAAAAAAOCEuHLt+qWVVmv1ckqnI4ovdtZ21kaPo/GVjehEEe1YjPn4M4an/0dG11PRWl1MQwvxebF7kN/dWZs4nF8a/p3AXfmLb7ZWl0b5dDg/HTN35pdjPs6Mzy//J39hmD8dL124I5/FfPz6fvSiiPW4mf03/+lSSm+81bqd/2Vv1Pt6jesCAAAAD1KWbhu7f8+y/xsf5Y/6fuDm/npx7P5+Mp6frLd3IsrBx5t5UbS3a7+4VdHomd2IOP4ypg5qeDAv2IiIe5vcPNT78bV86sg5zRo+CV83I+4jPvEw3sw6Vqfei6PuHBMP43bEMTtY9Ol7Dlh2AAAAAAAAAACAR8Jx/Jyw7h4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4hx04FgAAAAAQ5m+dRscGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//81H8BK")
r0 = timerfd_create(0x0, 0x0)
r1 = syz_io_uring_setup(0x58f7, &(0x7f0000000500)={0x0, 0x0, 0x10100, 0x0, 0x104a}, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000240)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r0, 0x0, &(0x7f0000002280)=""/4102, 0x1006, 0x1a})
timerfd_settime(r0, 0x3, &(0x7f0000000840)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
io_uring_enter(r1, 0x1f82, 0x0, 0x0, 0x0, 0x0)

1m27.10312603s ago: executing program 0 (id=4017):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x79, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mount$9p_tcp(0x0, &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x8010, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=tcp'])

1m27.083300141s ago: executing program 0 (id=4019):
close(0x3)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

1m27.060873151s ago: executing program 0 (id=4022):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000000140)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7}}, {@nodelalloc}, {@quota}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r1, &(0x7f0000000240)='./file0\x00', r1, &(0x7f00000000c0)='./bus/file0\x00', 0x0)

1m26.969520942s ago: executing program 0 (id=4028):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0xa55c}, 0x18)
r2 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
read$eventfd(r2, 0x0, 0x0)

1m26.60204684s ago: executing program 0 (id=4050):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x550, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x9, 0x6}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = creat(&(0x7f0000000300)='./file0\x00', 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000900)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8458e6f5f76e0e4e781bfca4c928c956321dd514877569805db6602f1584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26ce40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299deb9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8356985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35c498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c1761f1322b03cc9ea586d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f9156e35424", 0x45c)
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r2, 0x0, 0x0}, 0x10)

1m26.56414092s ago: executing program 35 (id=4050):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x550, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x9, 0x6}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = creat(&(0x7f0000000300)='./file0\x00', 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000900)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8458e6f5f76e0e4e781bfca4c928c956321dd514877569805db6602f1584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26ce40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299deb9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8356985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35c498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c1761f1322b03cc9ea586d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f9156e35424", 0x45c)
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r2, 0x0, 0x0}, 0x10)

1m11.850786348s ago: executing program 6 (id=4532):
io_setup(0x7, &(0x7f0000000600)=<r0=>0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r3, 0x0, 0x100000000}, 0x18)
io_submit(r0, 0xe7, &(0x7f0000000080)=[&(0x7f0000000140)={0x0, 0x4, 0x0, 0x1, 0x0, r1, &(0x7f0000000000)="ff07000000000000", 0x400000}])

1m11.74556343s ago: executing program 6 (id=4536):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="1f", 0x1}], 0x1}, 0x8c0)
recvmmsg(r0, &(0x7f0000000e40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)=""/182, 0xb6}, 0x5}], 0x1, 0x0, 0x0)

1m10.861886947s ago: executing program 6 (id=4580):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000240)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0x60, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

1m10.816795787s ago: executing program 6 (id=4582):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

1m10.762718709s ago: executing program 6 (id=4586):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000001700000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x1018}, './file0\x00'})

1m10.496112464s ago: executing program 6 (id=4598):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0xfffffffc, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1m10.471108105s ago: executing program 36 (id=4598):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0xfffffffc, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1m4.635497478s ago: executing program 9 (id=4864):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='\f'], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x60, 0x0, 0x0, 0xfffffffc}, {}, {0x3}, {}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)

1m4.52281668s ago: executing program 9 (id=4867):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
chown(0x0, 0x0, 0x0)

1m4.516697011s ago: executing program 9 (id=4869):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VT_RESIZEX(r1, 0x4bfa, &(0x7f0000000140)={0x1a, 0x3d23, 0x1578, 0x0, 0x0, 0xfffe})

1m4.429586682s ago: executing program 9 (id=4871):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2)

1m4.268175666s ago: executing program 9 (id=4879):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
ioctl$SIOCGETLINKNAME(0xffffffffffffffff, 0x89e0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x70bd2b, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x3}, {}, {0xe, 0x12}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8b5}, 0x0)

1m3.710758796s ago: executing program 9 (id=4901):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = gettid()
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
sendmsg$unix(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000007c0)='>', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x160)

1m3.710515597s ago: executing program 37 (id=4901):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = gettid()
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
sendmsg$unix(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000007c0)='>', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x160)

11.856211128s ago: executing program 5 (id=6607):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})

11.851172269s ago: executing program 5 (id=6610):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e1f, @remote}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
writev(r1, &(0x7f0000000400)=[{&(0x7f00000002c0)="a609a89c9edd34187123b5adceb38c8557f4e107445a53c0815c9636d00f896d1e8cd8de77a79f1e3e2c53ddf1bb9f8ac5cb5257ff4e8b960026bc4244c4b09179a97dffdf02563e23546d3e78f944e7e2fee2a0e354223318badb21d8c086669c5f7772f4a6d90d0997babdf79f7d557e055b3e6f2e4f41ec06a39a57b9ccc00b", 0x81}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000080), 0x8)
sendmmsg$sock(r0, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

11.832405839s ago: executing program 5 (id=6612):
r0 = socket$unix(0x1, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r2}, 0x10)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)
mount$9p_tcp(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x801, &(0x7f0000000740)=ANY=[@ANYBLOB='trans=tcp'])

11.77474452s ago: executing program 5 (id=6613):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffff}}]}, 0x3, 0x570, &(0x7f0000000c00)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x100000000000001, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x203]})
fallocate(r0, 0x0, 0x0, 0x1001f0)

11.601620574s ago: executing program 5 (id=6614):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2010800, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000}]}})

11.26940499s ago: executing program 5 (id=6617):
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$tun(r0, &(0x7f0000000600)=ANY=[@ANYBLOB="7f7215b6d68e34d5"], 0x32)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

11.26907648s ago: executing program 38 (id=6617):
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$tun(r0, &(0x7f0000000600)=ANY=[@ANYBLOB="7f7215b6d68e34d5"], 0x32)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

11.205978021s ago: executing program 8 (id=6624):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000280)=0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e20, @dev}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r1}, 0x10)
close(r0)

11.188381761s ago: executing program 8 (id=6625):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)

11.127599953s ago: executing program 8 (id=6626):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r0 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000200)=[{0x0}], 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0xf}, 0x18)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0x1}, 0x20)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

10.617702363s ago: executing program 8 (id=6641):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000440)='./file2\x00', 0x80, &(0x7f0000000480), 0x1, 0x3f5, &(0x7f00000004c0)="$eJzs3N1qHFUcAPD/TDeJTasbtXqhhUaKGPzIR1PSBgsqeOmV9QVikpbotrFNBFtyYUHsA2gfQLxsH8EL8U4QvClee6cUiiS5lshsZpNJsps2H+tU5/eDgXPmg3P+M7N7zp5z2AAqazAivoyI3oj4JCLq+f4k3+Ld9S07b3V5aTrbklhbu/hX0jy+srw0HYVrMsfyzFAakX6VxMttyl24cfPTqUZj9nqeH1m88tnIwo2bb81dmbo8e3n26vjo5OTo+PmJyYlDi/WPuP37hfvv17/55fRvP3384URW3+P5sWIch2UwBjfuyXbDh11YyZ4qpJNaiRVhT9KIOBIRtebnvx5HYvPh1eOHeqmVAwC6Ym3tnW15AOD/L9HmA0DFtH73rywvTbe2MsYhyvLwvfXJq5V8bnN1I/7axkxIz7b5rcM0GBH37pw7lW2x6zxk2qUaAABV82PW/znfrv+XxsnCeUcjoj9f23U8Ip6OiGcK68X2a3Bbfmf/J31wwCJ2lfX/LhTWtq0W4s8NHMlzWcwD0ZNcmmvMjubxD0VPX5Yf26WMkxdf/LvTsWL/717t3Kms/FZfMK/Hg1rf1mtmphanDhJz0cNbES/V2sWfbPR/k2bcHdx6dBlvX7v7QqdjW+K/0y7+7lr7LuK1ts9/c+Vesvv6xJHm+zDSeit2uv36q9c6lV92/Nnz7989/oGkuF5zYe9l/Hx27tdOxx4df/v3vzf5qJnuzfd9MbW4eH0sojf5YOf+M5vXtvKt87P4h063//yfiM078WxEPBcRz0c093d8odt4s/H9K/uPv7uy+Gf29Pz3nuj/+u79TuW3jX/LT93s+Z9tpobyPY/z/fe4Fdz/nQMAAID/jrQ5npukwxvpNB0eXh/nPRH9aWN+YfGNS/OfX51ZH/cdiJ60NdJVL4yHjuVjhK38mW358XwM5du+o8388PR8Y6bs4AGgoo51aP8zf/aVXTsAoGu6tbgdAHhyaf8BoHq0/wBQPdp/AKge7T8AVI/2HwAq5SD/61eFRBpPRDUkJP7lRNnfTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5fonAAD//2Wz014=")
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
write$binfmt_register(r0, &(0x7f0000000340)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)

10.526029335s ago: executing program 8 (id=6643):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
connect$netlink(r0, &(0x7f0000000280)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000001500)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x8084)

10.150785212s ago: executing program 8 (id=6649):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

10.150221802s ago: executing program 39 (id=6649):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

1.316735204s ago: executing program 1 (id=6900):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0)
ioctl$TIOCNOTTY(r0, 0x5422)
setreuid(0xee01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

1.211994307s ago: executing program 3 (id=6902):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
io_setup(0x3, &(0x7f0000000340))

1.105291598s ago: executing program 3 (id=6905):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = epoll_create1(0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/wakeup_count', 0x141000, 0x20)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000200)={0xa000000a})
finit_module(r2, 0x0, 0x3)

1.087421469s ago: executing program 7 (id=6906):
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0x20, 0x0, @fd, 0x0, 0x0, 0xf, 0x2, 0x1})
r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

1.061336399s ago: executing program 3 (id=6908):
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = io_uring_setup(0x6c4, &(0x7f0000000080)={0x0, 0x4075, 0x18, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0xa}, 0x20)

1.04446453s ago: executing program 7 (id=6909):
socket$packet(0x11, 0x3, 0x300)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x401, 0xfffffffe, 0x0, 0xffffffff}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2, 0x0, 0x200000000000006}, 0x18)
close(r0)

1.036651699s ago: executing program 2 (id=6910):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x39}, 0x18)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r2}}, 0x10)
close(r1)

989.510851ms ago: executing program 7 (id=6911):
r0 = syz_io_uring_setup(0x3380, &(0x7f0000000180)={0x0, 0x0, 0x10100}, &(0x7f0000000380)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='5'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x4a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

989.080921ms ago: executing program 2 (id=6912):
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000010c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
removexattr(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000100)=@random={'osx.', ':\x00'})

988.724071ms ago: executing program 2 (id=6913):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x6, 0x4, 0x1c000000, 0x2, "0062ba7d820740ff00"})
ppoll(&(0x7f00000000c0)=[{r0, 0x2}], 0x1, 0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000280)=0x13)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000340)={0x9, 0x3, 0x8, 0xde, 0x8, "19c92f4e77ea25e0972dde3d217a088f256352", 0x8, 0x6})

968.873731ms ago: executing program 7 (id=6914):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

902.875663ms ago: executing program 7 (id=6916):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = gettid()
syz_clone(0xb44040, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigaction(0x1b, &(0x7f0000000040)={0xfffffffffffffffc, 0x4c000000, 0x0, {[0x8000000000005a]}}, 0x0, 0x8, &(0x7f00000001c0))
tkill(r0, 0x1b)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)

902.596202ms ago: executing program 3 (id=6917):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@gettfilter={0x24, 0x2e, 0x28202fbbe4fc442b, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x7, 0xa}, {0xa, 0x4}, {0xc, 0x8}}}, 0x24}}, 0x0)
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000880)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x6, 0x5de, 0x6}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=@newtfilter={0x3c, 0x2c, 0x52f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0xc}, {}, {0x8, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x4, 0x1}}]}}]}, 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

902.294502ms ago: executing program 2 (id=6918):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000001000010400b500000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000001400001c00128009000100626f6e64000000000c0002800800"], 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x8000010}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

803.070584ms ago: executing program 2 (id=6921):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)

802.638374ms ago: executing program 3 (id=6922):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$RTC_UIE_ON(r2, 0x7003)
ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0xc, 0x1, 0x20a9, 0x3, 0x2, 0x1})

725.006916ms ago: executing program 3 (id=6923):
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4, 0x2ab}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x100000004, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
close(r3)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)

724.544635ms ago: executing program 2 (id=6924):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x7ffff019)
fallocate(r0, 0x11, 0xa0, 0x1ca1)

546.503789ms ago: executing program 1 (id=6927):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x25, &(0x7f0000000000)={0x1})
fcntl$lock(r2, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7})
fcntl$lock(r2, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x80000000})

494.908301ms ago: executing program 7 (id=6928):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000022007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
readv(r2, 0x0, 0x0)
r3 = fcntl$dupfd(r2, 0x406, r2)
write$sndseq(r3, 0x0, 0x0)

494.68158ms ago: executing program 40 (id=6928):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000022007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
readv(r2, 0x0, 0x0)
r3 = fcntl$dupfd(r2, 0x406, r2)
write$sndseq(r3, 0x0, 0x0)

481.495041ms ago: executing program 1 (id=6930):
syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x14, &(0x7f0000000940)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v2={0x2000000, [{0x8771, 0x6}, {0xa07, 0x401}]}, 0x14, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)

432.068381ms ago: executing program 1 (id=6933):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000300)={'wg1\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010030bd7400fddbdf251f0000002000018008000100", @ANYRES32=r4, @ANYBLOB="14000200776731"], 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x880)

392.281682ms ago: executing program 1 (id=6934):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)

341.241683ms ago: executing program 1 (id=6935):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
creat(0x0, 0x182)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
brk(0x400000ffc000)

263.531645ms ago: executing program 4 (id=6936):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="02000000040000000700000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0xffffffffffffff2b)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r2)

248.360385ms ago: executing program 4 (id=6937):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

149.455327ms ago: executing program 4 (id=6938):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x13}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r2, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
sendmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)

62.856579ms ago: executing program 4 (id=6939):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x6, 0x0, 0x0, 0x84}]}, 0x10)
r1 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r2=>0x0})
r3 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r3, &(0x7f0000000180)="fa", 0x1, 0x0, &(0x7f00000002c0)={0x3a, 0x0, r2}, 0x14)

37.850759ms ago: executing program 4 (id=6940):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7dc470d00281f324, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x1}}, 0x40)

0s ago: executing program 4 (id=6941):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x6c8, &(0x7f0000000080)={0x0, 0x4073, 0x18, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

6081 - 0
[  163.649878][   T31] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.658379][   T31] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  163.700572][T15804] loop8: detected capacity change from 0 to 512
[  163.709727][T15804] EXT4-fs (loop8): orphan cleanup on readonly fs
[  163.713524][T15805] bridge0: entered promiscuous mode
[  163.721627][T15805] macvtap1: entered allmulticast mode
[  163.727015][T15805] bridge0: entered allmulticast mode
[  163.734901][T15804] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #11: block 1728053262: comm syz.8.5048: lblock 0 mapped to illegal pblock 1728053262 (length 1)
[  163.753200][T15804] EXT4-fs warning (device loop8): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  163.767232][T15805] bridge0: port 1(macvtap1) entered blocking state
[  163.773837][T15805] bridge0: port 1(macvtap1) entered disabled state
[  163.782531][T15804] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #15: comm syz.8.5048: corrupted inode contents
[  163.795536][T15805] bridge0: left allmulticast mode
[  163.800757][T15805] bridge0: left promiscuous mode
[  163.816167][T15804] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #15: comm syz.8.5048: mark_inode_dirty error
[  163.848116][T15804] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #15: comm syz.8.5048: corrupted inode contents
[  163.861416][T15804] EXT4-fs error (device loop8): ext4_xattr_delete_inode:2991: inode #15: comm syz.8.5048: mark_inode_dirty error
[  163.882260][T15804] EXT4-fs error (device loop8): ext4_xattr_delete_inode:2994: inode #15: comm syz.8.5048: mark inode dirty (error -117)
[  163.896329][T15804] EXT4-fs warning (device loop8): ext4_evict_inode:274: xattr delete (err -117)
[  163.905680][T15804] EXT4-fs (loop8): 1 orphan inode deleted
[  164.108031][T15826] loop7: detected capacity change from 0 to 2048
[  164.144308][T15826] EXT4-fs error (device loop7): ext4_ext_precache:632: inode #2: comm syz.7.5055: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  164.180771][T15826] EXT4-fs (loop7): Remounting filesystem read-only
[  164.372689][T15838] __nla_validate_parse: 4 callbacks suppressed
[  164.372708][T15838] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5059'.
[  164.468636][T15845] random: crng reseeded on system resumption
[  164.674594][T15862] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5079'.
[  164.702135][T15864] loop8: detected capacity change from 0 to 128
[  164.714541][T15864] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  164.739617][T15864] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  164.823137][   T31] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  164.899364][T15876] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5074'.
[  164.961209][T15885] loop7: detected capacity change from 0 to 164
[  164.975954][T15885] Unable to read rock-ridge attributes
[  164.991134][T15885] Unable to read rock-ridge attributes
[  164.997019][T15885] syz.7.5080: attempt to access beyond end of device
[  164.997019][T15885] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  165.022979][T15885] syz.7.5080: attempt to access beyond end of device
[  165.022979][T15885] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  165.067533][T15894] syzkaller1: entered promiscuous mode
[  165.073082][T15894] syzkaller1: entered allmulticast mode
[  165.101645][T15897] ip6gretap1: entered allmulticast mode
[  165.297798][T15920] loop2: detected capacity change from 0 to 164
[  165.309287][T15920] Unable to read rock-ridge attributes
[  165.320854][T15920] Unable to read rock-ridge attributes
[  165.326768][T15920] syz.2.5096: attempt to access beyond end of device
[  165.326768][T15920] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  165.343107][T15920] syz.2.5096: attempt to access beyond end of device
[  165.343107][T15920] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  165.413251][T15928] loop7: detected capacity change from 0 to 1024
[  165.422323][T15928] EXT4-fs: Ignoring removed orlov option
[  165.453833][T15928] EXT4-fs mount: 32 callbacks suppressed
[  165.453853][T15928] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.677196][ T6530] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.874075][T15953] loop8: detected capacity change from 0 to 164
[  165.883617][T15953] Unable to read rock-ridge attributes
[  165.893294][T15953] Unable to read rock-ridge attributes
[  165.898990][T15953] syz.8.5109: attempt to access beyond end of device
[  165.898990][T15953] loop8: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  165.914623][T15953] syz.8.5109: attempt to access beyond end of device
[  165.914623][T15953] loop8: rw=0, sector=263328, nr_sectors = 4 limit=164
[  166.151986][T15981] vlan3: entered allmulticast mode
[  166.227805][T15983] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5124'.
[  166.237544][T15983] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5124'.
[  166.290536][T15993] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15993 comm=syz.5.5129
[  166.305568][T15993] netlink: 'syz.5.5129': attribute type 1 has an invalid length.
[  166.329336][T15993] bond2: (slave bridge1): making interface the new active one
[  166.337184][T15993] bond2: (slave bridge1): Enslaving as an active interface with an up link
[  166.533976][T16010] loop3: detected capacity change from 0 to 2048
[  166.569910][T16010]  loop3: p4 < >
[  166.604843][T16021] SELinux:  policydb version 65545 does not match my version range 15-35
[  166.611254][T16023] loop3: detected capacity change from 0 to 128
[  166.625094][T16021] SELinux: failed to load policy
[  166.723602][T16034] loop3: detected capacity change from 0 to 512
[  166.761175][T16034] EXT4-fs (loop3): orphan cleanup on readonly fs
[  166.822183][T16034] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #11: block 1728053262: comm syz.3.5149: lblock 0 mapped to illegal pblock 1728053262 (length 1)
[  166.892776][T16034] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.5149: corrupted inode contents
[  166.946606][T16034] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #15: comm syz.3.5149: mark_inode_dirty error
[  166.985378][T16034] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.5149: corrupted inode contents
[  167.042349][T16059] netlink: 'syz.7.5160': attribute type 2 has an invalid length.
[  167.081928][T16034] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #15: comm syz.3.5149: mark_inode_dirty error
[  167.123354][T16034] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #15: comm syz.3.5149: mark inode dirty (error -117)
[  167.144777][T16034] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  167.179417][T16034] EXT4-fs (loop3): 1 orphan inode deleted
[  167.185525][T16034] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  167.234724][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.249925][T16078] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  167.284548][T16077] IPVS: stopping backup sync thread 16078 ...
[  167.323442][T16086] serio: Serial port ptm0
[  167.557360][T16110] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5179'.
[  167.568819][T16108] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5178'.
[  167.578313][T16110] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5179'.
[  167.588556][T16108] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5178'.
[  167.669480][ T5228] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.676925][ T5228] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.684388][ T5228] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.707099][ T5228] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.714843][ T5228] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.722422][ T5228] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.730061][ T5228] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.737514][ T5228] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.744947][ T5228] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.752446][ T5228] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  167.847141][ T5228] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz1
[  167.904194][T16119] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5186'.
[  167.982645][T16129] loop5: detected capacity change from 0 to 512
[  168.025769][T16133] loop2: detected capacity change from 0 to 2048
[  168.290194][T16133] Alternate GPT is invalid, using primary GPT.
[  168.296575][T16133]  loop2: p1 p2 p3
[  168.318976][T16129] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.434931][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.648218][T16157] netlink: 'syz.5.5196': attribute type 2 has an invalid length.
[  168.656150][T16157] netlink: 'syz.5.5196': attribute type 1 has an invalid length.
[  168.732337][T16169] loop8: detected capacity change from 0 to 512
[  168.776262][   T29] kauditd_printk_skb: 105 callbacks suppressed
[  168.776280][   T29] audit: type=1400 audit(424.741:42474): avc:  denied  { create } for  pid=16173 comm="syz.5.5205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  168.806787][   T29] audit: type=1400 audit(424.771:42475): avc:  denied  { bind } for  pid=16173 comm="syz.5.5205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  168.825835][   T29] audit: type=1400 audit(424.771:42476): avc:  denied  { write } for  pid=16173 comm="syz.5.5205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  168.846552][T16174] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  168.855245][T16174] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  168.998005][T16169] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.038419][T13275] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.074421][   T29] audit: type=1400 audit(425.041:42477): avc:  denied  { connect } for  pid=16183 comm="syz.2.5211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  169.176446][   T29] audit: type=1400 audit(425.141:42478): avc:  denied  { create } for  pid=16194 comm="syz.2.5214" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  169.198697][T16195] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.208499][T16195] FAT-fs (loop5): unable to read boot sector
[  169.215720][   T29] audit: type=1400 audit(425.171:42479): avc:  denied  { mounton } for  pid=16194 comm="syz.2.5214" path="/50/file0" dev="tmpfs" ino=275 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  169.251239][T16193] batadv1: entered promiscuous mode
[  169.252264][   T29] audit: type=1400 audit(425.211:42480): avc:  denied  { unlink } for  pid=15277 comm="syz-executor" name="file0" dev="tmpfs" ino=275 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  169.329523][   T29] audit: type=1400 audit(425.291:42481): avc:  denied  { connect } for  pid=16200 comm="syz.7.5218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  169.405296][T16208] pim6reg1: entered promiscuous mode
[  169.410732][T16208] pim6reg1: entered allmulticast mode
[  169.446102][T16214] loop8: detected capacity change from 0 to 512
[  169.454248][T16217] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  169.477366][T16216] IPVS: stopping backup sync thread 16217 ...
[  169.485885][T16214] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.521236][T13275] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.543581][T16222] loop2: detected capacity change from 0 to 512
[  169.552756][T16222] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  169.553027][T16224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.573115][T16224] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.574692][   T29] audit: type=1326 audit(425.541:42482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16227 comm="syz.8.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81c3e3ec29 code=0x7ffc0000
[  169.604052][   T29] audit: type=1326 audit(425.541:42483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16227 comm="syz.8.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81c3e3ec29 code=0x7ffc0000
[  169.632280][T16222] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.5226: invalid indirect mapped block 4294967295 (level 0)
[  169.663553][T16222] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.5226: invalid indirect mapped block 4294967295 (level 1)
[  169.700086][T16222] EXT4-fs (loop2): 1 orphan inode deleted
[  169.705874][T16222] EXT4-fs (loop2): 1 truncate cleaned up
[  169.720822][T16236] netlink: 'syz.8.5231': attribute type 12 has an invalid length.
[  169.728683][T16236] netlink: 'syz.8.5231': attribute type 29 has an invalid length.
[  169.736597][T16236] netlink: 'syz.8.5231': attribute type 1 has an invalid length.
[  169.744745][T16236] netlink: 'syz.8.5231': attribute type 37 has an invalid length.
[  169.752708][T16236] netlink: 'syz.8.5231': attribute type 2 has an invalid length.
[  169.761243][T16222] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.871908][T15277] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.938711][T16251] wireguard0: entered promiscuous mode
[  169.944380][T16251] wireguard0: entered allmulticast mode
[  170.028085][T16259] loop2: detected capacity change from 0 to 128
[  170.036381][T16259] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  170.057256][T16259] EXT4-fs error (device loop2): dx_make_map:1296: inode #2: block 63: comm syz.2.5242: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  170.084418][T16259] EXT4-fs error (device loop2) in do_split:2029: Corrupt filesystem
[  170.112141][T16259] EXT4-fs error (device loop2): htree_dirblock_to_tree:1080: inode #2: block 63: comm syz.2.5242: bad entry in directory: inode out of bounds - offset=2012, inode=128, rec_len=36, size=1024 fake=1
[  170.141102][T16262] __nla_validate_parse: 2 callbacks suppressed
[  170.141117][T16262] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5244'.
[  170.195269][T16262] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5244'.
[  170.195287][T15277] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.248724][T16277] loop3: detected capacity change from 0 to 128
[  170.255515][T16277] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  170.293741][T16277] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  170.307130][T16279] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5251'.
[  170.328053][T16279] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5251'.
[  170.356144][ T3454] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  170.365384][T16279] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5251'.
[  170.383567][T16279] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5251'.
[  170.449248][T16287] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5254'.
[  170.723223][T16301] loop3: detected capacity change from 0 to 2048
[  171.021599][T16309] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5265'.
[  171.098123][T16313] loop8: detected capacity change from 0 to 1024
[  171.195178][T16316] bridge_slave_0: left allmulticast mode
[  171.200981][T16316] bridge_slave_0: left promiscuous mode
[  171.206792][T16316] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.216274][T16316] bridge_slave_1: left allmulticast mode
[  171.222094][T16316] bridge_slave_1: left promiscuous mode
[  171.227846][T16316] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.233203][T16301] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.239054][T16319] netlink: 'syz.7.5267': attribute type 10 has an invalid length.
[  171.255203][T16319] netlink: 40 bytes leftover after parsing attributes in process `syz.7.5267'.
[  171.267127][T16320] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5268'.
[  171.270416][T16313] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.292793][T16316] bond0: (slave bond_slave_0): Releasing backup interface
[  171.300999][T16301] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.5259: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  171.334977][T16316] bond0: (slave bond_slave_1): Releasing backup interface
[  171.348229][T16301] EXT4-fs (loop3): Remounting filesystem read-only
[  171.375503][T16316] team0: Port device team_slave_0 removed
[  171.407184][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.430006][T16316] team0: Port device team_slave_1 removed
[  171.430098][T13275] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.450800][T16316] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.458259][T16316] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.497185][T16316] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.504651][T16316] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.523110][T16316] batadv1: left allmulticast mode
[  171.528195][T16316] batadv1: left promiscuous mode
[  171.533388][T16316] bridge0: port 3(batadv1) entered disabled state
[  171.559345][ T5217] syz2: Port: 1 Link DOWN
[  171.588747][T16334] sd 0:0:1:0: device reset
[  171.595276][T16319] batman_adv: batadv0: Adding interface: veth1_vlan
[  171.602143][T16319] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.630842][T16319] batman_adv: batadv0: Interface activated: veth1_vlan
[  171.743602][T16349] macvtap0: refused to change device tx_queue_len
[  171.758128][T16348] netlink: 'syz.7.5279': attribute type 10 has an invalid length.
[  171.771533][T16348] team0: entered promiscuous mode
[  171.777154][T16348] team0: entered allmulticast mode
[  171.800185][T16348] bridge0: port 1(team0) entered blocking state
[  171.807069][T16348] bridge0: port 1(team0) entered disabled state
[  171.823494][T16355] loop5: detected capacity change from 0 to 2048
[  171.847116][T16355] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.863987][T16355] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.5283: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  171.882798][T16353] IPVS: Error joining to the multicast group
[  171.883041][T16355] EXT4-fs (loop5): Remounting filesystem read-only
[  171.953169][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.095912][T16382] loop5: detected capacity change from 0 to 128
[  172.104533][T16382] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  172.162411][T16382] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  172.227244][   T31] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  172.242015][T16393] loop8: detected capacity change from 0 to 2048
[  172.272023][T16393] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.288054][T16393] EXT4-fs error (device loop8): ext4_find_extent:939: inode #2: comm syz.8.5300: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  172.307187][T16393] EXT4-fs (loop8): Remounting filesystem read-only
[  172.325852][T13275] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.674995][T16422] ip6tnl2: entered promiscuous mode
[  172.691359][T16423] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.712186][T16423] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.745708][T16425] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16425 comm=syz.7.5312
[  172.826476][T16431] loop3: detected capacity change from 0 to 1024
[  172.845250][T16431] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.920612][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.184517][T16470] loop3: detected capacity change from 0 to 512
[  173.192992][T16470] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.5330: bg 0: block 5: invalid block bitmap
[  173.206376][T16470] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  173.215442][T16470] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.5330: invalid indirect mapped block 3 (level 2)
[  173.229039][T16470] EXT4-fs (loop3): 2 truncates cleaned up
[  173.235668][T16470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.295960][T16475] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  173.351686][T16483] netlink: 'syz.7.5335': attribute type 4 has an invalid length.
[  173.362539][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.385626][T16485] smc: net device bond0 applied user defined pnetid SYZ0
[  173.397444][T16485] smc: net device bond0 erased user defined pnetid SYZ0
[  173.407559][T16489] bridge0: entered promiscuous mode
[  173.415259][T16489] macvtap0: entered allmulticast mode
[  173.420686][T16489] bridge0: entered allmulticast mode
[  173.437024][T16489] bridge0: port 2(macvtap0) entered blocking state
[  173.438201][T16493] loop2: detected capacity change from 0 to 764
[  173.443628][T16489] bridge0: port 2(macvtap0) entered disabled state
[  173.457898][T16489] bridge0: left allmulticast mode
[  173.463076][T16489] bridge0: left promiscuous mode
[  173.470692][T16493] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  173.507825][T16493] Symlink component flag not implemented
[  173.514091][T16493] Symlink component flag not implemented (7)
[  173.558236][T16503] rdma_rxe: rxe_newlink: failed to add bond0
[  173.746312][T16518] loop5: detected capacity change from 0 to 1024
[  173.807848][T16525] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16525 comm=syz.3.5354
[  173.840324][T16518] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.873523][T16533] loop8: detected capacity change from 0 to 764
[  173.882352][T16533] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  173.885648][T16518] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.5353: Allocating blocks 385-513 which overlap fs metadata
[  173.912977][T16518] EXT4-fs (loop5): pa ffff8881072a4e00: logic 16, phys. 129, len 24
[  173.921074][T16518] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  173.935594][T16533] Symlink component flag not implemented
[  173.944142][T16518] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 28 with max blocks 4 with error 28
[  173.956544][T16518] EXT4-fs (loop5): This should not happen!! Data will be lost
[  173.956544][T16518] 
[  173.966232][T16518] EXT4-fs (loop5): Total free blocks count 0
[  173.972273][T16518] EXT4-fs (loop5): Free/Dirty block details
[  173.978258][T16518] EXT4-fs (loop5): free_blocks=128
[  173.983442][T16518] EXT4-fs (loop5): dirty_blocks=0
[  173.988502][T16518] EXT4-fs (loop5): Block reservation details
[  173.994727][T16518] EXT4-fs (loop5): i_reserved_data_blocks=0
[  174.009441][T16533] Symlink component flag not implemented (7)
[  174.070971][T16546] can0: slcan on ttyS3.
[  174.083518][T16518] syz.5.5353 (16518) used greatest stack depth: 9136 bytes left
[  174.129567][T16545] can0 (unregistered): slcan off ttyS3.
[  174.166869][   T29] kauditd_printk_skb: 86 callbacks suppressed
[  174.166884][   T29] audit: type=1400 audit(430.131:42570): avc:  denied  { bind } for  pid=16557 comm="syz.2.5366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  174.213466][T16567] rdma_op ffff888104ae1d80 conn xmit_rdma 0000000000000000
[  174.232542][T16563] ALSA: seq fatal error: cannot create timer (-19)
[  174.323133][T16577] bridge0: entered promiscuous mode
[  174.335383][T16577] macsec1: entered promiscuous mode
[  174.347898][T16577] bridge0: port 3(macsec1) entered blocking state
[  174.354462][T16577] bridge0: port 3(macsec1) entered disabled state
[  174.378486][T16577] macsec1: entered allmulticast mode
[  174.379025][T16582] loop3: detected capacity change from 0 to 1024
[  174.383909][T16577] bridge0: entered allmulticast mode
[  174.398340][T16577] macsec1: left allmulticast mode
[  174.400062][T16582] EXT4-fs: Ignoring removed nobh option
[  174.403660][T16577] bridge0: left allmulticast mode
[  174.408977][T16582] EXT4-fs: Ignoring removed bh option
[  174.429137][T16577] bridge0: left promiscuous mode
[  174.430800][T16582] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.463536][T16582] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  174.496474][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.525603][   T29] audit: type=1326 audit(430.481:42571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16588 comm="syz.3.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c932dec29 code=0x7ffc0000
[  174.548789][   T29] audit: type=1326 audit(430.481:42572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16588 comm="syz.3.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c932dec29 code=0x7ffc0000
[  174.609491][   T29] audit: type=1326 audit(430.491:42573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16588 comm="syz.3.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c932dec29 code=0x7ffc0000
[  174.632837][   T29] audit: type=1326 audit(430.491:42574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16588 comm="syz.3.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c932dec29 code=0x7ffc0000
[  174.655879][   T29] audit: type=1326 audit(430.491:42575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16588 comm="syz.3.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c932dec29 code=0x7ffc0000
[  174.678975][   T29] audit: type=1326 audit(430.491:42576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16588 comm="syz.3.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c932dec29 code=0x7ffc0000
[  174.702034][   T29] audit: type=1326 audit(430.491:42577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16588 comm="syz.3.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c932dec29 code=0x7ffc0000
[  174.725096][   T29] audit: type=1326 audit(430.491:42578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16588 comm="syz.3.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c932dec29 code=0x7ffc0000
[  174.748145][   T29] audit: type=1326 audit(430.491:42579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16588 comm="syz.3.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c932dec29 code=0x7ffc0000
[  175.229709][T16625] rdma_op ffff888104b62180 conn xmit_rdma 0000000000000000
[  175.403667][T16637] bridge0: entered promiscuous mode
[  175.408933][T16637] macsec1: entered promiscuous mode
[  175.415332][T16637] bridge0: port 3(macsec1) entered blocking state
[  175.421839][T16637] bridge0: port 3(macsec1) entered disabled state
[  175.430262][T16637] macsec1: entered allmulticast mode
[  175.435579][T16637] bridge0: entered allmulticast mode
[  175.487302][T16637] macsec1: left allmulticast mode
[  175.492511][T16637] bridge0: left allmulticast mode
[  175.498868][T16637] bridge0: left promiscuous mode
[  175.658056][T16653] veth1_macvtap: left promiscuous mode
[  175.669848][T16653] macsec0: entered promiscuous mode
[  175.741543][T16661] loop5: detected capacity change from 0 to 512
[  175.750060][T16661] EXT4-fs (loop5): orphan cleanup on readonly fs
[  175.762731][T16661] EXT4-fs error (device loop5): ext4_quota_enable:7128: comm syz.5.5406: inode #218103808: comm syz.5.5406: iget: illegal inode #
[  175.787847][T16661] EXT4-fs error (device loop5): ext4_quota_enable:7131: comm syz.5.5406: Bad quota inode: 218103808, type: 2
[  175.817040][T16661] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix.
[  175.852768][T16661] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  175.862665][T16670] loop3: detected capacity change from 0 to 8192
[  175.866539][T16661] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  175.894483][T16661] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  175.923705][T16661] EXT4-fs error (device loop5): ext4_quota_enable:7128: comm syz.5.5406: inode #218103808: comm syz.5.5406: iget: illegal inode #
[  175.941094][T16677] __nla_validate_parse: 9 callbacks suppressed
[  175.941110][T16677] netlink: 24 bytes leftover after parsing attributes in process `syz.8.5414'.
[  175.958677][T16661] EXT4-fs error (device loop5): ext4_quota_enable:7131: comm syz.5.5406: Bad quota inode: 218103808, type: 2
[  175.977152][T16661] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix.
[  176.011522][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.195064][T16707] loop5: detected capacity change from 0 to 1024
[  176.221735][T16707] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.246251][T16707] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.5427: Allocating blocks 385-513 which overlap fs metadata
[  176.262051][T16707] EXT4-fs (loop5): Remounting filesystem read-only
[  176.274583][T16706] EXT4-fs (loop5): pa ffff888107290a80: logic 16, phys. 129, len 24
[  176.304928][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.404265][T16720] loop5: detected capacity change from 0 to 764
[  176.417503][T16720] rock: directory entry would overflow storage
[  176.423774][T16720] rock: sig=0x4f50, size=4, remaining=3
[  176.429361][T16720] iso9660: Corrupted directory entry in block 6 of inode 1792
[  176.599901][T16731] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5438'.
[  176.655622][T16735] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5440'.
[  176.700345][T16739] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5442'.
[  176.706069][T16741] bridge0: entered promiscuous mode
[  176.724920][T16741] macsec0: entered promiscuous mode
[  176.734344][T16741] bridge0: port 2(macsec0) entered blocking state
[  176.741016][T16741] bridge0: port 2(macsec0) entered disabled state
[  176.748641][T16741] macsec0: entered allmulticast mode
[  176.748822][T16745] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649
[  176.754093][T16741] bridge0: entered allmulticast mode
[  176.771540][T16741] macsec0: left allmulticast mode
[  176.776614][T16741] bridge0: left allmulticast mode
[  176.783180][T16741] bridge0: left promiscuous mode
[  176.801560][T16747] loop3: detected capacity change from 0 to 512
[  176.821842][T16747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.836931][T16755] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5448'.
[  176.837821][T16747] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  176.868834][T16747] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.5445: Failed to acquire dquot type 1
[  176.918054][T16747] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  176.930029][T16763] veth1_macvtap: left promiscuous mode
[  176.935538][T16763] macsec0: entered promiscuous mode
[  176.975257][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.005705][T16764] loop5: detected capacity change from 0 to 256
[  177.081836][T16777] IPv6: NLM_F_CREATE should be specified when creating new route
[  177.095111][T16780] loop5: detected capacity change from 0 to 512
[  177.111547][T16780] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  177.120661][T16780] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  177.148901][T16780] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  177.158668][T16780] System zones: 0-2, 18-18, 34-34
[  177.164052][T16780] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.5458: iget: bad i_size value: 360287970189639680
[  177.179051][T16780] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.5458: couldn't read orphan inode 15 (err -117)
[  177.179935][T16783] netlink: 272 bytes leftover after parsing attributes in process `syz.7.5460'.
[  177.193013][T16780] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.235009][T16789] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5463'.
[  177.264516][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.324721][T16797] loop7: detected capacity change from 0 to 164
[  177.339180][T16801] openvswitch: netlink: Message has 6 unknown bytes.
[  177.348703][T16797] syz.7.5467: attempt to access beyond end of device
[  177.348703][T16797] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  177.379332][T16797] syz.7.5467: attempt to access beyond end of device
[  177.379332][T16797] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  177.394321][T16803] loop2: detected capacity change from 0 to 764
[  177.412039][T16803] rock: directory entry would overflow storage
[  177.418246][T16803] rock: sig=0x4f50, size=4, remaining=3
[  177.423868][T16803] iso9660: Corrupted directory entry in block 6 of inode 1792
[  177.498724][T16816] netlink: 'syz.5.5473': attribute type 5 has an invalid length.
[  177.666459][T16833] bridge0: entered promiscuous mode
[  177.676519][T16837] loop7: detected capacity change from 0 to 764
[  177.685377][T16833] macsec1: entered promiscuous mode
[  177.697135][T16837] rock: directory entry would overflow storage
[  177.703417][T16837] rock: sig=0x4f50, size=4, remaining=3
[  177.709051][T16837] iso9660: Corrupted directory entry in block 6 of inode 1792
[  177.722492][T16833] bridge0: port 3(macsec1) entered blocking state
[  177.729017][T16833] bridge0: port 3(macsec1) entered disabled state
[  177.741975][T16833] macsec1: entered allmulticast mode
[  177.747303][T16833] bridge0: entered allmulticast mode
[  177.754471][T16833] macsec1: left allmulticast mode
[  177.759566][T16833] bridge0: left allmulticast mode
[  177.775340][T16833] bridge0: left promiscuous mode
[  178.203271][T16884] vhci_hcd: invalid port number 96
[  178.208517][T16884] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  178.294403][T16901] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  178.304518][T16901] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.687276][T16914] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5520'.
[  178.728790][T16918] netlink: 'syz.3.5522': attribute type 3 has an invalid length.
[  179.664627][T16970] bridge0: entered promiscuous mode
[  179.675615][T16970] macsec1: entered promiscuous mode
[  179.681603][T16970] bridge0: port 1(macsec1) entered blocking state
[  179.688076][T16970] bridge0: port 1(macsec1) entered disabled state
[  179.694885][T16970] macsec1: entered allmulticast mode
[  179.700304][T16970] bridge0: entered allmulticast mode
[  179.706261][T16970] macsec1: left allmulticast mode
[  179.711403][T16970] bridge0: left allmulticast mode
[  179.716898][T16970] bridge0: left promiscuous mode
[  179.724504][T16977] netlink: 'syz.8.5549': attribute type 4 has an invalid length.
[  179.743401][T16977] netlink: 'syz.8.5549': attribute type 4 has an invalid length.
[  179.803805][T16983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5551'.
[  179.813289][T16983] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  179.817103][T16985] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5552'.
[  179.820355][T16983] batman_adv: batadv0: Removing interface: veth1_vlan
[  179.851225][T16985] bridge0: entered promiscuous mode
[  179.856473][T16985] macsec1: entered allmulticast mode
[  179.861816][T16985] bridge0: entered allmulticast mode
[  179.873519][T16985] bridge0: port 3(macsec1) entered blocking state
[  179.880025][T16985] bridge0: port 3(macsec1) entered disabled state
[  179.888746][T16985] bridge0: left allmulticast mode
[  179.893958][T16985] bridge0: left promiscuous mode
[  180.046238][T17003] loop3: detected capacity change from 0 to 512
[  180.096807][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  180.096825][   T29] audit: type=1400 audit(436.061:42635): avc:  denied  { write } for  pid=17008 comm="syz.8.5565" name="file0" dev="tmpfs" ino=1658 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  180.125537][   T29] audit: type=1400 audit(436.061:42636): avc:  denied  { open } for  pid=17008 comm="syz.8.5565" path="/316/file0" dev="tmpfs" ino=1658 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  180.148039][   T29] audit: type=1400 audit(436.061:42637): avc:  denied  { ioctl } for  pid=17008 comm="syz.8.5565" path="/316/file0" dev="tmpfs" ino=1658 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  180.177832][T17003] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.227880][   T29] audit: type=1400 audit(436.181:42638): avc:  denied  { ioctl } for  pid=17002 comm="syz.3.5563" path="/1074/file1/bus" dev="loop3" ino=18 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  180.255503][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.293923][T17021] loop3: detected capacity change from 0 to 128
[  180.308713][   T29] audit: type=1326 audit(436.271:42639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17022 comm="syz.7.5570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  180.331791][   T29] audit: type=1326 audit(436.271:42640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17022 comm="syz.7.5570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  180.354859][   T29] audit: type=1326 audit(436.271:42641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17022 comm="syz.7.5570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  180.377974][   T29] audit: type=1326 audit(436.271:42642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17022 comm="syz.7.5570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  180.401194][   T29] audit: type=1326 audit(436.271:42643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17022 comm="syz.7.5570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  180.455293][   T29] audit: type=1326 audit(436.271:42644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17022 comm="syz.7.5570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  180.551844][T17042] loop8: detected capacity change from 0 to 128
[  180.597388][T17042] syz.8.5580: attempt to access beyond end of device
[  180.597388][T17042] loop8: rw=0, sector=2072, nr_sectors = 1 limit=128
[  180.634711][T17049] syzkaller0: entered allmulticast mode
[  180.643611][T17049] syzkaller0: entered promiscuous mode
[  180.651229][T17056] syz_tun: entered allmulticast mode
[  180.654817][T17059] loop2: detected capacity change from 0 to 1024
[  180.663922][T17049] syzkaller0 (unregistering): left allmulticast mode
[  180.670757][T17049] syzkaller0 (unregistering): left promiscuous mode
[  180.679965][T17059] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  180.740660][T17066] syz_tun: left allmulticast mode
[  180.763556][T17070] loop5: detected capacity change from 0 to 512
[  180.823684][T17079] loop8: detected capacity change from 0 to 1024
[  180.847984][T17079] EXT4-fs: Ignoring removed bh option
[  180.874255][T17079] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.955988][T17079] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4183: comm syz.8.5595: Allocating blocks 449-513 which overlap fs metadata
[  180.997758][T17078] EXT4-fs (loop8): pa ffff8881072a4e00: logic 48, phys. 177, len 21
[  181.005863][T17078] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  181.071848][T13275] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.601930][T17153] syzkaller0: entered allmulticast mode
[  181.607863][T17153] syzkaller0: entered promiscuous mode
[  181.618006][T17153] syzkaller0 (unregistering): left allmulticast mode
[  181.624766][T17153] syzkaller0 (unregistering): left promiscuous mode
[  181.631762][T17156] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  181.639394][T17156] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  181.931477][T17177] loop2: detected capacity change from 0 to 128
[  181.960112][T17177] syz.2.5632: attempt to access beyond end of device
[  181.960112][T17177] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[  182.117174][T17189] syzkaller0: entered allmulticast mode
[  182.131576][T17189] syzkaller0: entered promiscuous mode
[  182.153423][T17189] syzkaller0 (unregistering): left allmulticast mode
[  182.160217][T17189] syzkaller0 (unregistering): left promiscuous mode
[  182.241864][T17192] veth0: entered promiscuous mode
[  182.259659][T17192] __nla_validate_parse: 4 callbacks suppressed
[  182.259677][T17192] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5638'.
[  182.448542][T17220] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5650'.
[  182.477711][ T5217] Process accounting resumed
[  182.502784][T17228] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5654'.
[  182.531023][T17228] bridge0: entered promiscuous mode
[  182.536356][T17228] macsec0: entered allmulticast mode
[  182.541783][T17228] bridge0: entered allmulticast mode
[  182.548114][T17228] bridge0: port 2(macsec0) entered blocking state
[  182.554702][T17228] bridge0: port 2(macsec0) entered disabled state
[  182.555794][T17228] bridge0: left allmulticast mode
[  182.555866][T17228] bridge0: left promiscuous mode
[  182.577859][T17232] syzkaller0: entered allmulticast mode
[  182.583818][T17232] syzkaller0: entered promiscuous mode
[  182.592646][T17232] syzkaller0 (unregistering): left allmulticast mode
[  182.599472][T17232] syzkaller0 (unregistering): left promiscuous mode
[  182.788637][T17254] loop3: detected capacity change from 0 to 512
[  182.798552][T17254] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  182.828926][T17254] System zones: 1-12
[  182.849778][T17254] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.5667: error while reading EA inode 32 err=-116
[  182.867892][T17254] EXT4-fs (loop3): Remounting filesystem read-only
[  182.874595][T17254] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  182.887653][T17254] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  182.898071][T17254] EXT4-fs (loop3): 1 orphan inode deleted
[  182.904323][T17254] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.917310][T17254] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.950452][T17267] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5671'.
[  182.962628][T17267] bridge0: entered promiscuous mode
[  182.968005][T17267] macsec1: entered allmulticast mode
[  182.973398][T17267] bridge0: entered allmulticast mode
[  182.986156][T17254] loop3: detected capacity change from 0 to 1024
[  182.990327][T17267] bridge0: port 3(macsec1) entered blocking state
[  182.998969][T17267] bridge0: port 3(macsec1) entered disabled state
[  183.012673][T17254] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  183.031323][T17267] bridge0: left allmulticast mode
[  183.036403][T17267] bridge0: left promiscuous mode
[  183.040008][T17254] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  183.052764][T17254] EXT4-fs (loop3): orphan cleanup on readonly fs
[  183.059391][T17254] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.5667: Freeing blocks not in datazone - block = 0, count = 4096
[  183.075676][T17254] EXT4-fs (loop3): 1 orphan inode deleted
[  183.092769][T17254] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  183.164493][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.217340][T17283] loop8: detected capacity change from 0 to 512
[  183.227949][T17287] netlink: 3 bytes leftover after parsing attributes in process `syz.3.5677'.
[  183.243682][T17289] loop7: detected capacity change from 0 to 1024
[  183.254824][T17287] batadv0: entered promiscuous mode
[  183.260095][T17287] batadv0: entered allmulticast mode
[  183.271398][T17283] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.288847][T17289] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.311907][T13275] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.323660][ T6530] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.470079][T17305] loop8: detected capacity change from 0 to 8192
[  183.538060][T17309] syzkaller1: entered promiscuous mode
[  183.543736][T17309] syzkaller1: entered allmulticast mode
[  183.578345][T17313] netlink: 220 bytes leftover after parsing attributes in process `syz.3.5691'.
[  183.609221][T17313] netlink: 220 bytes leftover after parsing attributes in process `syz.3.5691'.
[  185.114690][T17447] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5748'.
[  185.123740][T17447] netlink: 'syz.8.5748': attribute type 18 has an invalid length.
[  185.134886][T17447] vxlan0: entered promiscuous mode
[  185.141296][T12466] netdevsim netdevsim8 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  185.149949][T12466] netdevsim netdevsim8 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  185.158349][T12466] netdevsim netdevsim8 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  185.166711][T12466] netdevsim netdevsim8 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  185.685335][T17463] loop2: detected capacity change from 0 to 512
[  185.695901][T17463] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  185.704000][T17463] System zones: 1-12
[  185.708676][T17463] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.5756: error while reading EA inode 32 err=-116
[  185.721585][T17463] EXT4-fs (loop2): Remounting filesystem read-only
[  185.728128][T17463] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  185.738596][T17463] EXT4-fs (loop2): 1 orphan inode deleted
[  185.744801][T17463] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.750282][T17469] loop7: detected capacity change from 0 to 512
[  185.766005][T17463] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.782215][T17469] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.800488][   T29] kauditd_printk_skb: 170 callbacks suppressed
[  185.800512][   T29] audit: type=1400 audit(441.771:42815): avc:  denied  { map } for  pid=17474 comm="syz.5.5760" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  185.842271][T17463] loop2: detected capacity change from 0 to 1024
[  185.853684][   T29] audit: type=1400 audit(441.821:42816): avc:  denied  { execute } for  pid=17468 comm="syz.7.5758" path="/765/file0/bus" dev="loop7" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  185.878416][T17463] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  185.904000][T17463] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  185.912566][T17463] EXT4-fs (loop2): orphan cleanup on readonly fs
[  185.919155][T17463] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.5756: Freeing blocks not in datazone - block = 0, count = 4096
[  185.921185][ T6530] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.949062][T17463] EXT4-fs (loop2): 1 orphan inode deleted
[  185.963088][T17463] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  185.975975][   T29] audit: type=1326 audit(441.931:42817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17487 comm="syz.3.5767" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4c932dec29 code=0x0
[  186.017865][T15277] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.044114][T17497] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2566 sclass=netlink_xfrm_socket pid=17497 comm=syz.7.5765
[  186.101178][T17492] loop3: detected capacity change from 0 to 8192
[  186.127881][T17513] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  186.139704][T17492]  loop3: p1 p2
[  186.143402][T17492] loop3: p1 start 16777216 is beyond EOD, truncated
[  186.150101][T17492] loop3: p2 size 515840 extends beyond EOD, truncated
[  186.394102][T17530] random: crng reseeded on system resumption
[  186.412490][T17530] Restarting kernel threads ...
[  186.427798][T17530] Done restarting kernel threads.
[  186.453540][   T29] audit: type=1400 audit(442.381:42818): avc:  denied  { ioctl } for  pid=17526 comm="syz.8.5780" path="/dev/snapshot" dev="devtmpfs" ino=90 ioctlcmd=0x3305 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  186.741829][   T29] audit: type=1400 audit(442.711:42819): avc:  denied  { create } for  pid=17550 comm="syz.8.5791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  186.841673][   T29] audit: type=1400 audit(442.751:42820): avc:  denied  { write } for  pid=17550 comm="syz.8.5791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  187.075209][T17574] program syz.8.5797 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  187.075212][   T29] audit: type=1400 audit(443.041:42821): avc:  denied  { append } for  pid=17573 comm="syz.8.5797" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  187.167503][   T29] audit: type=1326 audit(443.061:42822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17577 comm="syz.7.5798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  187.190736][   T29] audit: type=1326 audit(443.061:42823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17577 comm="syz.7.5798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  187.213735][   T29] audit: type=1326 audit(443.061:42824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17577 comm="syz.7.5798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  187.527534][T17629] loop8: detected capacity change from 0 to 8192
[  187.551438][T17619] Falling back ldisc for ttyS3.
[  187.594457][T17647] netlink: 24 bytes leftover after parsing attributes in process `syz.8.5830'.
[  187.604262][T17647] IPVS: Error connecting to the multicast addr
[  187.662850][T17664] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5837'.
[  187.740079][T17674] 
: renamed from bond0 (while UP)
[  187.804029][T17687] netlink: 8 bytes leftover after parsing attributes in process `gtp'.
[  187.813181][T17687] netlink: 8 bytes leftover after parsing attributes in process `gtp'.
[  187.821978][T17687] netlink: 8 bytes leftover after parsing attributes in process `gtp'.
[  187.830519][T17687] netlink: 8 bytes leftover after parsing attributes in process `gtp'.
[  187.956267][T17703] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.970263][T17703] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.169892][T17715] loop5: detected capacity change from 0 to 8192
[  188.310578][T17715]  loop5: p1 p2
[  188.315087][T17715] loop5: p1 start 16777216 is beyond EOD, truncated
[  188.321768][T17715] loop5: p2 size 515840 extends beyond EOD, truncated
[  188.678228][T17756] netlink: 'syz.8.5875': attribute type 10 has an invalid length.
[  188.686154][T17756] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5875'.
[  188.851702][T17771] atomic_op ffff88810f103d28 conn xmit_atomic 0000000000000000
[  189.005161][T17791] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5892'.
[  189.023842][T12466] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  189.039431][T17791] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5892'.
[  189.049734][T12466] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  189.064941][T17798] loop8: detected capacity change from 0 to 512
[  189.067384][T12466] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  189.086785][T12466] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  189.112951][T17798] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.133004][T17807] loop5: detected capacity change from 0 to 2048
[  189.153255][T17807] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.166891][T13275] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.178875][T17807] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  189.212637][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.313895][T17829] random: crng reseeded on system resumption
[  189.370466][T17833] ALSA: seq fatal error: cannot create timer (-22)
[  189.421377][T17838] $Hÿ: renamed from bond0 (while UP)
[  189.441951][T17838] $Hÿ: entered promiscuous mode
[  189.447098][T17838] bond_slave_0: entered promiscuous mode
[  189.452832][T17838] bond_slave_1: entered promiscuous mode
[  189.551307][T17856] C: renamed from team_slave_0
[  189.564638][T17856] netlink: 152 bytes leftover after parsing attributes in process `syz.3.5920'.
[  189.712128][T17875] loop2: detected capacity change from 0 to 512
[  189.790549][T17875] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.879417][T17884] macvtap0: refused to change device tx_queue_len
[  189.917239][T15277] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.145873][T17895] syzkaller1: entered promiscuous mode
[  190.151522][T17895] syzkaller1: entered allmulticast mode
[  190.729468][T17921] loop5: detected capacity change from 0 to 136
[  190.809987][T17921] iso9660: Bad value for 'mode'
[  190.858915][T17927] SELinux: security policydb version 17 (MLS) not backwards compatible
[  190.867938][T17927] SELinux: failed to load policy
[  190.903371][T17929] loop7: detected capacity change from 0 to 512
[  190.947940][T17929] EXT4-fs: Ignoring removed orlov option
[  190.999232][T17929] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.019211][T17935] netlink: 'syz.5.5952': attribute type 1 has an invalid length.
[  191.070895][   T29] kauditd_printk_skb: 145 callbacks suppressed
[  191.070914][   T29] audit: type=1400 audit(447.041:42969): avc:  denied  { read open } for  pid=17928 comm="syz.7.5950" path="/" dev="configfs" ino=2124 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  191.134241][T17935] netlink: 'syz.5.5952': attribute type 1 has an invalid length.
[  191.146115][ T6530] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.198162][T17938] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  191.239379][   T29] audit: type=1326 audit(447.201:42970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17940 comm="syz.2.5955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  191.262420][   T29] audit: type=1326 audit(447.201:42971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17940 comm="syz.2.5955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  191.285603][   T29] audit: type=1326 audit(447.201:42972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17940 comm="syz.2.5955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  191.308616][   T29] audit: type=1326 audit(447.201:42973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17940 comm="syz.2.5955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  191.331641][   T29] audit: type=1326 audit(447.201:42974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17940 comm="syz.2.5955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  191.416400][   T29] audit: type=1326 audit(447.331:42975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17940 comm="syz.2.5955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  191.439445][   T29] audit: type=1326 audit(447.331:42976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17940 comm="syz.2.5955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  191.462436][   T29] audit: type=1326 audit(447.331:42977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17940 comm="syz.2.5955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  191.485416][   T29] audit: type=1326 audit(447.361:42978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17940 comm="syz.2.5955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  191.518598][T17948] veth0: entered promiscuous mode
[  191.524472][T17949] batadv_slave_0: entered promiscuous mode
[  191.540416][T17947] batadv_slave_0: left promiscuous mode
[  191.546257][T17947] veth0: left promiscuous mode
[  191.708726][T17974] vlan3: entered allmulticast mode
[  191.783378][T17984] loop3: detected capacity change from 0 to 512
[  191.802867][T17980] loop7: detected capacity change from 0 to 128
[  191.867012][T17980] syz.7.5972: attempt to access beyond end of device
[  191.867012][T17980] loop7: rw=2049, sector=138, nr_sectors = 112 limit=128
[  191.926203][T17996] loop8: detected capacity change from 0 to 512
[  191.980467][T17996] EXT4-fs error (device loop8): ext4_orphan_get:1418: comm syz.8.5978: bad orphan inode 11862016
[  192.006382][T18005] loop3: detected capacity change from 0 to 4096
[  192.023301][T18005] EXT4-fs: Ignoring removed nomblk_io_submit option
[  192.195640][ T3454] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  192.203429][ T3454] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  192.229437][ T5219] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  192.325685][T18032] netlink: 'syz.8.5991': attribute type 1 has an invalid length.
[  192.330401][T18029] loop3: detected capacity change from 0 to 2048
[  192.344206][T18032] netlink: 'syz.8.5991': attribute type 1 has an invalid length.
[  192.355416][T18029] EXT4-fs (loop3): shut down requested (2)
[  192.361768][T18029] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[  192.372086][T18029] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[  192.403932][T18041] loop3: detected capacity change from 0 to 512
[  192.421799][T18041] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.5995: bad orphan inode 11862016
[  192.561468][T18045] ALSA: seq fatal error: cannot create timer (-19)
[  192.633252][T18055] loop8: detected capacity change from 0 to 512
[  192.640759][T18055] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  192.652423][T18055] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #16: comm syz.8.6000: invalid indirect mapped block 4294967295 (level 0)
[  192.667759][T18055] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #16: comm syz.8.6000: invalid indirect mapped block 4294967295 (level 1)
[  192.683238][T18055] EXT4-fs (loop8): 1 orphan inode deleted
[  192.689080][T18055] EXT4-fs (loop8): 1 truncate cleaned up
[  192.736190][T18064] loop8: detected capacity change from 0 to 136
[  192.751244][T18064] iso9660: Bad value for 'mode'
[  192.770508][T18066] loop2: detected capacity change from 0 to 164
[  192.784415][T18066] ISOFS: unable to read i-node block
[  192.789773][T18066] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  192.803340][T18070] __nla_validate_parse: 6 callbacks suppressed
[  192.803365][T18070] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6007'.
[  192.846973][T18070] 8021q: adding VLAN 0 to HW filter on device bond1
[  192.923890][T18085] loop3: detected capacity change from 0 to 512
[  192.931435][T18085] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  192.952145][T18085] EXT4-fs (loop3): 1 truncate cleaned up
[  192.976959][T18095] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6017'.
[  193.039435][ T5217] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  193.042029][T18097] SELinux: ebitmap: truncated map
[  193.052855][T18101] loop7: detected capacity change from 0 to 512
[  193.073537][T18097] SELinux: failed to load policy
[  193.101983][T18105] ref_ctr_offset mismatch. inode: 0x177f offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000
[  193.209493][ T5217] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  193.229112][T18123] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6029'.
[  193.388595][T18139] loop5: detected capacity change from 0 to 512
[  193.388839][T18136] kernel read not supported for file /policy (pid: 18136 comm: syz.2.6035)
[  193.466211][T18151] random: crng reseeded on system resumption
[  193.474322][T18149] loop7: detected capacity change from 0 to 512
[  193.488764][T18149] journal_path: Non-blockdev passed as './bus'
[  193.495068][T18149] EXT4-fs: error: could not find journal device path
[  193.509553][T18151] Restarting kernel threads ...
[  193.525357][T18151] Done restarting kernel threads.
[  193.581399][T18164] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6046'.
[  193.641028][T18174] loop3: detected capacity change from 0 to 1024
[  193.647830][T18174] EXT4-fs: inline encryption not supported
[  193.654043][T18174] EXT4-fs: Ignoring removed bh option
[  193.672325][T18180] loop7: detected capacity change from 0 to 256
[  193.700996][T18180] syz.7.6054: attempt to access beyond end of device
[  193.700996][T18180] loop7: rw=2049, sector=256, nr_sectors = 68 limit=256
[  193.714956][T18174] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  193.732802][T18174] EXT4-fs (loop3): Remounting filesystem read-only
[  193.745520][T18185] loop8: detected capacity change from 0 to 512
[  193.766328][T18189] loop3: detected capacity change from 0 to 128
[  194.129950][T18241] loop3: detected capacity change from 0 to 512
[  194.137952][T18241] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.6080: iget: bad i_size value: 38620345925642
[  194.151113][T18241] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.6080: couldn't read orphan inode 15 (err -117)
[  194.368048][T18264] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6091'.
[  194.377081][T18264] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6091'.
[  194.412854][T18268] loop5: detected capacity change from 0 to 512
[  194.419703][T18268] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  194.431798][T18268] EXT4-fs (loop5): 1 truncate cleaned up
[  194.493292][T18272] serio: Serial port ttyS3
[  194.530733][T18278] loop3: detected capacity change from 0 to 256
[  194.530733][T18277] loop8: detected capacity change from 0 to 1024
[  194.531228][T18277] EXT4-fs: Ignoring removed orlov option
[  194.575668][T18277] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c118, mo2=0002]
[  194.577986][T18278] syz.3.6097: attempt to access beyond end of device
[  194.577986][T18278] loop3: rw=2049, sector=256, nr_sectors = 68 limit=256
[  194.592522][T18277] System zones: 0-1, 3-12
[  194.648412][T18283] loop5: detected capacity change from 0 to 8192
[  194.699007][T18297] SELinux: ebitmap: truncated map
[  194.705133][T18297] SELinux: failed to load policy
[  194.734864][T18303] loop3: detected capacity change from 0 to 512
[  194.748797][T18303] EXT4-fs: Ignoring removed bh option
[  194.755465][T18303] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  194.777733][T18303] EXT4-fs (loop3): 1 truncate cleaned up
[  194.783846][T18311] netlink: 96 bytes leftover after parsing attributes in process `syz.8.6111'.
[  194.892349][T18328] batadv_slave_0: entered promiscuous mode
[  194.898623][T18328] batadv_slave_0: left promiscuous mode
[  195.348286][T18375] loop5: detected capacity change from 0 to 1024
[  195.376288][T18381] loop2: detected capacity change from 0 to 7
[  195.377124][T18375] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  195.397455][T18375] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #3: block 1: comm syz.5.6141: lblock 1 mapped to illegal pblock 1 (length 1)
[  195.414191][T18375] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.6141: Failed to acquire dquot type 0
[  195.429550][T18375] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.6141: Freeing blocks not in datazone - block = 0, count = 4096
[  195.446217][T18375] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.6141: Invalid inode bitmap blk 0 in block_group 0
[  195.462044][T18389] loop7: detected capacity change from 0 to 512
[  195.469016][T18375] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  195.470246][ T3454] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  195.491891][T18389] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  195.501913][T18375] EXT4-fs (loop5): 1 orphan inode deleted
[  195.507998][T18375] EXT4-fs mount: 30 callbacks suppressed
[  195.508013][T18375] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.508872][ T3454] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:7: Failed to release dquot type 0
[  195.526234][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  195.539031][T18389] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #16: comm syz.7.6147: invalid indirect mapped block 4294967295 (level 0)
[  195.561045][T18389] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #16: comm syz.7.6147: invalid indirect mapped block 4294967295 (level 1)
[  195.570145][T18375] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.575985][T18389] EXT4-fs (loop7): 1 orphan inode deleted
[  195.589865][T18389] EXT4-fs (loop7): 1 truncate cleaned up
[  195.599121][T18389] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.627913][T18400] loop3: detected capacity change from 0 to 512
[  195.638647][T18400] EXT4-fs: Ignoring removed bh option
[  195.649297][T18400] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  195.670025][ T6530] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.688120][T18400] EXT4-fs (loop3): 1 truncate cleaned up
[  195.694406][T18400] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.728643][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.812108][T18419] loop8: detected capacity change from 0 to 1024
[  195.835646][T18419] EXT4-fs: Ignoring removed bh option
[  195.851441][T18419] EXT4-fs: inline encryption not supported
[  195.861363][T18419] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  195.914411][T18419] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  195.928480][T18430] loop5: detected capacity change from 0 to 512
[  195.935649][T18430] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  195.947688][T18419] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 2: comm syz.8.6160: lblock 2 mapped to illegal pblock 2 (length 1)
[  195.963241][T18419] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 48: comm syz.8.6160: lblock 0 mapped to illegal pblock 48 (length 1)
[  195.981474][T18419] EXT4-fs error (device loop8): ext4_acquire_dquot:6937: comm syz.8.6160: Failed to acquire dquot type 0
[  195.993937][T18430] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.6165: invalid indirect mapped block 4294967295 (level 0)
[  196.010186][T18430] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.6165: invalid indirect mapped block 4294967295 (level 1)
[  196.024974][T18419] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  196.035571][T18419] EXT4-fs error (device loop8): ext4_evict_inode:254: inode #11: comm syz.8.6160: mark_inode_dirty error
[  196.047988][T18419] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  196.058426][T18430] EXT4-fs (loop5): 1 orphan inode deleted
[  196.064253][T18430] EXT4-fs (loop5): 1 truncate cleaned up
[  196.070556][T18430] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.083164][    C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  196.091210][T18419] EXT4-fs (loop8): 1 orphan inode deleted
[  196.097509][T18419] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.110571][   T31] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  196.126096][   T31] __quota_error: 138 callbacks suppressed
[  196.126111][   T31] Quota error (device loop8): remove_tree: Can't read quota data block 1
[  196.140496][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6973: comm kworker/u8:1: Failed to release dquot type 0
[  196.143351][T18419] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 1: comm syz.8.6160: lblock 1 mapped to illegal pblock 1 (length 1)
[  196.166167][T18419] Quota error (device loop8): find_next_id: Can't read quota tree block 1
[  196.200357][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.211981][T13275] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.234785][T13275] EXT4-fs error (device loop8): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  196.267259][T13275] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  196.287909][T13275] EXT4-fs error (device loop8): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[  196.355244][T18455] netlink: 'syz.5.6168': attribute type 4 has an invalid length.
[  196.373038][T18455] netlink: 'syz.5.6168': attribute type 4 has an invalid length.
[  196.423559][T18457] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6186'.
[  196.525840][   T29] audit: type=1400 audit(452.491:43112): avc:  denied  { write } for  pid=18467 comm="syz.7.6180" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  196.953611][T18477] loop2: detected capacity change from 0 to 128
[  196.982494][   T29] audit: type=1326 audit(452.951:43113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18476 comm="syz.2.6182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  197.038279][   T29] audit: type=1326 audit(452.951:43114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18476 comm="syz.2.6182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  197.061374][   T29] audit: type=1326 audit(452.981:43115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18476 comm="syz.2.6182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  197.084378][   T29] audit: type=1326 audit(452.981:43116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18476 comm="syz.2.6182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  197.107344][   T29] audit: type=1326 audit(452.981:43117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18476 comm="syz.2.6182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  197.201476][T18482] loop2: detected capacity change from 0 to 512
[  197.262815][T18482] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.417169][T15277] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.622710][T18517] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  197.631586][T18517] SELinux: failed to load policy
[  197.742491][T18524] loop7: detected capacity change from 0 to 512
[  197.808325][T18524] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.962754][T18553] netlink: 'syz.8.6213': attribute type 13 has an invalid length.
[  197.970669][T18553] netlink: 'syz.8.6213': attribute type 17 has an invalid length.
[  198.014499][T18553] 0ªX¹¦D: left allmulticast mode
[  198.171397][ T6530] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.303180][T18553] $Hÿ: left promiscuous mode
[  198.308005][T18553] bond_slave_0: left promiscuous mode
[  198.313503][T18553] bond_slave_1: left promiscuous mode
[  198.347964][T18553] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[  198.413436][T18553] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  198.428201][   T29] audit: type=1326 audit(454.381:43118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18557 comm="syz.7.6217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9894ee5be7 code=0x7ffc0000
[  198.452218][   T29] audit: type=1326 audit(454.381:43119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18557 comm="syz.7.6217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9894e8ae09 code=0x7ffc0000
[  198.667737][T18564] netlink: 'syz.7.6220': attribute type 1 has an invalid length.
[  198.838114][T18536] Set syz1 is full, maxelem 65536 reached
[  198.848687][T18566] bond2: (slave bridge2): making interface the new active one
[  198.869183][T18566] bond2: (slave bridge2): Enslaving as an active interface with an up link
[  199.125190][T18595] loop2: detected capacity change from 0 to 128
[  199.148009][T18595] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  199.188878][T15277] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  199.209066][ T5219] hid_parser_main: 18 callbacks suppressed
[  199.209088][ T5219] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  199.222561][ T5219] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  199.230085][ T5219] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  199.237525][ T5219] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  199.244991][ T5219] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  199.252468][ T5219] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  199.259909][ T5219] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  199.267324][ T5219] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  199.274799][ T5219] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  199.282232][ T5219] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  199.292423][ T5219] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  199.350471][T18612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6240'.
[  199.360124][T18612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6240'.
[  199.415838][T18622] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6245'.
[  199.448579][T18628] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  199.819490][ T5228] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[  200.022606][T18697] IPv6: NLM_F_CREATE should be specified when creating new route
[  200.056484][ T5217] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  200.093081][T18706] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6281'.
[  200.102176][T18706] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6281'.
[  200.133581][T18706] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6281'.
[  200.142744][T18706] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6281'.
[  200.177925][T18706] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6281'.
[  200.186966][T18706] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6281'.
[  200.257178][T18729] loop2: detected capacity change from 0 to 512
[  200.278652][T18729] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  200.293394][T18729] EXT4-fs (loop2): 1 truncate cleaned up
[  200.300104][T18729] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.300386][T18733] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6292'.
[  200.328710][T18729] ------------[ cut here ]------------
[  200.334263][T18729] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x0, 0x7800000000] s64=[0x0, 0xffffffffffffffff] u32=[0x80000000, 0x0] s32=[0x0, 0xffffffff] var_off=(0x0, 0x7800000000)(1)
[  200.340334][T18733] netlink: 'syz.7.6292': attribute type 5 has an invalid length.
[  200.354429][T18729] WARNING: CPU: 0 PID: 18729 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680
[  200.372539][T18729] Modules linked in:
[  200.376487][T18729] CPU: 0 UID: 0 PID: 18729 Comm: syz.2.6290 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  200.387981][T18729] Tainted: [W]=WARN
[  200.391842][T18729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  200.401944][T18729] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[  200.408221][T18729] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 c2 81 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[  200.427942][T18729] RSP: 0018:ffffc900093b7440 EFLAGS: 00010292
[  200.434109][T18729] RAX: af7edbf784b2b800 RBX: ffff8881234a3840 RCX: 0000000000080000
[  200.442143][T18729] RDX: ffffc90010694000 RSI: 000000000001aa39 RDI: 000000000001aa3a
[  200.450148][T18729] RBP: 0000000000000000 R08: 0001ffff86a20c4f R09: 0000000000000000
[  200.458169][T18729] R10: ffffffff88e69978 R11: ffffffff82203c10 R12: ffff8881234a3800
[  200.466185][T18729] R13: ffff888115e28000 R14: ffff888115e28000 R15: ffff8881234a3838
[  200.474329][T18729] FS:  00007fde6efbf6c0(0000) GS:ffff8882aee40000(0000) knlGS:0000000000000000
[  200.483406][T18729] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  200.490021][T18729] CR2: 00002000000054c0 CR3: 00000001363b0000 CR4: 00000000003506f0
[  200.498012][T18729] DR0: 0000000000000002 DR1: 0000000000000000 DR2: 0000000000000000
[  200.506084][T18729] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  200.514137][T18729] Call Trace:
[  200.517485][T18729]  <TASK>
[  200.520467][T18729]  reg_set_min_max+0x1eb/0x260
[  200.525263][T18729]  check_cond_jmp_op+0x1080/0x16e0
[  200.530428][T18729]  do_check+0x332a/0x7a10
[  200.534797][T18729]  do_check_common+0xc3a/0x12a0
[  200.539753][T18729]  bpf_check+0x942b/0xd9e0
[  200.544166][T18729]  ? __rcu_read_unlock+0x4f/0x70
[  200.549100][T18729]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  200.555172][T18729]  ? alloc_pages_bulk_noprof+0x4b8/0x540
[  200.560889][T18729]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[  200.566824][T18729]  ? pcpu_block_update+0x377/0x3b0
[  200.572008][T18729]  ? _find_next_zero_bit+0x64/0xa0
[  200.577154][T18729]  ? pcpu_block_refresh_hint+0x157/0x170
[  200.582846][T18729]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  200.588915][T18729]  ? css_rstat_updated+0xb7/0x240
[  200.594022][T18729]  ? __rcu_read_unlock+0x4f/0x70
[  200.599072][T18729]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[  200.604941][T18729]  ? selinux_bpf_prog_load+0x36/0xf0
[  200.610270][T18729]  ? __kmalloc_cache_noprof+0x299/0x320
[  200.615912][T18729]  ? selinux_bpf_prog_load+0xbf/0xf0
[  200.621245][T18729]  ? security_bpf_prog_load+0x2c/0xa0
[  200.626638][T18729]  bpf_prog_load+0xedd/0x1070
[  200.631450][T18729]  ? security_bpf+0x2b/0x90
[  200.636472][T18729]  __sys_bpf+0x462/0x7b0
[  200.640890][T18729]  __x64_sys_bpf+0x41/0x50
[  200.645390][T18729]  x64_sys_call+0x2aea/0x2ff0
[  200.650178][T18729]  do_syscall_64+0xd2/0x200
[  200.654801][T18729]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  200.660936][T18729]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  200.666693][T18729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.672726][T18729] RIP: 0033:0x7fde7055ec29
[  200.677162][T18729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.696828][T18729] RSP: 002b:00007fde6efbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  200.705301][T18729] RAX: ffffffffffffffda RBX: 00007fde707a5fa0 RCX: 00007fde7055ec29
[  200.713339][T18729] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  200.721367][T18729] RBP: 00007fde705e1e41 R08: 0000000000000000 R09: 0000000000000000
[  200.729378][T18729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  200.737366][T18729] R13: 00007fde707a6038 R14: 00007fde707a5fa0 R15: 00007ffd4c98e478
[  200.745553][T18729]  </TASK>
[  200.748591][T18729] ---[ end trace 0000000000000000 ]---
[  200.798293][T18739] bond3: entered promiscuous mode
[  200.803500][T18739] bond3: entered allmulticast mode
[  200.812523][T18739] 8021q: adding VLAN 0 to HW filter on device bond3
[  200.822684][T15277] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.849930][T18739] bond3 (unregistering): Released all slaves
[  200.981674][T18767] loop5: detected capacity change from 0 to 512
[  201.006474][T18767] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.088321][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.751078][T18838] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  201.751078][T18838]    program syz.7.6336 not setting count and/or reply_len properly
[  201.949430][   T29] kauditd_printk_skb: 51 callbacks suppressed
[  201.949447][   T29] audit: type=1400 audit(457.921:43171): avc:  denied  { write } for  pid=18846 comm="syz.2.6340" path="socket:[56864]" dev="sockfs" ino=56864 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  201.997778][   T29] audit: type=1400 audit(457.961:43172): avc:  denied  { read } for  pid=18846 comm="syz.2.6340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  202.193372][T18859] bridge0: port 2(macsec0) entered blocking state
[  202.199901][T18859] bridge0: port 2(macsec0) entered disabled state
[  202.216449][T18859] macsec0: entered allmulticast mode
[  202.225170][T18859] macsec0: left allmulticast mode
[  202.316610][T18866] netlink: 'syz.8.6345': attribute type 4 has an invalid length.
[  202.358393][T18866] netlink: 'syz.8.6345': attribute type 4 has an invalid length.
[  202.786373][   T29] audit: type=1326 audit(458.741:43173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.7.6364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  202.809484][   T29] audit: type=1326 audit(458.741:43174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.7.6364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  202.832620][   T29] audit: type=1326 audit(458.741:43175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.7.6364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  202.855639][   T29] audit: type=1326 audit(458.741:43176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.7.6364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  202.878644][   T29] audit: type=1326 audit(458.741:43177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.7.6364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  202.901743][   T29] audit: type=1326 audit(458.741:43178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.7.6364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  202.924822][   T29] audit: type=1326 audit(458.741:43179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.7.6364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  202.947911][   T29] audit: type=1326 audit(458.741:43180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.7.6364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9894eeec29 code=0x7ffc0000
[  203.038758][T18921] loop7: detected capacity change from 0 to 512
[  203.122115][T18921] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  203.280980][T18961] loop8: detected capacity change from 0 to 128
[  203.288861][T18961] FAT-fs (loop8): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  203.338822][T18961] syz.8.6389: attempt to access beyond end of device
[  203.338822][T18961] loop8: rw=0, sector=97, nr_sectors = 944 limit=128
[  203.383581][T12454] FAT-fs (loop8): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  204.140632][T19043] random: crng reseeded on system resumption
[  204.264977][T19040] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.272217][T19040] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.340821][T19057] netlink: 'syz.7.6430': attribute type 18 has an invalid length.
[  204.363658][T19040] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  204.382605][T19040] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  204.443314][T12513] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  204.458709][T12513] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  204.467189][T19057] __nla_validate_parse: 14 callbacks suppressed
[  204.467277][T19057] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6430'.
[  204.476063][T12513] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  204.482670][T19057] netlink: 'syz.7.6430': attribute type 18 has an invalid length.
[  204.561537][T12513] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  204.607242][T19069] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  204.618930][T19067] IPVS: stopping master sync thread 19069 ...
[  204.725642][T19087] loop5: detected capacity change from 0 to 512
[  204.740915][T19089] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6444'.
[  204.754649][T19089] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6444'.
[  204.785300][T19087] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.826634][T19097] tunl0: Caught tx_queue_len zero misconfig
[  204.838860][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.021222][T19110] loop5: detected capacity change from 0 to 2048
[  205.111402][T19120] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6458'.
[  205.133413][T19122] geneve3: entered promiscuous mode
[  205.138659][T19122] geneve3: entered allmulticast mode
[  205.287691][T19141] loop7: detected capacity change from 0 to 164
[  205.299708][T19141] syz.7.6467: attempt to access beyond end of device
[  205.299708][T19141] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  205.334807][T19141] syz.7.6467: attempt to access beyond end of device
[  205.334807][T19141] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  205.354404][T19147] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6470'.
[  205.381814][T19147] batman_adv: batadv0: Removing interface: batadv_slave_1
[  205.432904][T19157] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.530921][T19157] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.573040][T19157] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.631287][T19157] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.648298][T19154] loop7: detected capacity change from 0 to 128
[  205.685861][T19170] netlink: 'syz.8.6480': attribute type 10 has an invalid length.
[  205.711174][T19170] team0: Device hsr_slave_0 failed to register rx_handler
[  205.763997][T12451] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.792718][T12451] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.808517][T12451] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.823794][T12451] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.887745][T19188] loop7: detected capacity change from 0 to 1024
[  205.911861][T19188] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  205.938019][T19188] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #15: block 3: comm syz.7.6489: lblock 3 mapped to illegal pblock 3 (length 3)
[  205.953758][T19188] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  205.966083][T19188] EXT4-fs (loop7): This should not happen!! Data will be lost
[  205.966083][T19188] 
[  205.988024][T12513] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:64: lblock 8 mapped to illegal pblock 8 (length 8)
[  206.003759][T12513] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  206.016076][T12513] EXT4-fs (loop7): This should not happen!! Data will be lost
[  206.016076][T12513] 
[  206.027559][ T6530] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  206.047150][T19200] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6494'.
[  206.056152][T19200] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6494'.
[  206.150520][T19215] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.6500'.
[  206.279916][T19229] 9p: Unknown uid 00000000004294967295
[  206.312882][T19236] netlink: 'syz.7.6508': attribute type 1 has an invalid length.
[  206.342965][T19236] gretap1: entered allmulticast mode
[  206.350397][T19236] bond3: (slave gretap1): making interface the new active one
[  206.358867][T19236] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  206.869702][T19261] netlink: 64 bytes leftover after parsing attributes in process `syz.8.6518'.
[  206.922451][T19267] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  206.966745][   T29] kauditd_printk_skb: 158 callbacks suppressed
[  206.966757][T19273] netlink: 104 bytes leftover after parsing attributes in process `syz.8.6524'.
[  206.966763][   T29] audit: type=1400 audit(462.931:43339): avc:  denied  { nlmsg_read } for  pid=19272 comm="syz.8.6524" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  207.099071][   T29] audit: type=1326 audit(463.061:43340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19282 comm="syz.8.6529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81c3e3ec29 code=0x7ffc0000
[  207.137357][   T29] audit: type=1326 audit(463.071:43341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19282 comm="syz.8.6529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f81c3e3ec29 code=0x7ffc0000
[  207.160329][   T29] audit: type=1326 audit(463.071:43342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19282 comm="syz.8.6529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81c3e3ec29 code=0x7ffc0000
[  207.183366][   T29] audit: type=1326 audit(463.071:43343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19282 comm="syz.8.6529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81c3e3ec29 code=0x7ffc0000
[  207.206444][   T29] audit: type=1326 audit(463.071:43344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19282 comm="syz.8.6529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f81c3e3ec29 code=0x7ffc0000
[  207.229409][   T29] audit: type=1326 audit(463.071:43345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19282 comm="syz.8.6529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81c3e3ec29 code=0x7ffc0000
[  207.252418][   T29] audit: type=1326 audit(463.071:43346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19282 comm="syz.8.6529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81c3e3ec29 code=0x7ffc0000
[  207.342316][T19291] loop2: detected capacity change from 0 to 1024
[  207.349663][T19291] EXT4-fs: Ignoring removed nobh option
[  207.355280][T19291] EXT4-fs: Ignoring removed bh option
[  207.386069][T19291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.452334][T19291] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  207.483279][T15277] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.564468][T19321] loop7: detected capacity change from 0 to 164
[  207.580316][T19321] Unable to read rock-ridge attributes
[  207.596851][T19321] Unable to read rock-ridge attributes
[  207.609027][T19321] iso9660: Corrupted directory entry in block 4 of inode 1792
[  207.679350][   T29] audit: type=1326 audit(463.641:43347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19327 comm="syz.2.6549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  207.702385][   T29] audit: type=1326 audit(463.641:43348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19327 comm="syz.2.6549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7055ec29 code=0x7ffc0000
[  208.287404][T19389] loop5: detected capacity change from 0 to 512
[  208.307236][T19393] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19393 comm=syz.8.6576
[  208.343297][T19389] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.561694][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.677732][T19424] loop5: detected capacity change from 0 to 2048
[  208.702601][T19424] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.715728][T19424] EXT4-fs error (device loop5): ext4_ext_precache:632: inode #2: comm syz.5.6590: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  208.735289][T19424] EXT4-fs (loop5): Remounting filesystem read-only
[  208.765013][T19432] loop2: detected capacity change from 0 to 2048
[  208.789975][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.808215][T19432] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.845254][T15277] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.126455][T19480] loop5: detected capacity change from 0 to 1024
[  209.145933][T19480] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.259314][T19480] loop5: detected capacity change from 1024 to 0
[  209.268139][    C1] I/O error, dev loop5, sector 10 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 2
[  209.278026][    C1] I/O error, dev loop5, sector 18 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 2
[  209.287597][    C1] I/O error, dev loop5, sector 16 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[  209.297614][T19485] EXT4-fs error (device loop5): ext4_get_inode_loc:4999: inode #15: block 8: comm syz.5.6613: unable to read itable block
[  209.323197][    C0] I/O error, dev loop5, sector 32 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[  209.522494][    C1] I/O error, dev loop5, sector 10 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 2
[  209.522674][    C0] I/O error, dev loop5, sector 18 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 2
[  209.539414][    C1] I/O error, dev loop5, sector 16 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[  209.551150][T12501] EXT4-fs error (device loop5): __ext4_get_inode_loc_noinmem:4984: inode #15: block 8: comm kworker/u8:54: unable to read itable block
[  209.565767][T14124] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.904118][T19498] chnl_net:caif_netlink_parms(): no params data found
[  209.992308][T19498] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.999482][T19498] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.020013][T19498] bridge_slave_0: entered allmulticast mode
[  210.033182][T19498] bridge_slave_0: entered promiscuous mode
[  210.047122][T19498] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.054252][T19498] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.076993][T19498] bridge_slave_1: entered allmulticast mode
[  210.089906][T19498] bridge_slave_1: entered promiscuous mode
[  210.128315][T19498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.139526][T19498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.185347][T19498] team0: Port device team_slave_0 added
[  210.194628][T19498] team0: Port device team_slave_1 added
[  210.237687][T19498] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.244790][T19498] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.270816][T19498] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.303858][T19498] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.310869][T19498] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.336856][T19498] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  210.356558][T19555] loop8: detected capacity change from 0 to 512
[  210.369394][T19555] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.384408][T19498] hsr_slave_0: entered promiscuous mode
[  210.392532][T19498] hsr_slave_1: entered promiscuous mode
[  210.398628][T19498] debugfs: 'hsr0' already exists in 'hsr'
[  210.404412][T19498] Cannot create hsr debugfs directory
[  210.413353][T13275] EXT4-fs error (device loop8): __ext4_iget:5464: inode #13: block 33024: comm syz-executor: invalid block
[  210.425023][T13275] EXT4-fs error (device loop8): __ext4_iget:5464: inode #13: block 33024: comm syz-executor: invalid block
[  210.475127][T19563] __nla_validate_parse: 4 callbacks suppressed
[  210.475143][T19563] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6644'.
[  210.755334][T12513] netdevsim netdevsim8 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  210.765150][T12513] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.861587][T12513] netdevsim netdevsim8 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  210.871551][T12513] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.897457][T19580] loop2: detected capacity change from 0 to 4096
[  210.917655][T19580] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.923879][T19498] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  210.941598][T19498] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  210.963461][T15277] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.978176][T12513] netdevsim netdevsim8 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  210.987951][T12513] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.009754][T19498] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  211.027882][T19498] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  211.065492][T12513] netdevsim netdevsim8 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  211.075372][T12513] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.191762][T19498] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.199174][T12513] bridge_slave_1: left allmulticast mode
[  211.204867][T12513] bridge_slave_1: left promiscuous mode
[  211.210646][T12513] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.224000][T12513] bridge_slave_0: left allmulticast mode
[  211.229717][T12513] bridge_slave_0: left promiscuous mode
[  211.235368][T12513] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.320154][T12513] team0: Port device geneve1 removed
[  211.361850][T12513] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  211.374380][T12513] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  211.384872][T12513] $Hÿ (unregistering): Released all slaves
[  211.395847][T12513] bond0 (unregistering): Released all slaves
[  211.404961][T12513] bond1 (unregistering): Released all slaves
[  211.418272][T19575] chnl_net:caif_netlink_parms(): no params data found
[  211.432958][T19498] 8021q: adding VLAN 0 to HW filter on device team0
[  211.462397][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.469497][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.490737][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.497825][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.554886][T19624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.563483][T19624] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.574556][T19624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.583314][T19624] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.593056][T12513] hsr_slave_0: left promiscuous mode
[  211.598834][T12513] hsr_slave_1: left promiscuous mode
[  211.605320][T12513] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  211.612779][T12513] batman_adv: batadv0: Removing interface: batadv_slave_0
[  211.624346][T12513] veth0_macvtap: left promiscuous mode
[  211.629905][T12513] veth1_vlan: left promiscuous mode
[  211.635124][T12513] veth0_vlan: left promiscuous mode
[  211.688846][T12513] team0 (unregistering): Port device team_slave_1 removed
[  211.698805][T12513] team0 (unregistering): Port device team_slave_0 removed
[  211.734226][T19624] netlink: 566 bytes leftover after parsing attributes in process `syz.7.6663'.
[  211.747739][T19575] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.754904][T19575] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.762122][T19575] bridge_slave_0: entered allmulticast mode
[  211.768771][T19575] bridge_slave_0: entered promiscuous mode
[  211.777423][T19575] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.784530][T19575] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.791744][T19575] bridge_slave_1: entered allmulticast mode
[  211.798299][T19575] bridge_slave_1: entered promiscuous mode
[  211.830699][T19575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.841704][T19575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.863266][T19575] team0: Port device team_slave_0 added
[  211.870530][T19575] team0: Port device team_slave_1 added
[  211.887475][T19575] batman_adv: batadv0: Adding interface: batadv_slave_0
[  211.894500][T19575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.920535][T19575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.932180][T19575] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.939149][T19575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.965460][T19575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.000478][T19498] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.010631][T19575] hsr_slave_0: entered promiscuous mode
[  212.018585][T19575] hsr_slave_1: entered promiscuous mode
[  212.024777][T19575] debugfs: 'hsr0' already exists in 'hsr'
[  212.030576][T19575] Cannot create hsr debugfs directory
[  212.195385][T19498] veth0_vlan: entered promiscuous mode
[  212.204693][T19498] veth1_vlan: entered promiscuous mode
[  212.218579][T19498] veth0_macvtap: entered promiscuous mode
[  212.231864][T19498] veth1_macvtap: entered promiscuous mode
[  212.251004][T19498] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.261904][T19498] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.274516][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.289147][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.300531][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.311678][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.312486][T19657] loop7: detected capacity change from 0 to 512
[  212.351302][T19575] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  212.362258][T19657] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.377034][T19575] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  212.392091][T19575] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  212.401675][ T6530] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.413646][T19575] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  212.442362][   T29] kauditd_printk_skb: 123 callbacks suppressed
[  212.442380][   T29] audit: type=1326 audit(468.411:43472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19676 comm="syz.4.6675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683276ec29 code=0x7ffc0000
[  212.471635][   T29] audit: type=1326 audit(468.411:43473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19676 comm="syz.4.6675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683276ec29 code=0x7ffc0000
[  212.494812][   T29] audit: type=1326 audit(468.411:43474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19676 comm="syz.4.6675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f683276ec29 code=0x7ffc0000
[  212.549206][   T29] audit: type=1326 audit(468.411:43475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19676 comm="syz.4.6675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683276ec29 code=0x7ffc0000
[  212.553513][T19575] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.572454][   T29] audit: type=1326 audit(468.411:43476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19676 comm="syz.4.6675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f683276ec29 code=0x7ffc0000
[  212.602047][   T29] audit: type=1326 audit(468.451:43477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19676 comm="syz.4.6675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683276ec29 code=0x7ffc0000
[  212.625025][   T29] audit: type=1326 audit(468.451:43478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19676 comm="syz.4.6675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683276ec29 code=0x7ffc0000
[  212.632666][T19575] 8021q: adding VLAN 0 to HW filter on device team0
[  212.648085][   T29] audit: type=1326 audit(468.471:43479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19676 comm="syz.4.6675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f683276ec29 code=0x7ffc0000
[  212.677796][   T29] audit: type=1400 audit(468.471:43480): avc:  denied  { kexec_image_load } for  pid=19676 comm="syz.4.6675" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  212.697369][   T29] audit: type=1326 audit(468.471:43481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19676 comm="syz.4.6675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683276ec29 code=0x7ffc0000
[  212.775754][T19681] netlink: 264 bytes leftover after parsing attributes in process `syz.7.6676'.
[  212.807277][T19692] netlink: 5 bytes leftover after parsing attributes in process `syz.7.6682'.
[  212.812664][T12513] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.823325][T12513] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.844632][T12513] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.851792][T12513] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.873629][T19692] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  212.884509][T19692] 0ªî{X¹¦: entered allmulticast mode
[  212.890568][T19692] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  212.916115][T19575] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  212.982692][T19706] loop7: detected capacity change from 0 to 2048
[  212.994680][T19575] 8021q: adding VLAN 0 to HW filter on device batadv0
[  213.047179][T19706] Alternate GPT is invalid, using primary GPT.
[  213.053489][T19706]  loop7: p1 p2 p3
[  213.166881][T19575] veth0_vlan: entered promiscuous mode
[  213.186028][T19575] veth1_vlan: entered promiscuous mode
[  213.223561][T19575] veth0_macvtap: entered promiscuous mode
[  213.244571][T19575] veth1_macvtap: entered promiscuous mode
[  213.258334][T19731] loop2: detected capacity change from 0 to 164
[  213.338726][T19575] batman_adv: batadv0: Interface activated: batadv_slave_0
[  213.368698][T19575] batman_adv: batadv0: Interface activated: batadv_slave_1
[  213.403555][T19731] syz.2.6694: attempt to access beyond end of device
[  213.403555][T19731] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  213.442657][T12482] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  213.452963][T19731] syz.2.6694: attempt to access beyond end of device
[  213.452963][T19731] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  213.512880][T12451] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  213.570870][T12451] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  213.628844][T12451] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.669110][T19747] loop1: detected capacity change from 0 to 2048
[  213.733411][T19751] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6702'.
[  213.779684][T19747] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.351364][T19798] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6718'.
[  214.360946][T19798] netem: change failed
[  214.657176][T19575] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.910854][T19817] SELinux: failed to load policy
[  214.956045][T19823] tipc: Started in network mode
[  214.960976][T19823] tipc: Node identity fffeffff, cluster identity 4711
[  214.967756][T19823] tipc: Node number set to 4294901759
[  215.148352][T19841] loop2: detected capacity change from 0 to 512
[  215.212773][T19841] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.564818][T15277] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.727148][T19863] netlink: 'syz.2.6747': attribute type 10 has an invalid length.
[  215.735064][T19863] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6747'.
[  215.749523][T19863] dummy0: entered promiscuous mode
[  215.792742][T19867] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6749'.
[  216.345661][T19899] usb usb1: usbfs: process 19899 (syz.1.6764) did not claim interface 0 before use
[  216.442791][T19903] tipc: Started in network mode
[  216.447707][T19903] tipc: Node identity fffeffff, cluster identity 4711
[  216.454495][T19903] tipc: Node number set to 4294901759
[  216.600753][T19913] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6770'.
[  216.674303][T19919] vlan2: entered allmulticast mode
[  216.679526][T19919] bridge_slave_0: entered allmulticast mode
[  216.818173][T19936] loop4: detected capacity change from 0 to 128
[  216.826326][T19936] EXT4-fs: Ignoring removed nobh option
[  216.833450][T19936] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  216.880875][T19498] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  216.956646][T19953] loop2: detected capacity change from 0 to 512
[  216.974551][T19953] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  216.994298][T19953] EXT4-fs (loop2): mount failed
[  217.040412][T19961] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6791'.
[  217.049670][T19961] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6791'.
[  217.058618][T19961] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6791'.
[  217.082037][T19961] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6791'.
[  217.458739][   T29] kauditd_printk_skb: 126 callbacks suppressed
[  217.458758][   T29] audit: type=1400 audit(473.421:43607): avc:  denied  { mount } for  pid=19996 comm="syz.1.6806" name="/" dev="hugetlbfs" ino=61157 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  217.519424][   T29] audit: type=1400 audit(473.471:43608): avc:  denied  { unmount } for  pid=19575 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  217.855690][   T29] audit: type=1400 audit(473.821:43609): avc:  denied  { remount } for  pid=20035 comm="syz.3.6821" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  217.938602][T20044] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20044 comm=syz.3.6825
[  218.044308][   T29] audit: type=1400 audit(474.011:43610): avc:  denied  { sys_module } for  pid=20053 comm="syz.3.6829" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  218.071948][   T29] audit: type=1400 audit(474.011:43611): avc:  denied  { module_request } for  pid=20053 comm="syz.3.6829" kmod="syzkaller0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  218.093363][   T29] audit: type=1400 audit(474.031:43612): avc:  denied  { read write } for  pid=15277 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  218.117161][   T29] audit: type=1400 audit(474.031:43613): avc:  denied  { open } for  pid=15277 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  218.140923][   T29] audit: type=1400 audit(474.031:43614): avc:  denied  { ioctl } for  pid=15277 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  218.166520][   T29] audit: type=1400 audit(474.061:43615): avc:  denied  { map_create } for  pid=20062 comm="syz.3.6832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  218.185259][   T29] audit: type=1400 audit(474.061:43616): avc:  denied  { map_read map_write } for  pid=20062 comm="syz.3.6832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  218.369988][T20067] loop4: detected capacity change from 0 to 512
[  218.392621][T20067] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  218.410951][T20067] EXT4-fs (loop4): mount failed
[  218.441258][T20076] pim6reg: entered allmulticast mode
[  218.449206][T20076] pim6reg: left allmulticast mode
[  218.927566][T20134] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6864'.
[  219.047833][T20153] bridge0: port 3(gretap0) entered blocking state
[  219.054469][T20153] bridge0: port 3(gretap0) entered disabled state
[  219.068277][T20153] gretap0: entered allmulticast mode
[  219.074533][T20153] gretap0: entered promiscuous mode
[  219.084382][T20153] bridge0: port 3(gretap0) entered blocking state
[  219.090869][T20153] bridge0: port 3(gretap0) entered forwarding state
[  219.283966][T20183] loop2: detected capacity change from 0 to 512
[  219.320407][T20183] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  219.370275][T20183] EXT4-fs (loop2): shut down requested (1)
[  219.379119][T20183] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  219.441858][T15277] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  219.990850][T20245] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6915'.
[  220.023941][T20245] IPVS: Error joining to the multicast group
[  220.036003][T20248] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6918'.
[  220.045060][T20248] netlink: 'syz.2.6918': attribute type 14 has an invalid length.
[  220.077465][T20248] netlink: 'syz.2.6918': attribute type 14 has an invalid length.
[  220.142819][T20255] pimreg: entered allmulticast mode
[  220.204075][T20263] pimreg: left allmulticast mode
[  220.250237][T20265] loop2: detected capacity change from 0 to 2048
[  220.263932][T20265] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.372314][T12511] netdevsim netdevsim7 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  220.382272][T12511] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.482392][T12511] netdevsim netdevsim7 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  220.492306][T12511] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.543890][T20281] loop4: detected capacity change from 0 to 1764
[  220.554583][T12511] netdevsim netdevsim7 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  220.564462][T12511] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.651271][T12511] netdevsim netdevsim7 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  220.661184][T12511] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.772746][T12511] bridge0: port 1(team0) entered disabled state
[  220.881680][T12511] bond3 (unregistering): (slave gretap1): Releasing active interface
[  221.007351][T20265] ==================================================================
[  221.015470][T20265] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked
[  221.022875][T20265] 
[  221.025212][T20265] read-write to 0xffff88811a70ab50 of 8 bytes by interrupt on cpu 0:
[  221.033287][T20265]  __xa_clear_mark+0xf5/0x1e0
[  221.037984][T20265]  __folio_end_writeback+0x177/0x470
[  221.043291][T20265]  folio_end_writeback+0x71/0x3d0
[  221.048349][T20265]  ext4_finish_bio+0x459/0x8c0
[  221.053141][T20265]  ext4_end_bio+0x298/0x3b0
[  221.057672][T20265]  bio_endio+0x37b/0x420
[  221.061934][T20265]  blk_update_request+0x336/0x730
[  221.066976][T20265]  blk_mq_end_request+0x26/0x50
[  221.071831][T20265]  lo_complete_rq+0x98/0x140
[  221.076421][T20265]  blk_done_softirq+0x77/0xb0
[  221.081104][T20265]  handle_softirqs+0xb7/0x290
[  221.085788][T20265]  run_ksoftirqd+0x1c/0x30
[  221.090248][T20265]  smpboot_thread_fn+0x32b/0x530
[  221.095195][T20265]  kthread+0x489/0x510
[  221.099268][T20265]  ret_from_fork+0x11f/0x1b0
[  221.103862][T20265]  ret_from_fork_asm+0x1a/0x30
[  221.108656][T20265] 
[  221.110975][T20265] read to 0xffff88811a70ab50 of 8 bytes by task 20265 on cpu 1:
[  221.118600][T20265]  xas_find_marked+0x218/0x620
[  221.123377][T20265]  find_get_entry+0x5d/0x380
[  221.127969][T20265]  filemap_get_folios_tag+0x92/0x210
[  221.133255][T20265]  file_write_and_wait_range+0x1ea/0x2c0
[  221.138906][T20265]  generic_buffers_fsync_noflush+0x45/0x120
[  221.144800][T20265]  ext4_sync_file+0x1ab/0x690
[  221.149479][T20265]  vfs_fsync_range+0x10a/0x130
[  221.154247][T20265]  ext4_buffered_write_iter+0x34f/0x3c0
[  221.159802][T20265]  ext4_file_write_iter+0xdbf/0xf00
[  221.165006][T20265]  iter_file_splice_write+0x666/0xa60
[  221.170379][T20265]  direct_splice_actor+0x156/0x2a0
[  221.175490][T20265]  splice_direct_to_actor+0x312/0x680
[  221.180863][T20265]  do_splice_direct+0xda/0x150
[  221.185632][T20265]  do_sendfile+0x380/0x650
[  221.190057][T20265]  __x64_sys_sendfile64+0x105/0x150
[  221.195258][T20265]  x64_sys_call+0x2bb0/0x2ff0
[  221.199937][T20265]  do_syscall_64+0xd2/0x200
[  221.204453][T20265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.210343][T20265] 
[  221.212664][T20265] value changed: 0x0000000000000001 -> 0x0000000000000000
[  221.219763][T20265] 
[  221.222087][T20265] Reported by Kernel Concurrency Sanitizer on:
[  221.228238][T20265] CPU: 1 UID: 0 PID: 20265 Comm: syz.2.6924 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  221.239608][T20265] Tainted: [W]=WARN
[  221.243448][T20265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  221.253499][T20265] ==================================================================
[  221.310634][T12511] bond2 (unregistering): (slave bridge2): Releasing active interface
[  221.380816][T12511] bond0 (unregistering): Released all slaves
[  221.423975][T12511] bond1 (unregistering): Released all slaves
[  221.441946][T12511] bond2 (unregistering): Released all slaves
[  221.453355][T12511] bond3 (unregistering): Released all slaves
[  221.601666][T12511] tipc: Disabling bearer <udp:syz0>
[  221.606964][T12511] tipc: Left network mode
[  221.732427][T12511] hsr_slave_0: left promiscuous mode
[  221.739687][T12511] hsr_slave_1: left promiscuous mode
[  221.745350][T12511] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  221.747625][T20265] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.752401][T12511] batman_adv: batadv0: Removing interface: veth1_vlan
[  221.795489][T12511] veth1_vlan: left promiscuous mode
[  221.830155][T12511] veth0_vlan: left promiscuous mode
[  222.293220][T12511] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.331845][T12511] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.392637][T12511] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.451828][T12511] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.512425][T12511] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  222.522762][T12511] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.572406][T12511] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  222.582717][T12511] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.621472][T12511] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  222.631850][T12511] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.671787][T12511] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  222.682157][T12511] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.773844][T12511] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.821467][T12511] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.871502][T12511] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.932043][T12511] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.001154][T12511] bridge_slave_1: left allmulticast mode
[  223.006871][T12511] bridge_slave_1: left promiscuous mode
[  223.012532][T12511] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.020331][T12511] bridge_slave_0: left allmulticast mode
[  223.026013][T12511] bridge_slave_0: left promiscuous mode
[  223.031644][T12511] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.040479][T12511] gretap0: left allmulticast mode
[  223.045581][T12511] gretap0: left promiscuous mode
[  223.050631][T12511] bridge0: port 3(gretap0) entered disabled state
[  223.057623][T12511] bridge_slave_1: left allmulticast mode
[  223.063294][T12511] bridge_slave_1: left promiscuous mode
[  223.068959][T12511] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.076621][T12511] bridge_slave_0: left allmulticast mode
[  223.082295][T12511] bridge_slave_0: left promiscuous mode
[  223.087929][T12511] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.096244][T12511] bridge_slave_1: left allmulticast mode
[  223.101942][T12511] bridge_slave_1: left promiscuous mode
[  223.107542][T12511] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.115185][T12511] bridge_slave_0: left allmulticast mode
[  223.120847][T12511] bridge_slave_0: left promiscuous mode
[  223.126560][T12511] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.261637][T12511] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  223.271341][T12511] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  223.281080][T12511] bond0 (unregistering): Released all slaves
[  223.391384][T12511] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  223.401006][T12511] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  223.410391][T12511] bond0 (unregistering): Released all slaves
[  223.461217][T12511] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  223.470976][T12511] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  223.480267][T12511] bond0 (unregistering): Released all slaves
[  223.542811][T12511] tipc: Left network mode
[  223.603714][T12511] hsr_slave_0: left promiscuous mode
[  223.610250][T12511] hsr_slave_1: left promiscuous mode
[  223.615841][T12511] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  223.624284][T12511] batman_adv: batadv0: Removing interface: batadv_slave_0
[  223.631835][T12511] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  223.639203][T12511] batman_adv: batadv0: Removing interface: batadv_slave_1
[  223.648167][T12511] hsr_slave_0: left promiscuous mode
[  223.654424][T12511] hsr_slave_1: left promiscuous mode
[  223.660035][T12511] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  223.667391][T12511] batman_adv: batadv0: Removing interface: batadv_slave_0
[  223.674933][T12511] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  223.682347][T12511] batman_adv: batadv0: Removing interface: batadv_slave_1
[  223.691897][T12511] hsr_slave_0: left promiscuous mode
[  223.697458][T12511] hsr_slave_1: left promiscuous mode
[  223.703056][T12511] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  223.710429][T12511] batman_adv: batadv0: Removing interface: batadv_slave_0
[  223.717890][T12511] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  223.725323][T12511] batman_adv: batadv0: Removing interface: batadv_slave_1
[  223.740456][T12511] veth1_macvtap: left promiscuous mode
[  223.745926][T12511] veth0_macvtap: left promiscuous mode
[  223.751494][T12511] veth1_vlan: left promiscuous mode
[  223.756696][T12511] veth0_vlan: left promiscuous mode
[  223.762505][T12511] veth0_macvtap: left promiscuous mode
[  223.768029][T12511] veth1_vlan: left promiscuous mode
[  223.773477][T12511] veth0_vlan: left promiscuous mode
[  223.779118][T12511] veth1_macvtap: left promiscuous mode
[  223.784624][T12511] veth0_macvtap: left promiscuous mode
[  223.790134][T12511] veth1_vlan: left promiscuous mode
[  223.795357][T12511] veth0_vlan: left promiscuous mode
[  223.906325][T12511] team0 (unregistering): Port device team_slave_1 removed
[  223.915461][T12511] team0 (unregistering): Port device team_slave_0 removed
[  223.964557][T12511] team0 (unregistering): Port device team_slave_1 removed
[  223.973896][T12511] team0 (unregistering): Port device team_slave_0 removed
[  224.019025][T12511] team0 (unregistering): Port device team_slave_1 removed
[  224.028374][T12511] team0 (unregistering): Port device team_slave_0 removed