last executing test programs:

54.173887406s ago: executing program 2 (id=3):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='fdb_delete\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="0100002010fe"})

54.059844785s ago: executing program 2 (id=12):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./bus\x00', 0x280000a, &(0x7f00000007c0)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2b2, &(0x7f00000003c0)="$eJzs3b9re1UUAPDz0uQl6JAKTiL4QAenL992dUmRFordJIM6qNgWpAlCCwV/YOzk6uLo6iIIbv4TLv4HgqvgZsHCk5f3XpPUNCbVtOr381l6e+85956bvlI65OSd54cnh1kcX3zyU3Q6STR60YvLJDajEbXPYkbviwAA/ssu8zx+zUur5CUR0VlfWQDAGq389/+7tZcEAKzZ62+8+dpOGhFZ1om94efn/eI/++Jrub5zHO/HII7icXTjKiK/Vo738jwfNbPCZrw0HJ33i8zh2z9U++/8EhHF/ltJfWSZ3q7y9w92t7LSVP6oqOOp6vxecf52dOPZOefvH+xuz8mPfhovvzhV/6Poxo/vxQcxiMNxEWV+NCI+3cqyV/Mvf/v4raK8Ij8Znffb47iJfOM+fy4AAAAAAAAAAAAAAAAAAAAAAPy/Pap657Rj3L+nmKr672xcFd+0IqttzvbnKfOvu/rc6A80yuOruj/P4yzL8ipwkt+M55rRfJhbAwAAAAAAAAAAAAAAAAAAwL/L2Ycfnbw7GByd/iODuhtA/bb+u+7Tm5p5IRYHtydnNarhgp1jo45JIhaWUVxi6Zp/r9oe3O2le+a2mr/5dul9vv7ru1eD1hIxf3NQ1ZLd+oy1o57p1A/J99MxaSx5Vjp/qXWar/T4pXOXuivfPX16PBgtiIlkUWGv/Fy+ZtVMcvMWaUTcsnOrGkylz8Z0ln+ei9+UP0l06wAAAAAAAAAAAAAAAAAAgLWavOl3zuLFwtRG3l5bWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwryaf/z8edKrpycy8waiKml1qTmbybr2UxunZA14PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ8QfAQAA//+C9FlJ")
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
r3 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r4)
setfsuid(r2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
utimensat(r0, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0)

53.972815255s ago: executing program 2 (id=15):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpid()
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x200000, &(0x7f00000000c0)={[{@dioread_lock}, {@noblock_validity}, {@lazytime}, {@noblock_validity}]}, 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000002c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x8, 0x0, &(0x7f0000000080))

52.15558813s ago: executing program 2 (id=52):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
listen(r2, 0xa)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000200)='E', 0x1}], 0x1)
r4 = accept4$unix(r2, 0x0, 0x0, 0x0)
recvmsg(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=""/68, 0x44}], 0x1}, 0x4c2103a0)

52.053329659s ago: executing program 32 (id=52):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
listen(r2, 0xa)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000200)='E', 0x1}], 0x1)
r4 = accept4$unix(r2, 0x0, 0x0, 0x0)
recvmsg(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=""/68, 0x44}], 0x1}, 0x4c2103a0)

24.292912554s ago: executing program 5 (id=540):
execve(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x8000000000000000, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0x0)
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000940))
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'vcan0\x00'})

23.272691081s ago: executing program 5 (id=552):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000140)='./file0\x00')
readlinkat(r1, &(0x7f0000000040)='./file0/../file0\x00', &(0x7f00000000c0)=""/50, 0x32)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IPT_SO_GET_INFO(r3, 0x0, 0x40, &(0x7f0000000000)={'raw\x00', 0x0, [0x6baa, 0x3, 0x21, 0x4, 0xae]}, &(0x7f0000000880)=0x54)

22.79212107s ago: executing program 5 (id=558):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d00000004000000070000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
ioctl$MON_IOCX_GET(r4, 0x40189206, &(0x7f0000000340)={0x0, 0x0})

21.155468635s ago: executing program 5 (id=567):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@quota}, {@nolazytime}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
creat(&(0x7f00000000c0)='./bus\x00', 0x0)
open(0x0, 0x4000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32=0x0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x101000, 0x132)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x2, 0x0, 0x0, 0x1c, 0x15, "ef359f413bb90152f7d6d1ceed29c3ee5e0200000000000000c2aac63a01000000000000004faa2ad9c084a003ea000000000000b60000000000000000007e00", "036c475263bdbcef549ba197fce4000000000000000400002a00ffffffff89ffffff00000000e8f20000000200", "b900000000fffffffff2060000000000000200"})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x201, 0xb1)

20.556601982s ago: executing program 5 (id=573):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0xa042, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x18, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$kcm(0xa, 0x922000000003, 0x11)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0a000000010000000900000008"], 0x50)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000540)={&(0x7f0000000200)=@name, 0x10, 0x0}, 0x0)

20.308957112s ago: executing program 5 (id=579):
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b0000000000000000000000eb40"], 0x50)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

20.308540742s ago: executing program 33 (id=579):
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b0000000000000000000000eb40"], 0x50)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

3.427784s ago: executing program 3 (id=767):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x1008a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@nobarrier}, {@noload}, {@data_err_ignore}, {@grpjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@noblock_validity}]}, 0xfe, 0x44a, &(0x7f0000000900)="$eJzs3MtvG0UYAPBv7SR9k1CeDS0ECiLikTTpgx6QoAgkDiAhwaGIU0jSKtRtUBMkWkUQOIQjqsQdcUTiL+BCuSDghMQV7ggpQrlQOBmtvZu6iZ04iROX+veTNpnxjDXz7e7Y41mvA+hYA+mfJGJ/RPwWEb3V7K0VBqr/bizNjf+zNDeeRLn85l9Jpd7fS3PjedX8eS9UM+XyGu0uvBMxVipNXs7yw7MX3x+euXL12amLY+cnz09eGj19+sTxIz2nRk+2JM4DaV/7P5o+fOjVt6+9Pn722rs/fZP2d39WXhtHqwxU925dT7S6sTY7kCdejEi62tsXmleMiPRwdVfGf28UY89yWW+88mlbOwdsq3K5UN7VuHi+DADccfI3+vTzb77t0NTjtrB4JpbXMW5kW7WkKwpZne7sM9J2GIiIs/P/fplusU3rEAAAta6fiYhn6s3/CnF/Tb27smtDfRFxd0QcjIh7IuLeiLgvolL3gYh4cIPtr7xCsnr+U+7dVGBNSud/z2fXtm6d/+Wzv+grZrkDlfi7k3NTpclj2T4ZjO5daX5kjTa+f/nXzxuV1c7/0i1tP58LZv34s2vFAt3E2OzYVmKutfhJRH9XvfiT5TlvOj8+FBH9m2xj6qmvDzcqWz/+NbRgUl7+KuLJ6vGfjxXx55KG1ydHnjs1enJ4d5Qmjw3nZ8VqP/+y8Eaj9rcUfwssXi/H3rrn/3L8fcnuiJkrVy9UrtfObLyNhd8/a/iZZrPnf0/yViXdkz324djs7OWRiJ7ktdWPj958bp7P66fn/+DR+uP/YNzcEw9FRHoSH4mIhyPikazvj0bEYxFxdI34f3zp8fc2Hv8aq/ItlMY/sd7xj9rjv/FE8cIP3248/lx6/E9UUoPZI828/jXbwa3sOwAAAPi/KFS+A58UhpbThcLQUMS+ytru3qQ0PTP79LnpDy5NVL8r3xfdhXylq7dmPXQkWxvO86Mr8sezdeMvinsq+aHx6dJEu4OHDrevwfhP/VFsd++Abed+Lehcxj90LuMfOpfxD53L+IfOVW/8f9yGfgA7b533/z071Q9g55n/Q+cy/qFzGf/QkRreG1/Y0i3/Em1KfNeztd9qaD4Rhdsk5DsmkY7HOkVdTf+YxSYTu+oWtfuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDX+CwAA//8ngeSM")
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100000100000000000200fffc0900010073797a30000000000800024000000001cc000000030a01020000000000000000020000000900010073797a3000000000aa000300"], 0x1e4}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x7fff, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x100)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
sendto$inet(r3, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x15, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
sendmmsg$inet_sctp(r3, &(0x7f0000002600)=[{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000540)="2473730c658d4a11a87329d57a3d82f4b7550ef54f8e5655c19840f192055729769df7dcad819a1e0b0e3a7b679bb052629e8d8538486273a64e127ab4da69ff8067bd9115968153f8e3b0bfbade4d703361b8df32584642ebddce32b20acb133ddf5ffb8736860bc3", 0x69}], 0x1, 0x0, 0x0, 0x4000080}, {0x0, 0x0, &(0x7f0000001540), 0x0, &(0x7f00000015c0), 0x0, 0x48051}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}], 0x3, 0x4000000)
recvmsg(r3, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104)

2.894313449s ago: executing program 1 (id=771):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff0000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fchdir(0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r2, 0x0, 0x5000000}, 0x10)
msgget(0x3, 0x141)

2.847563379s ago: executing program 1 (id=772):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e25, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffd}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [], 0x6b}})
write(r0, &(0x7f0000000200)="89ba41c97928dec7cec15a160d3dba257872aed129d4b5247c9834550448a4f46c37425b873ec95db3d757e8b2333a64d9abf416fd83f942661c47bcdf71f7d07ba2b2f051829a7f66952e57962614db0d03474a4a4bce636ea8d2b882b2b49ef18e76edbec7302a96e41f206d930eda2769c56e6d5e3d541ce9a21c3ce5cb5f", 0x1fc0)

2.811150238s ago: executing program 1 (id=774):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "77746a315690a576", "07f217bd74511f465bbbd5de01000000f9044677d5883600c9aba60800", "0000f600", "8ce63ecbc640735f"}, 0x38)
sendto$inet6(r0, &(0x7f0000000100)='S', 0x1, 0x8000, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
close(r0)

2.767864708s ago: executing program 1 (id=776):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000001000000000000000000000085000000870000001801000020786c2500000000002020207b1af8ff00000000bfa108000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r0, 0x0, 0xe, 0x0, &(0x7f0000000600)="e0b9547ed387db3b8691d2c0e201", 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r1, 0x6, 0x6, &(0x7f0000000180)=0x1, 0x4)
getsockopt$inet6_tcp_int(r1, 0x6, 0x9, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket$netlink(0x10, 0x3, 0x14)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000070000000000000000181100cb1bd098d5811fc5cad91bdbc821fe4ea112496f822ccc382409cd71a2cd556d15e9417a8fd9bd07181e21951c8c2649df6202bd2acf1ecda1d637b20904bd5bbb7874fb6a208b9e2dcaf5537a467dd46e25542e2beef47c7f99f1d906645f53fa0d4e2bc1e804835133778bea05c084c05fdac769fea26b1797bee4aa543f4e4b00ff40a8ed8bb6db3645c7f1f810b235e3831bed1eb1a990f49c7e76783dea6046ceb7b0ec20004825f3754d117561d115010dd894b8b9f17ed6d21ec06968a89a42b665594fb9cd005b5e1abd044fea9696fef46b723053bca97705bde4", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0xffffffffffffffaf, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}}, 0x0)

2.571061828s ago: executing program 3 (id=779):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x2240, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = syz_clone3(0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_pidfd_open(r0, 0x0)
pidfd_send_signal(r3, 0x9, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000300390248ff050005001200", 0x2e}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)

2.517614797s ago: executing program 1 (id=780):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x141a82, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lsm_get_self_attr(0x66, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
open(0x0, 0x40542, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x2c, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8800}, 0x4048040)

2.466208448s ago: executing program 1 (id=782):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x18, 0x12, 0x0, 0x1, [{0x3, 0x1, 0x0, 0x1, @connlimit={{0xe}, @void}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xa4}, 0x1, 0x0, 0x0, 0x1}, 0x20050800)
socket(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x62040200)
recvmmsg(r0, &(0x7f00000008c0)=[{{&(0x7f00000005c0)=@nfc, 0x80, &(0x7f0000000800)=[{&(0x7f0000000640)=""/156, 0x9c}, {&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f0000000480)=""/19, 0x13}, {&(0x7f0000000700)=""/153, 0x99}, {&(0x7f00000007c0)}], 0x5, &(0x7f0000000880)=""/13, 0xd}, 0x3}], 0x1, 0x12100, &(0x7f0000000900)={0x77359400})
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000009e602206d0414c3400000000001090224"], 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x4, 0x388, 0xffffffff, 0x1e8, 0x0, 0x1e8, 0xfeffffff, 0xffffffff, 0x2b8, 0x2b8, 0x2b8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@remote, @mcast1, [], [0xff000000], 'macsec0\x00', 'bond_slave_0\x00', {}, {}, 0x0, 0x0, 0x2}, 0x2f2, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x6}}}, {{@uncond, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ddabf53d9b1435965491f6531877000001e770b667f10900000000000000e3121114449fd20ba2be6e45cae72a972f25170163232ed996b4789b9d00"}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e8)

2.411292027s ago: executing program 3 (id=784):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xf, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
sync_file_range(r5, 0x0, 0x400, 0x1)
r6 = openat$snapshot(0xffffffffffffff9c, 0x0, 0x5aa02, 0x0)
ioctl$FIBMAP(r6, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3f0, 0x3d8, 0x3d8, 0x3f0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x1, 0x3, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

2.389629287s ago: executing program 3 (id=785):
set_mempolicy(0x3, &(0x7f0000000000)=0x5, 0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="500100001a000100000000000200000002001c1f0000c808ffffffea080006000700000008000400", @ANYRES32, @ANYBLOB="06001c004e21000008000100ac1414"], 0x150}, 0x1, 0x0, 0x0, 0x2000c094}, 0x4040084)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000040)='./file2\x00', 0x0, &(0x7f0000000000)=ANY=[], 0xfd, 0x11f3, &(0x7f0000001b80)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r3, r2, 0x0, 0x800000009)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r3, &(0x7f0000000180)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x5, 0x5, {"f66bffae9a069e2a654b8a3858ce94ae"}, 0x3, 0x6, 0xfffffffffffff001}}}, 0x90)
close(0xffffffffffffffff)
syz_io_uring_setup(0xfba, &(0x7f0000000380)={0x0, 0x0, 0x80, 0x4}, &(0x7f0000000100), &(0x7f0000000080))

2.157950106s ago: executing program 4 (id=789):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000280)={'syztnl2\x00', <r1=>0x0, 0x4, 0x8, 0x42, 0x4, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x7, 0x2, 0xdd}})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x2000000000000000}, 0x18)
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESDEC=r1, @ANYRES32, @ANYBLOB="00000000c2d152ed00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000ffffffff000000000000000000"], 0x50)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000a40)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x48000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@delalloc}, {@nodioread_nolock}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
chown(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)

2.090216966s ago: executing program 3 (id=790):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000008000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
pipe(&(0x7f0000000080))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r5=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)={0x1a0, r4, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PEERS={0x17c, 0x8, 0x0, 0x1, [{0x74, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0x1, @mcast1, 0x2}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x7}]}, {0x70, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x4}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @empty}}]}, {0x94, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x3c, 0x9, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}]}, {0x4}]}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_ALLOWEDIPS={0x4}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r5}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x4000}, 0x40)

2.002506166s ago: executing program 3 (id=793):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
unshare(0x68040200)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

1.888093266s ago: executing program 6 (id=795):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x803})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random='\x00\a\x00\x00\v\x00'})

1.784816385s ago: executing program 6 (id=796):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0xf})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89a2, &(0x7f0000000080))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x2, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000400)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0xf20e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x0, 0x63db, 0x6, 0x0, 0x0, 0x4004, 0x0, 0x80}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

1.484254795s ago: executing program 6 (id=798):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x47f7, 0xd)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x61)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000000)=0x56, 0x4)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

865.817853ms ago: executing program 6 (id=801):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000180)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES64, @ANYRES16=0x0], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r1, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
mknod$loop(0x0, 0x400, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_gettime(0x0, 0x0)
clock_settime(0x0, 0x0)
io_setup(0x5ff, &(0x7f0000000040)=<r3=>0x0)
io_submit(r3, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0x1f, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000)="96", 0xffffff20, 0x0, 0x0, 0x0, r1}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r0, 0x0, 0x0, 0xffffffffffffffff}])

864.835563ms ago: executing program 4 (id=811):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r1, &(0x7f0000000f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f0000000300)="2e953e0d3330ff4b6c07125dfd9c383ea9db2bcc86cd7260d7578cc78edd1df34b084370fd6bf12080edc063b3a3c544f227faa3c785146fefebc92249c0405e353438dd37327c050bf041c23bedb1b2c53026f4df18f7597a97d0a6e02db7c0", 0x60}, {&(0x7f0000000380)="70618b15517ea3378a8bf9ea5fcab67945668297f0e536867029ea5fac7b9d97929487a717b01fc56c8004716e1ffc4e3e4336eb240231fe9885ad580be33d0498a38bf79ed133d52af95d351dc85028fbea53c0cdc9a54aa409ae", 0x5b}, {&(0x7f00000005c0)}, {&(0x7f0000000ac0)="1b90db3ec3e30f6b2e2a6763b7a7d18747582d9fe4165cd0709f585851f7010b3e7938c0259fb2d922b6e940cd3bae7a900520c65dbe5b7bdaa5924eb2538a6c85814d5639bce0d71bfccbcd42e88f622ca2748408fe4366a8ff8995ca2a2eba86a4f267e12294a003c7c629b85149e1ebe88dcbae29fe40b5dac2744f91c992fe4239b63b70d02ab9a262bfaeb3e1e0ef6d4480746335da5c3eb8c55a145c3330fbde2c7530b7186b2583399582616338dbac0504c9a2fd91732da5dc82032c58409bb414b58741e8664a95b3", 0xcd}, {&(0x7f0000000680)="ff690b3696a04b7c4785e9c62574e29545cd2730c10997870e87a328fba4c2163a09b357c76b75ab1ee18163266ce3b73c3a0cc29ad19eee81c0e3b26ab7c792167486dc21ff8e87a89d80bdc3766c94ecde496472cecd31ee46bcc02fd12317c9de54cd87d5cd4a9e926cc6c7d30efe7a7ca779286156a7dc43235a7b84dbf3ba43506be1ae0fdd5ccec660c0a6a7f7c0f50f1fd267289f6ffb556d636f1148d8e7f23259f5e52de3e72384d289354dd3f6f6bfd5f620", 0xb7}], 0x5, &(0x7f0000000d40)=ANY=[@ANYBLOB="a0000000000000008b00000006000000e917324b2310fa8fc8c92f5c1bc6852e86205a011bbd82adc59710365a136ec88d11ddfc5a739471243d991605a01b8e93723d7e2680c9750d82305298d685070263e3330caab28c3baa7ce0d9ac7527b956d4c1b5c90d471b6285e5aadb0c7a1df124c7f400cc6af1f11a0db57cefe7840f2030b713bf26eb20f23863402e293fe1ae4269888ded0143ea0000000000a00000000000000014010000020000002277b79f5c4753cfe1497950c06b50ab02ca4773ccd7d8a0770d1ba7cd3ed8ab099b64f52f98907bfc2bb6b5766286121ed309c854eb61e0a3d500deb2137f238ceb63138955ab6c024e2bd6bdc61064ded6aa8a314587f1800691e6f74a432aafa7d91b9cbb49a7f9d931d0d6fab0a888a20c455d593766a8591b74b58903ff6c51f9750c74fe55ecf2950e7f3b0000"], 0x140}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001000)="52fbfc2a97510864ae5fd94a6300242d3677fe1eb1ad356a1f5cfaaf42786b3bde26a5ddfa573983a5b66ce64346dcd7816a72f667da3d30c3708506ea56e433b20bbf31bc7fdd8ade9d1ccb600443a5499a404d9f7d1472afac3473abd2ec1d81d9f1a16e77c4ca8a5ef6c8524fb362e4d8309df1f7fb92b5bf3769324a725b6273825c823910e5c56b89312d65f1b356841412ad3aa8ec45bcbf99", 0x9c}, {&(0x7f00000001c0)="1bbcc2af0402", 0x6}], 0x2}}], 0x3, 0x20044000)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000780)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="099e537845ea0e885cc68400000000000000000007000000140001800500020001000000080006001d00000033e95a09e380ab4f99a9d22fd621d2f337fd54d28d7b7c27bb08f42ee147ed6325b46fa19674bd199502c9d46fa20c43ecebb71c32e0fb4d53e6ce9acb3eeaa6a41febd327a17b74b4cd524acbfe8b3b0058239fb72bd76cbcd290903f6d50a95efdb447e5e25a2137846218fa6ce43554900bbc212ceda68f366d3b0489e6a8fc1426350e355112599204a5681dea568580b16785a1fc10bd8eec61e2daeba1e4185ffeed76d510a6d25ee5afe142329ad9b483f2651e1f8e142e8df99181e4dbe5ff5b6054515793ea209cfccab109985e4203be0a5e904549d1806fee1093ad67b99ded212e16ecd046c694074cb17d9c7ad06ccc44acf832e39f6509bb1d30c7fa0175c49d4d4ca8d04c30e2c33cfe51227e5fc13060a9bdcb37d04b407db1f4a23c4420e35955913948767d252472656fddfb7081f839e67485402c3adee3", @ANYRESOCT=r0], 0x28}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r5, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

675.658832ms ago: executing program 0 (id=802):
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x60000, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x10, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d41200000000000000290000000b0000", 0x2f)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x2c, r6, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}]}, 0x2c}}, 0x4000000)

675.126982ms ago: executing program 4 (id=803):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x308, 0x130, 0x12, 0x60a, 0x600, 0x202, 0x238, 0x2e8, 0x2e8, 0x238, 0x2c0, 0x4, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @dev}, @mcast2, [], [], 'veth1_to_bond\x00', 'xfrm0\x00'}, 0x0, 0x108, 0x130, 0x0, {}, [@common=@unspec=@statistic={{0x38}}, @common=@inet=@socket2={{0x28}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}, {0xffffffffffffffff, 0xf9}}}}, {{@ipv6={@private2, @loopback, [], [], 'vxcan1\x00', 'geneve0\x00'}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@empty}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x368)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x8000, 0x0)
ioctl$TCSBRKP(r1, 0x5425, 0x0)
ioctl$TIOCGPGRP(r1, 0x5437, 0x0)
syz_open_pts(r1, 0x60000)
openat2(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x8000, 0x9318d209357c19dd, 0x14}, 0x18)
r2 = socket$inet6(0xa, 0x3, 0xff)
dup2(r2, r2)
socket$pptp(0x18, 0x1, 0x2)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1000002, 0x42032, 0xffffffffffffffff, 0x100000000)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300), 0x1a01, 0x0)
writev(r3, &(0x7f0000000680)=[{&(0x7f00000002c0)="2614", 0xf00}], 0x1)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)

602.179082ms ago: executing program 6 (id=804):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000340)='%pS    \x00'}, 0x20)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x2739, 0x0, r2, 0x42, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000a00)=@newlink={0x2c, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x192}, [@IFLA_VFINFO_LIST={0xc, 0x16, 0x0, 0x1, [{0x8, 0x1, 0x0, 0x1, [@IFLA_VF_VLAN_LIST={0x4}]}]}]}, 0x2c}}, 0x0)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x3, [@func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{0x2}, {0x10, 0x5}, {0x10, 0x2}, {0xd, 0x3}, {0x1, 0x2}]}, @typedef={0x1, 0x0, 0x0, 0x8, 0x4}, @struct={0xa, 0x4, 0x0, 0x4, 0x0, 0x8, [{0x0, 0x4, 0x3}, {0xc, 0x1, 0x8}, {0x10, 0x4, 0x8}, {0x2, 0x0, 0xffffffff}]}]}, {0x0, [0x2e]}}, &(0x7f0000000540)=""/130, 0x97, 0x82, 0x0, 0x0, 0x10000, @value}, 0x28)
pipe2$watch_queue(&(0x7f00000006c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x1e, 0x1b, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@generic={0xed, 0x5, 0x5, 0x4, 0x9f41}, @exit, @call={0x85, 0x0, 0x0, 0x5f}, @generic={0x5, 0x3, 0x2, 0x1, 0xfffffffe}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x8}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xe}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000300)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, @fallback=0x36, r7, 0x8, &(0x7f0000000640)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0xe, 0x6, 0x9}, 0x10, 0xffffffffffffffff, r1, 0x4, &(0x7f0000000700)=[r8], &(0x7f0000000740)=[{0x4, 0x2, 0x8, 0xc}, {0x4, 0x1, 0xe, 0xc}, {0x2, 0x4, 0x0, 0x7}, {0x2, 0x3, 0x5, 0x2}], 0x10, 0x1, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x9dd9000)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000, 0x3, &(0x7f00003c6000/0x3000)=nil)

582.487032ms ago: executing program 0 (id=805):
socket$kcm(0x10, 0x2, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d80)={0x7, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
fsopen(&(0x7f00000000c0)='proc\x00', 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x2, 0x4)
socket$kcm(0x11, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000050000000100000001000013020000000100000000000000000000000061"], 0x0, 0x35, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
socket$kcm(0x10, 0x2, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000b00)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYRES64=r0], 0x20)

484.264921ms ago: executing program 0 (id=806):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='X'], 0x58}, 0x1, 0x0, 0x0, 0x90}, 0x0)

393.614611ms ago: executing program 0 (id=807):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
ioctl$TIOCPKT(r0, 0x5420, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
fallocate(0xffffffffffffffff, 0x11, 0x0, 0x7000)
fsync(r1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="07000000040000001800000042a0000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="050000001800"], 0x50)

377.085531ms ago: executing program 4 (id=808):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
rename(&(0x7f00000002c0)='./file0\x00', 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x2042, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000200000008000f0001000000", 0x24)

341.502871ms ago: executing program 0 (id=809):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000a000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r4, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x50)

297.601581ms ago: executing program 0 (id=810):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
pwritev2(r2, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0xf4240}], 0x1, 0x800001, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x3ffff)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x6db6e559)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)

176.138911ms ago: executing program 4 (id=812):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd608a370000000000fe8000000000000000000000000000bbfe8000"/53, @ANYRES32=0x41424344], 0x0)
io_setup(0x7, &(0x7f0000000040))
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00')
syz_open_dev$tty1(0xc, 0x4, 0x1)

122.34201ms ago: executing program 6 (id=813):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x5fdc}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x5c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x64}}, 0x0)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$PTP_SYS_OFFSET_EXTENDED(r3, 0xc4c03d09, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)

0s ago: executing program 4 (id=814):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000000a007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket(0x10, 0x3, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000300)='mm_page_alloc\x00'}, 0x54)
syz_io_uring_setup(0x4b5, &(0x7f0000000140), &(0x7f0000000100), &(0x7f0000000000))
connect$netlink(r2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@newlink={0x34, 0x10, 0x3, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x28000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x2}, 0x0)

kernel console output (not intermixed with test programs):

o keep mac addresses unique to avoid problems!
[   34.571756][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   34.582263][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   34.593612][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_0
[   34.659221][ T3474] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2'.
[   34.699326][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   34.709873][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   34.719773][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   34.730252][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   34.740125][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   34.750615][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   34.760462][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   34.770932][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   34.781618][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1
[   34.790821][ T3303] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   34.799629][ T3303] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   34.808429][ T3303] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   34.817205][ T3303] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   34.935161][ T3503] loop2: detected capacity change from 0 to 256
[   34.974272][ T3506] loop0: detected capacity change from 0 to 2048
[   35.004065][ T3506] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.022723][ T3308] FAT-fs (loop2): error, corrupted directory (invalid entries)
[   35.030365][ T3308] FAT-fs (loop2): Filesystem has been set read-only
[   35.045809][ T3506] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   35.080852][ T3308] FAT-fs (loop2): error, corrupted directory (invalid entries)
[   35.182243][ T3515] lo speed is unknown, defaulting to 1000
[   35.191279][ T3515] lo speed is unknown, defaulting to 1000
[   35.198946][ T3515] lo speed is unknown, defaulting to 1000
[   35.243816][ T3515] infiniband syz0: set active
[   35.248581][ T3515] infiniband syz0: added lo
[   35.253255][ T3376] lo speed is unknown, defaulting to 1000
[   35.263345][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.278137][ T3519] loop3: detected capacity change from 0 to 2048
[   35.279056][ T3515] RDS/IB: syz0: added
[   35.288883][ T3515] smc: adding ib device syz0 with port count 1
[   35.295113][ T3515] smc:    ib device syz0 port 1 has pnetid 
[   35.304937][ T3376] lo speed is unknown, defaulting to 1000
[   35.310938][ T3515] lo speed is unknown, defaulting to 1000
[   35.375817][ T3515] lo speed is unknown, defaulting to 1000
[   35.402968][ T3527] netlink: 256 bytes leftover after parsing attributes in process `syz.0.21'.
[   35.407967][ T3515] lo speed is unknown, defaulting to 1000
[   35.450752][ T3533] loop0: detected capacity change from 0 to 1024
[   35.477145][ T3533] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.522954][ T3515] lo speed is unknown, defaulting to 1000
[   35.523208][ T3540] process 'syz.3.24' launched './file0' with NULL argv: empty string added
[   35.543653][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.562973][ T3515] lo speed is unknown, defaulting to 1000
[   35.694186][ T3550] netlink: 4 bytes leftover after parsing attributes in process `syz.4.28'.
[   35.750360][ T3515] syz.1.17 (3515) used greatest stack depth: 10520 bytes left
[   35.882012][ T3562] IPv6: Can't replace route, no match found
[   35.925113][ T3567] netlink: 'syz.0.36': attribute type 10 has an invalid length.
[   35.933653][ T3567] syz_tun: entered promiscuous mode
[   35.942857][ T3567] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   36.028882][ T3567] syz.0.36 (3567) used greatest stack depth: 10328 bytes left
[   36.053933][ T3576] Illegal XDP return value 1665831264 on prog  (id 32) dev N/A, expect packet loss!
[   36.295058][ T3615] SELinux:  policydb version 0 does not match my version range 15-33
[   36.311828][ T3615] SELinux: failed to load policy
[   36.352922][ T3614] syzkaller0: entered promiscuous mode
[   36.358544][ T3614] syzkaller0: entered allmulticast mode
[   36.366131][ T3619] loop1: detected capacity change from 0 to 512
[   36.370537][ T3623] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   36.406820][ T3619] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.419796][ T3619] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   36.587606][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.699371][ T1747] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   36.956435][ T3717] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   37.147179][ T3746] netlink: 28 bytes leftover after parsing attributes in process `syz.3.58'.
[   37.233710][ T3736] lo speed is unknown, defaulting to 1000
[   37.282290][ T1747] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.388963][ T3777] netlink: 24 bytes leftover after parsing attributes in process `syz.3.66'.
[   37.399879][ T1747] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.413797][ T3780] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   37.450329][ T3783] loop4: detected capacity change from 0 to 164
[   37.464299][ T1747] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.648861][ T1747] bridge_slave_1: left allmulticast mode
[   37.654622][ T1747] bridge_slave_1: left promiscuous mode
[   37.660549][ T1747] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.670696][ T3804] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   37.679579][ T1747] bridge_slave_0: left allmulticast mode
[   37.685276][ T1747] bridge_slave_0: left promiscuous mode
[   37.691009][ T1747] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.710915][ T3815] loop0: detected capacity change from 0 to 1024
[   37.717642][ T3815] =======================================================
[   37.717642][ T3815] WARNING: The mand mount option has been deprecated and
[   37.717642][ T3815]          and is ignored by this kernel. Remove the mand
[   37.717642][ T3815]          option from the mount to silence this warning.
[   37.717642][ T3815] =======================================================
[   37.753631][ T3815] EXT4-fs: Ignoring removed orlov option
[   37.767423][ T3815] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.780096][ T3815] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   37.804478][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.830489][ T1747] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   37.844950][ T1747] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   37.854535][ T1747] bond0 (unregistering): Released all slaves
[   37.863093][ T3736] chnl_net:caif_netlink_parms(): no params data found
[   37.876890][ T3795] tipc: Started in network mode
[   37.881837][ T3795] tipc: Node identity be9295df1aa, cluster identity 4711
[   37.889074][ T3795] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   37.900247][ T3820] syzkaller0: MTU too low for tipc bearer
[   37.904872][ T3825] netlink: 'syz.0.83': attribute type 4 has an invalid length.
[   37.906094][ T3820] tipc: Disabling bearer <eth:syzkaller0>
[   37.978465][ T3829] loop1: detected capacity change from 0 to 164
[   37.991424][ T3829] Unable to read rock-ridge attributes
[   38.013180][ T3829] Unable to read rock-ridge attributes
[   38.024831][ T3829] iso9660: Corrupted directory entry in block 4 of inode 1792
[   38.040593][ T3835] netlink: 4 bytes leftover after parsing attributes in process `syz.0.86'.
[   38.051590][ T1747] hsr_slave_0: left promiscuous mode
[   38.071478][ T3840] netlink: 4 bytes leftover after parsing attributes in process `syz.3.88'.
[   38.071672][ T1747] hsr_slave_1: left promiscuous mode
[   38.089412][ T1747] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   38.096967][ T1747] batman_adv: batadv0: Removing interface: batadv_slave_0
[   38.106268][ T1747] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   38.113689][ T1747] batman_adv: batadv0: Removing interface: batadv_slave_1
[   38.124803][ T1747] veth1_macvtap: left promiscuous mode
[   38.130361][ T1747] veth0_macvtap: left promiscuous mode
[   38.136221][ T1747] veth1_vlan: left promiscuous mode
[   38.141475][ T1747] veth0_vlan: left promiscuous mode
[   38.219829][ T1747] team0 (unregistering): Port device team_slave_1 removed
[   38.229805][ T1747] team0 (unregistering): Port device team_slave_0 removed
[   38.262709][ T3736] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.269944][ T3736] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.277376][ T3736] bridge_slave_0: entered allmulticast mode
[   38.283879][ T3736] bridge_slave_0: entered promiscuous mode
[   38.290742][ T3840] bridge_slave_1: left allmulticast mode
[   38.296895][ T3840] bridge_slave_1: left promiscuous mode
[   38.302774][ T3840] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.310863][ T3840] bridge_slave_0: left allmulticast mode
[   38.316731][ T3840] bridge_slave_0: left promiscuous mode
[   38.322538][ T3840] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.402192][ T3736] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.409374][ T3736] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.418991][ T3736] bridge_slave_1: entered allmulticast mode
[   38.426770][ T3736] bridge_slave_1: entered promiscuous mode
[   38.448571][ T3736] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   38.462058][ T3736] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   38.474982][ T3858] loop3: detected capacity change from 0 to 128
[   38.506481][ T3736] team0: Port device team_slave_0 added
[   38.525327][ T3736] team0: Port device team_slave_1 added
[   38.537821][ T3862] netlink: 64 bytes leftover after parsing attributes in process `syz.4.91'.
[   38.547695][ T3863] syz.1.92[3863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   38.548016][ T3863] syz.1.92[3863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   38.566498][ T3736] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.575536][ T3863] syz.1.92[3863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   38.577680][ T3736] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.621783][ T3736] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.636565][ T3736] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.643629][ T3736] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.669651][ T3736] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.683671][ T3858] syz.3.90: attempt to access beyond end of device
[   38.683671][ T3858] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[   38.723457][ T3857] syz.3.90: attempt to access beyond end of device
[   38.723457][ T3857] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[   38.747197][ T3857] syz.3.90: attempt to access beyond end of device
[   38.747197][ T3857] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[   38.767472][ T3881] syz.0.96: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   38.769455][ T3857] syz.3.90: attempt to access beyond end of device
[   38.769455][ T3857] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[   38.782186][ T3881] CPU: 1 UID: 0 PID: 3881 Comm: syz.0.96 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[   38.782218][ T3881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   38.782231][ T3881] Call Trace:
[   38.782241][ T3881]  <TASK>
[   38.797849][ T3857] syz.3.90: attempt to access beyond end of device
[   38.797849][ T3857] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[   38.805762][ T3881]  dump_stack_lvl+0xf2/0x150
[   38.816031][ T3858] syz.3.90: attempt to access beyond end of device
[   38.816031][ T3858] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[   38.819125][ T3881]  dump_stack+0x15/0x1a
[   38.823080][ T3858] syz.3.90: attempt to access beyond end of device
[   38.823080][ T3858] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[   38.834970][ T3881]  warn_alloc+0x145/0x1b0
[   38.874240][ T3881]  ? __schedule+0x6fa/0x930
[   38.878769][ T3881]  ? __vmalloc_node_range_noprof+0x88/0xe80
[   38.884699][ T3881]  __vmalloc_node_range_noprof+0xaa/0xe80
[   38.890456][ T3881]  ? __pfx_futex_wake_mark+0x10/0x10
[   38.895758][ T3881]  ? __rcu_read_unlock+0x4e/0x70
[   38.900739][ T3881]  ? avc_has_perm_noaudit+0x1cc/0x210
[   38.906217][ T3881]  ? should_fail_ex+0x31/0x230
[   38.911079][ T3881]  ? xskq_create+0x36/0xd0
[   38.915505][ T3881]  ? should_failslab+0x8f/0xb0
[   38.920307][ T3881]  vmalloc_user_noprof+0x59/0x70
[   38.925410][ T3881]  ? xskq_create+0x79/0xd0
[   38.929830][ T3881]  xskq_create+0x79/0xd0
[   38.934130][ T3881]  xsk_init_queue+0x82/0xd0
[   38.938642][ T3881]  xsk_setsockopt+0x388/0x520
[   38.943334][ T3881]  ? __pfx_xsk_setsockopt+0x10/0x10
[   38.948544][ T3881]  __sys_setsockopt+0x187/0x200
[   38.953414][ T3881]  __x64_sys_setsockopt+0x66/0x80
[   38.958656][ T3881]  x64_sys_call+0x282e/0x2dc0
[   38.963433][ T3881]  do_syscall_64+0xc9/0x1c0
[   38.968055][ T3881]  ? clear_bhb_loop+0x55/0xb0
[   38.972758][ T3881]  ? clear_bhb_loop+0x55/0xb0
[   38.977504][ T3881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.983488][ T3881] RIP: 0033:0x7f55fa585d29
[   38.987915][ T3881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.007614][ T3881] RSP: 002b:00007f55f8bf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   39.016131][ T3881] RAX: ffffffffffffffda RBX: 00007f55fa775fa0 RCX: 00007f55fa585d29
[   39.024110][ T3881] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[   39.032166][ T3881] RBP: 00007f55fa601b08 R08: 0000000000000004 R09: 0000000000000000
[   39.040151][ T3881] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000
[   39.048175][ T3881] R13: 0000000000000000 R14: 00007f55fa775fa0 R15: 00007fff2a688788
[   39.056292][ T3881]  </TASK>
[   39.059366][   T29] kauditd_printk_skb: 221 callbacks suppressed
[   39.059478][   T29] audit: type=1400 audit(1737314685.928:341): avc:  denied  { ioctl } for  pid=3876 comm="syz.4.95" path="socket:[6163]" dev="sockfs" ino=6163 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   39.059553][ T3881] Mem-Info:
[   39.096951][ T3881] active_anon:4325 inactive_anon:0 isolated_anon:0
[   39.096951][ T3881]  active_file:4319 inactive_file:1982 isolated_file:0
[   39.096951][ T3881]  unevictable:0 dirty:1288 writeback:29
[   39.096951][ T3881]  slab_reclaimable:2743 slab_unreclaimable:14699
[   39.096951][ T3881]  mapped:28324 shmem:289 pagetables:814
[   39.096951][ T3881]  sec_pagetables:0 bounce:0
[   39.096951][ T3881]  kernel_misc_reclaimable:0
[   39.096951][ T3881]  free:1911769 free_pcp:1981 free_cma:0
[   39.142056][ T3881] Node 0 active_anon:17648kB inactive_anon:0kB active_file:17276kB inactive_file:7928kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:113296kB dirty:5152kB writeback:116kB shmem:1156kB writeback_tmp:0kB kernel_stack:2992kB pagetables:3140kB sec_pagetables:0kB all_unreclaimable? no
[   39.170152][ T3881] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   39.197444][ T3881] lowmem_reserve[]: 0 2884 7863 0
[   39.202565][ T3881] Node 0 DMA32 free:2950272kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953904kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB
[   39.231641][ T3881] lowmem_reserve[]: 0 0 4978 0
[   39.236498][ T3881] Node 0 Normal free:4676612kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:17648kB inactive_anon:0kB active_file:17276kB inactive_file:7928kB unevictable:0kB writepending:5152kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:2928kB local_pcp:192kB free_cma:0kB
[   39.266505][ T3881] lowmem_reserve[]: 0 0 0 0
[   39.271163][ T3881] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   39.284068][ T3881] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 3*16kB (M) 4*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 2*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950272kB
[   39.300743][ T3881] Node 0 Normal: 12*4kB (UE) 37*8kB (UE) 46*16kB (UE) 37*32kB (UME) 27*64kB (UM) 17*128kB (UME) 11*256kB (UME) 8*512kB (M) 6*1024kB (UM) 14*2048kB (UM) 1130*4096kB (UM) = 4676376kB
[   39.319019][ T3881] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   39.328343][ T3881] 6590 total pagecache pages
[   39.332958][ T3881] 0 pages in swap cache
[   39.337311][ T3881] Free swap  = 124996kB
[   39.341475][ T3881] Total swap = 124996kB
[   39.345844][ T3881] 2097051 pages RAM
[   39.349683][ T3881] 0 pages HighMem/MovableOnly
[   39.354346][ T3881] 80183 pages reserved
[   39.385929][ T3736] hsr_slave_0: entered promiscuous mode
[   39.413385][ T3736] hsr_slave_1: entered promiscuous mode
[   39.430577][ T3736] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   39.432094][   T29] audit: type=1400 audit(1737314686.498:342): avc:  denied  { create } for  pid=3892 comm="syz.4.100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   39.445867][ T3736] Cannot create hsr debugfs directory
[   39.498119][   T29] audit: type=1400 audit(1737314686.538:343): avc:  denied  { connect } for  pid=3892 comm="syz.4.100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   39.517827][   T29] audit: type=1400 audit(1737314686.538:344): avc:  denied  { write } for  pid=3892 comm="syz.4.100" path="socket:[5206]" dev="sockfs" ino=5206 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   39.727987][   T29] audit: type=1400 audit(1737314686.798:345): avc:  denied  { create } for  pid=3894 comm="syz.0.98" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   39.776316][ T3736] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   39.829004][ T3736] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   39.858379][ T3926] ªªªªª": renamed from hsr0 (while UP)
[   39.866650][ T3736] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   39.896326][ T3736] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   39.928002][ T3923] lo speed is unknown, defaulting to 1000
[   39.952255][ T3932] loop3: detected capacity change from 0 to 512
[   40.007579][ T3736] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.035262][   T29] audit: type=1400 audit(1737314687.098:346): avc:  denied  { mounton } for  pid=3931 comm="syz.3.109" path="/syzcgroup/unified/syz3/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   40.046116][   T29] audit: type=1400 audit(1737314687.118:347): avc:  denied  { write } for  pid=3894 comm="syz.0.98" path="socket:[5228]" dev="sockfs" ino=5228 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   40.162250][ T3736] 8021q: adding VLAN 0 to HW filter on device team0
[   40.176054][ T3696] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.183499][ T3696] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.222027][ T3736] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   40.232496][ T3736] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   40.245593][ T3932] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.249882][ T3696] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.265173][ T3696] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.282024][ T3932] ext4 filesystem being mounted at /syzcgroup/unified/syz3/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   40.298175][ T3939] lo speed is unknown, defaulting to 1000
[   40.341953][ T3736] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.420297][ T3932] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   40.442514][   T29] audit: type=1400 audit(1737314687.488:348): avc:  denied  { mounton } for  pid=3931 comm="syz.3.109" path="/syzcgroup/unified/syz3/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   40.442885][   T29] audit: type=1400 audit(1737314687.488:349): avc:  denied  { remount } for  pid=3931 comm="syz.3.109" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   40.573877][ T3932] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[   40.645599][   T29] audit: type=1400 audit(1737314687.688:350): avc:  denied  { bind } for  pid=3964 comm="syz.0.113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   40.784955][ T3984] bond0: (slave syz_tun): Releasing backup interface
[   40.799299][ T3988] hsr_slave_0: left promiscuous mode
[   40.808711][ T3988] hsr_slave_1: left promiscuous mode
[   40.979513][ T4010] netlink: 'syz.4.123': attribute type 10 has an invalid length.
[   41.023812][ T4010] team0: Port device hsr_slave_0 added
[   41.106417][ T3736] veth0_vlan: entered promiscuous mode
[   41.175983][ T3736] veth1_vlan: entered promiscuous mode
[   41.201478][ T4035] syz.4.129[4035] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.201580][ T4035] syz.4.129[4035] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.227266][ T3736] veth0_macvtap: entered promiscuous mode
[   41.246593][ T4035] syz.4.129[4035] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.266695][ T3736] veth1_macvtap: entered promiscuous mode
[   41.319138][ T4037] 
: renamed from bond0 (while UP)
[   41.331689][ T3736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.342312][ T3736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.346010][ T4047] netlink: 60 bytes leftover after parsing attributes in process `syz.3.135'.
[   41.352318][ T3736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.371864][ T3736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.381797][ T3736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.392249][ T3736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.402188][ T3736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.412688][ T3736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.426994][ T3736] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.440886][ T4050] syzkaller0: entered promiscuous mode
[   41.446433][ T4050] syzkaller0: entered allmulticast mode
[   41.459906][ T3736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.470443][ T3736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.480311][ T3736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.490834][ T3736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.500842][ T3736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.511356][ T3736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.521209][ T3736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.531785][ T3736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.544186][ T3736] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.548301][ T4049] syz.1.136 uses obsolete (PF_INET,SOCK_PACKET)
[   41.552903][ T3736] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.566874][ T3736] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.575706][ T3736] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.584410][ T3736] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.615294][    C1] hrtimer: interrupt took 37197 ns
[   41.844126][ T4088] netlink: 24 bytes leftover after parsing attributes in process `syz.4.145'.
[   41.927445][ T4097] syzkaller0: entered promiscuous mode
[   41.932966][ T4097] syzkaller0: entered allmulticast mode
[   41.951425][ T4104] loop4: detected capacity change from 0 to 128
[   41.991170][ T4090] loop5: detected capacity change from 0 to 8192
[   42.054511][ T4104] syz.4.150: attempt to access beyond end of device
[   42.054511][ T4104] loop4: rw=2049, sector=241, nr_sectors = 136 limit=128
[   42.104455][ T4104] syz.4.150: attempt to access beyond end of device
[   42.104455][ T4104] loop4: rw=2049, sector=241, nr_sectors = 128 limit=128
[   42.158745][ T4104] syz.4.150: attempt to access beyond end of device
[   42.158745][ T4104] loop4: rw=2049, sector=369, nr_sectors = 1 limit=128
[   42.172187][ T4104] Buffer I/O error on dev loop4, logical block 369, lost async page write
[   42.279954][ T4125] ref_ctr increment failed for inode: 0xdc offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff88811d609f80
[   42.318892][ T4124] uprobe: syz.1.155:4124 failed to unregister, leaking uprobe
[   42.361936][ T4137] pim6reg1: entered promiscuous mode
[   42.367398][ T4137] pim6reg1: entered allmulticast mode
[   42.718628][ T4167] loop1: detected capacity change from 0 to 2048
[   42.750432][ T4167] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.798790][ T4167] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.147504][ T4184] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.163: bg 0: block 345: padding at end of block bitmap is not set
[   43.220109][ T4184] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[   43.232655][ T4184] EXT4-fs (loop1): This should not happen!! Data will be lost
[   43.232655][ T4184] 
[   43.234155][ T4197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.171'.
[   43.271607][ T4197] veth1_macvtap: left promiscuous mode
[   43.284418][ T4184] syz.1.163 (4184) used greatest stack depth: 9176 bytes left
[   43.342122][   T50] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[   43.354788][   T50] EXT4-fs (loop1): This should not happen!! Data will be lost
[   43.354788][   T50] 
[   43.362991][ T4199] loop0: detected capacity change from 0 to 1024
[   43.373572][ T4199] EXT4-fs: Ignoring removed orlov option
[   43.379333][ T4199] EXT4-fs: Ignoring removed nomblk_io_submit option
[   43.397243][ T4199] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.428222][   T50] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[   43.441108][   T50] EXT4-fs (loop1): This should not happen!! Data will be lost
[   43.441108][   T50] 
[   43.450807][   T50] EXT4-fs (loop1): Total free blocks count 0
[   43.456989][   T50] EXT4-fs (loop1): Free/Dirty block details
[   43.462982][   T50] EXT4-fs (loop1): free_blocks=0
[   43.509774][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.580931][ T4208] loop1: detected capacity change from 0 to 512
[   43.607395][ T4208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   43.627711][ T4208] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.677719][ T4214] pim6reg1: entered promiscuous mode
[   43.683143][ T4214] pim6reg1: entered allmulticast mode
[   43.711248][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   43.856862][ T4230] loop1: detected capacity change from 0 to 512
[   43.876842][ T4230] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.892172][ T4230] ext4 filesystem being mounted at /47/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   43.937593][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.999962][ T4245] loop1: detected capacity change from 0 to 512
[   44.019922][ T4245] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.189: corrupted in-inode xattr: invalid ea_ino
[   44.038657][ T4245] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.189: couldn't read orphan inode 15 (err -117)
[   44.060404][ T4245] EXT4-fs (loop1): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.089512][   T29] kauditd_printk_skb: 58 callbacks suppressed
[   44.089530][   T29] audit: type=1400 audit(1737314691.158:409): avc:  denied  { mount } for  pid=4253 comm="syz.5.192" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   44.110062][ T4245] netlink: 4 bytes leftover after parsing attributes in process `syz.1.189'.
[   44.129136][   T29] audit: type=1400 audit(1737314691.158:410): avc:  denied  { write } for  pid=4253 comm="syz.5.192" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   44.136637][ T4257] loop4: detected capacity change from 0 to 512
[   44.149835][   T29] audit: type=1400 audit(1737314691.158:411): avc:  denied  { open } for  pid=4253 comm="syz.5.192" path="/5/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   44.162477][ T4259] syz.3.193[4259] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.178063][   T29] audit: type=1400 audit(1737314691.168:412): avc:  denied  { unmount } for  pid=3736 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   44.190609][ T4245] bridge_slave_1: left allmulticast mode
[   44.215168][ T4245] bridge_slave_1: left promiscuous mode
[   44.221104][ T4245] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.230422][ T4259] syz.3.193[4259] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.230520][ T4259] syz.3.193[4259] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.242620][ T4245] bridge_slave_0: left allmulticast mode
[   44.259669][ T4245] bridge_slave_0: left promiscuous mode
[   44.261171][ T4257] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.265491][ T4245] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.286022][ T4257] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.338466][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.340624][ T4264] bridge_slave_0: left allmulticast mode
[   44.353272][ T4264] bridge_slave_0: left promiscuous mode
[   44.359077][ T4264] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.372807][ T4264] bridge_slave_1: left allmulticast mode
[   44.378544][ T4264] bridge_slave_1: left promiscuous mode
[   44.384330][ T4264] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.417609][ T4264] bond0: (slave bond_slave_0): Releasing backup interface
[   44.444654][ T4264] bond0: (slave bond_slave_1): Releasing backup interface
[   44.464388][ T4264] team0: Port device team_slave_0 removed
[   44.482356][ T4264] team0: Port device team_slave_1 removed
[   44.490528][ T4264] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   44.498026][ T4264] batman_adv: batadv0: Removing interface: batadv_slave_0
[   44.506233][ T3297] EXT4-fs (loop1): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[   44.519206][ T4264] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   44.526828][ T4264] batman_adv: batadv0: Removing interface: batadv_slave_1
[   44.621015][   T29] audit: type=1400 audit(1737314691.688:413): avc:  denied  { ioctl } for  pid=4278 comm="syz.3.201" path="socket:[7033]" dev="sockfs" ino=7033 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   44.654157][ T4279] netlink: 4 bytes leftover after parsing attributes in process `syz.3.201'.
[   44.667610][ T4279] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   44.675421][ T4279] batman_adv: batadv0: Removing interface: batadv_slave_0
[   44.706207][ T4279] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   44.713722][ T4279] batman_adv: batadv0: Removing interface: batadv_slave_1
[   44.714439][ T4281] loop5: detected capacity change from 0 to 1024
[   44.750098][ T4281] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.764901][ T4281] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.790947][ T4288] pim6reg1: entered promiscuous mode
[   44.796466][ T4288] pim6reg1: entered allmulticast mode
[   44.829089][ T4287] loop1: detected capacity change from 0 to 8192
[   44.837129][ T4287] vfat: Unknown parameter '0177777777777777777777718446744073709551615'
[   44.841601][ T3736] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.847729][ T4294] ip6gretap1: entered allmulticast mode
[   44.862787][ T4294] bridge0: port 3(ip6gretap1) entered blocking state
[   44.869565][ T4294] bridge0: port 3(ip6gretap1) entered disabled state
[   44.880564][ T4294] ip6gretap1: entered promiscuous mode
[   44.888718][ T4294] bridge0: port 3(ip6gretap1) entered blocking state
[   44.895468][ T4294] bridge0: port 3(ip6gretap1) entered forwarding state
[   44.913550][ T4294] netlink: 'syz.0.206': attribute type 10 has an invalid length.
[   44.930714][ T4294] bridge0: port 3(ip6gretap1) entered disabled state
[   44.937610][ T4294] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.944862][ T4294] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.981672][ T4294] bridge0: port 3(ip6gretap1) entered blocking state
[   44.988458][ T4294] bridge0: port 3(ip6gretap1) entered forwarding state
[   44.995533][ T4294] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.002731][ T4294] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.010036][ T4294] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.017233][ T4294] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.030584][ T4294] 
: (slave bridge0): Enslaving as an active interface with an up link
[   45.053651][ T4301] tipc: Started in network mode
[   45.058752][ T4301] tipc: Node identity 52672abde30c, cluster identity 4711
[   45.066036][ T4301] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   45.087922][   T29] audit: type=1326 audit(1737314692.148:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4308 comm="syz.4.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5d2725d29 code=0x7ffc0000
[   45.113354][   T29] audit: type=1326 audit(1737314692.148:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4308 comm="syz.4.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5d2725d29 code=0x7ffc0000
[   45.126822][ T4301] syzkaller0: entered promiscuous mode
[   45.136672][   T29] audit: type=1326 audit(1737314692.148:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4308 comm="syz.4.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5d2725d29 code=0x7ffc0000
[   45.142172][ T4301] syzkaller0: entered allmulticast mode
[   45.165338][   T29] audit: type=1326 audit(1737314692.148:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4308 comm="syz.4.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5d2725d29 code=0x7ffc0000
[   45.171522][ T4301] tipc: Resetting bearer <eth:syzkaller0>
[   45.194123][   T29] audit: type=1326 audit(1737314692.148:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4308 comm="syz.4.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5d2725d29 code=0x7ffc0000
[   45.318792][ T4299] tipc: Resetting bearer <eth:syzkaller0>
[   45.332120][ T4299] tipc: Disabling bearer <eth:syzkaller0>
[   45.341541][ T4316] loop4: detected capacity change from 0 to 8192
[   45.360709][ T4329] serio: Serial port ptm0
[   45.369559][ T4316] bio_check_eod: 1 callbacks suppressed
[   45.369575][ T4316] syz.4.213: attempt to access beyond end of device
[   45.369575][ T4316] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192
[   45.388536][ T4316] Buffer I/O error on dev loop4, logical block 57847, async page read
[   45.402512][ T4316] syz.4.213: attempt to access beyond end of device
[   45.402512][ T4316] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192
[   45.416010][ T4316] Buffer I/O error on dev loop4, logical block 57847, async page read
[   45.425199][ T4316] syz.4.213: attempt to access beyond end of device
[   45.425199][ T4316] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192
[   45.438590][ T4316] Buffer I/O error on dev loop4, logical block 57847, async page read
[   45.449906][ T4316] syz.4.213: attempt to access beyond end of device
[   45.449906][ T4316] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192
[   45.463403][ T4316] Buffer I/O error on dev loop4, logical block 57847, async page read
[   45.539077][ T4341] loop4: detected capacity change from 0 to 512
[   45.546483][ T4341] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   45.556866][ T4341] EXT4-fs (loop4): orphan cleanup on readonly fs
[   45.565902][ T4341] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.222: bg 0: block 248: padding at end of block bitmap is not set
[   45.584682][ T4341] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.222: Failed to acquire dquot type 1
[   45.638681][ T4341] EXT4-fs (loop4): 1 truncate cleaned up
[   45.645028][ T4341] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   45.653599][ T4352] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   45.665735][ T4352] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   45.688789][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.708113][ T1035] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[   45.715600][ T1035] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[   45.725173][ T1035] hid-generic 0000:0003:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   45.729231][ T4358] netlink: 264 bytes leftover after parsing attributes in process `syz.4.229'.
[   45.826487][ T4364] bond_slave_1: entered promiscuous mode
[   45.832224][ T4364] bond_slave_1: entered allmulticast mode
[   46.142570][ T4387] syzkaller1: entered promiscuous mode
[   46.148287][ T4387] syzkaller1: entered allmulticast mode
[   46.184536][ T4389] capability: warning: `syz.5.242' uses deprecated v2 capabilities in a way that may be insecure
[   46.220638][ T4393] netlink: 48 bytes leftover after parsing attributes in process `syz.5.244'.
[   46.703759][ T4413] pim6reg1: entered promiscuous mode
[   46.709123][ T4413] pim6reg1: entered allmulticast mode
[   46.835757][ T4418] futex_wake_op: syz.0.252 tries to shift op by -1; fix this program
[   46.951037][ T4424] xt_hashlimit: size too large, truncated to 1048576
[   46.963537][ T4422] loop1: detected capacity change from 0 to 256
[   47.148735][ T4436] netlink: 4 bytes leftover after parsing attributes in process `syz.0.261'.
[   47.328338][ T4453] team0 (unregistering): Port device team_slave_0 removed
[   47.345924][ T4453] team0 (unregistering): Port device team_slave_1 removed
[   47.430650][ T4457] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=18 sclass=netlink_audit_socket pid=4457 comm=syz.5.269
[   47.536058][ T4467] netlink: 4 bytes leftover after parsing attributes in process `syz.0.270'.
[   47.748578][ T4475] sch_tbf: burst 25 is lower than device netdevsim0 mtu (1514) !
[   47.927303][ T4493] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.946863][ T4489] netlink: 24 bytes leftover after parsing attributes in process `syz.4.280'.
[   48.008938][ T4493] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.058390][ T4493] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.081650][ T4506] loop1: detected capacity change from 0 to 512
[   48.096718][ T4506] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   48.109844][ T4506] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   48.129095][ T4506] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   48.142533][ T4506] EXT4-fs (loop1): 1 truncate cleaned up
[   48.148962][ T4506] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.165646][ T4493] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.180960][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.247447][ T4493] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.270077][ T4493] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.300337][ T4493] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.319360][ T4493] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.339566][ T4523] netlink: 12 bytes leftover after parsing attributes in process `syz.4.290'.
[   48.348540][ T4523] netlink: 'syz.4.290': attribute type 25 has an invalid length.
[   48.397915][ T4523] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   48.406707][ T4523] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   48.415516][ T4523] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   48.424245][ T4523] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   48.448344][ T4526] loop5: detected capacity change from 0 to 256
[   48.461362][ T4531] netlink: 24 bytes leftover after parsing attributes in process `syz.0.297'.
[   48.470340][ T4529] loop1: detected capacity change from 0 to 512
[   48.492559][ T4529] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.518904][ T4529] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.599347][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.758095][ T4545] loop0: detected capacity change from 0 to 4096
[   48.808472][ T4545] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.810514][ T4552] loop1: detected capacity change from 0 to 2048
[   48.827814][ T4552] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   48.884802][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.965940][ T4559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.307'.
[   49.058232][ T4569] ip6gretap0: entered promiscuous mode
[   49.064755][ T4569] batadv_slave_0: entered promiscuous mode
[   49.072060][ T4569] ip6gretap0: left promiscuous mode
[   49.081299][ T4569] batadv_slave_0: left promiscuous mode
[   49.133114][ T4572] loop4: detected capacity change from 0 to 2048
[   49.141218][ T4572] EXT4-fs: Ignoring removed oldalloc option
[   49.161368][ T4572] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.211825][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.362500][   T29] kauditd_printk_skb: 440 callbacks suppressed
[   49.362515][   T29] audit: type=1326 audit(1737314696.428:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4587 comm="syz.3.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   49.409991][   T29] audit: type=1326 audit(1737314696.468:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4587 comm="syz.3.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   49.433326][   T29] audit: type=1326 audit(1737314696.468:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4587 comm="syz.3.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   49.456698][   T29] audit: type=1326 audit(1737314696.468:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4587 comm="syz.3.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   49.480023][   T29] audit: type=1326 audit(1737314696.468:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4587 comm="syz.3.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   49.503358][   T29] audit: type=1326 audit(1737314696.468:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4587 comm="syz.3.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   49.510817][ T4526] syz.5.294 (4526) used greatest stack depth: 7184 bytes left
[   49.526637][   T29] audit: type=1326 audit(1737314696.468:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4587 comm="syz.3.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1fd70b5d63 code=0x7ffc0000
[   49.557240][   T29] audit: type=1326 audit(1737314696.468:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4587 comm="syz.3.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1fd70b5d63 code=0x7ffc0000
[   49.580602][   T29] audit: type=1326 audit(1737314696.468:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4587 comm="syz.3.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   49.603994][   T29] audit: type=1326 audit(1737314696.468:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4587 comm="syz.3.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   49.943451][ T4620] loop0: detected capacity change from 0 to 512
[   49.977452][ T4620] EXT4-fs (loop0): too many log groups per flexible block group
[   49.985190][ T4620] EXT4-fs (loop0): failed to initialize mballoc (-12)
[   49.995757][ T4620] EXT4-fs (loop0): mount failed
[   50.072783][ T4634] loop0: detected capacity change from 0 to 512
[   50.100629][ T4634] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   50.123720][ T4634] EXT4-fs (loop0): 1 truncate cleaned up
[   50.131340][ T4634] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.278241][ T4651] loop1: detected capacity change from 0 to 2048
[   50.302301][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.355681][ T4661] loop0: detected capacity change from 0 to 1024
[   50.364111][ T4651] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.384964][ T4661] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.454794][ T4670] netlink: 'syz.3.338': attribute type 10 has an invalid length.
[   50.467428][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.562538][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.727495][ T4695] netlink: 'syz.1.344': attribute type 7 has an invalid length.
[   50.735204][ T4695] netlink: 8 bytes leftover after parsing attributes in process `syz.1.344'.
[   50.816450][ T4704] loop1: detected capacity change from 0 to 2048
[   50.865135][ T4704]  loop1: p1 < > p3
[   50.875528][ T4704] loop1: p3 size 134217728 extends beyond EOD, truncated
[   50.888730][ T3000]  loop1: p1 < > p3
[   50.892700][ T4710] loop5: detected capacity change from 0 to 1024
[   50.905736][ T3000] loop1: p3 size 134217728 extends beyond EOD, truncated
[   50.920569][ T4710] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   50.956912][ T3285] udevd[3285]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   50.970812][ T3528] udevd[3528]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   50.978615][ T4710] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   50.991928][ T4710] EXT4-fs (loop5): orphan cleanup on readonly fs
[   51.001137][ T3528] udevd[3528]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   51.011630][ T4710] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   51.023084][ T3285] udevd[3285]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   51.036035][ T4710] EXT4-fs (loop5): Remounting filesystem read-only
[   51.042877][ T4710] EXT4-fs (loop5): 1 orphan inode deleted
[   51.049524][ T4710] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   51.061722][ T4710] SELinux: (dev loop5, type ext4) getxattr errno 5
[   51.061763][ T4713] wg2: entered promiscuous mode
[   51.073251][ T4713] wg2: entered allmulticast mode
[   51.080661][ T4710] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.156579][ T4716] netlink: 4 bytes leftover after parsing attributes in process `syz.1.352'.
[   51.491980][ T4726] loop1: detected capacity change from 0 to 1024
[   51.536013][ T4726] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.561096][ T4726] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.581111][ T4726] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.355: bg 0: block 32: padding at end of block bitmap is not set
[   51.630861][ T4733] blackhole_netdev_xmit(): Dropping skb.
[   51.636633][ T4733] blackhole_netdev_xmit(): Dropping skb.
[   51.642316][ T4733] blackhole_netdev_xmit(): Dropping skb.
[   51.648038][ T4733] blackhole_netdev_xmit(): Dropping skb.
[   51.653714][ T4733] blackhole_netdev_xmit(): Dropping skb.
[   51.659432][ T4733] blackhole_netdev_xmit(): Dropping skb.
[   51.665082][ T4733] blackhole_netdev_xmit(): Dropping skb.
[   51.670740][ T4733] blackhole_netdev_xmit(): Dropping skb.
[   51.676406][ T4733] blackhole_netdev_xmit(): Dropping skb.
[   51.682177][ T4733] blackhole_netdev_xmit(): Dropping skb.
[   51.733089][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.886787][ T4739] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.359'.
[   51.913819][ T4740] pim6reg1: entered promiscuous mode
[   51.919274][ T4740] pim6reg1: entered allmulticast mode
[   52.077258][ T4749] loop1: detected capacity change from 0 to 128
[   52.086036][ T4749] syz.1.363: attempt to access beyond end of device
[   52.086036][ T4749] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   52.101198][ T4749] infiniband syz0: set active
[   52.122824][ T4749] bond0: (slave bond_slave_0): Releasing backup interface
[   52.133391][ T4749] bond0: (slave bond_slave_1): Releasing backup interface
[   52.149542][ T4749] team0: Port device team_slave_0 removed
[   52.160731][ T4749] team0: Port device team_slave_1 removed
[   52.170487][ T4749] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   52.178128][ T4749] batman_adv: batadv0: Removing interface: batadv_slave_0
[   52.192387][ T4749] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   52.199958][ T4749] batman_adv: batadv0: Removing interface: batadv_slave_1
[   52.236030][ T3375] lo speed is unknown, defaulting to 1000
[   52.361423][ T4760] loop1: detected capacity change from 0 to 128
[   52.479787][   T28] kworker/u8:1: attempt to access beyond end of device
[   52.479787][   T28] loop1: rw=1, sector=129, nr_sectors = 912 limit=128
[   52.581907][ T4770] netlink: 40 bytes leftover after parsing attributes in process `syz.4.374'.
[   52.619518][ T4770] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.667341][ T4770] bridge_slave_0 (unregistering): left allmulticast mode
[   52.674479][ T4770] bridge_slave_0 (unregistering): left promiscuous mode
[   52.681576][ T4770] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.800237][ T4781] lo speed is unknown, defaulting to 1000
[   53.053209][ T4794] mmap: syz.3.378 (4794) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   53.228399][ T4800] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   53.603837][ T4828] serio: Serial port ptm1
[   53.684857][ T4842] loop4: detected capacity change from 0 to 512
[   53.695816][ T4842] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   53.713430][ T4842] EXT4-fs (loop4): 1 truncate cleaned up
[   53.720012][ T4842] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.443955][ T4909] loop0: detected capacity change from 0 to 128
[   54.496821][   T29] kauditd_printk_skb: 125 callbacks suppressed
[   54.496912][   T29] audit: type=1326 audit(1737314701.568:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.3.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   54.528849][   T29] audit: type=1326 audit(1737314701.598:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.3.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   54.552330][   T29] audit: type=1326 audit(1737314701.598:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.3.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   54.562808][ T4923] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   54.575768][   T29] audit: type=1326 audit(1737314701.598:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.3.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   54.605740][   T29] audit: type=1326 audit(1737314701.598:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.3.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   54.629163][   T29] audit: type=1326 audit(1737314701.598:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.3.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   54.652698][   T29] audit: type=1326 audit(1737314701.598:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.3.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   54.675985][   T29] audit: type=1326 audit(1737314701.598:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.3.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   54.699731][   T29] audit: type=1326 audit(1737314701.598:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.3.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   54.723256][   T29] audit: type=1326 audit(1737314701.598:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.3.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   54.748901][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.787526][ T4933] netlink: 4 bytes leftover after parsing attributes in process `syz.0.398'.
[   54.797091][ T4933] netlink: 4 bytes leftover after parsing attributes in process `syz.0.398'.
[   54.927466][ T4942] netlink: 8 bytes leftover after parsing attributes in process `syz.0.403'.
[   54.964595][ T4944] pim6reg1: entered promiscuous mode
[   54.970766][ T4944] pim6reg1: entered allmulticast mode
[   55.012468][ T4950] ip6gretap0: entered promiscuous mode
[   55.019343][ T4950] batadv_slave_0: entered promiscuous mode
[   55.026692][ T4950] ip6gretap0: left promiscuous mode
[   55.032221][ T4950] batadv_slave_0: left promiscuous mode
[   55.249290][ T4969] @: renamed from vlan0 (while UP)
[   55.338743][ T4974] netlink: 4 bytes leftover after parsing attributes in process `syz.1.417'.
[   55.416581][ T4985] loop5: detected capacity change from 0 to 512
[   55.437278][ T4985] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #15: comm syz.5.418: corrupted in-inode xattr: invalid ea_ino
[   55.460453][ T4985] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.418: couldn't read orphan inode 15 (err -117)
[   55.473048][ T4985] EXT4-fs (loop5): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.557852][ T4985] netlink: 4 bytes leftover after parsing attributes in process `syz.5.418'.
[   55.667067][ T3736] EXT4-fs (loop5): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[   55.723195][ T5024] ip6gre1: entered allmulticast mode
[   56.561246][ T5044] loop0: detected capacity change from 0 to 2048
[   56.567810][ T5046] batadv_slave_0: entered promiscuous mode
[   56.568295][ T5044] EXT4-fs: Ignoring removed bh option
[   56.587874][ T5044] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.605951][ T5044] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #12: comm syz.0.436: corrupted in-inode xattr: e_name out of bounds
[   56.609190][ T5050] netlink: 'syz.1.437': attribute type 10 has an invalid length.
[   56.765628][ T5056] netlink: 4 bytes leftover after parsing attributes in process `syz.5.440'.
[   56.775141][ T5056] netlink: 4 bytes leftover after parsing attributes in process `syz.5.440'.
[   56.894837][ T5066] loop4: detected capacity change from 0 to 2048
[   56.902701][ T5066] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   57.140710][ T5079] pim6reg1: entered promiscuous mode
[   57.146078][ T5079] pim6reg1: entered allmulticast mode
[   57.232365][ T3693] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   57.253100][ T3693] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 28
[   57.265721][ T3693] EXT4-fs (loop0): This should not happen!! Data will be lost
[   57.265721][ T3693] 
[   57.275726][ T3693] EXT4-fs (loop0): Total free blocks count 0
[   57.281966][ T3693] EXT4-fs (loop0): Free/Dirty block details
[   57.287957][ T3693] EXT4-fs (loop0): free_blocks=2415919104
[   57.293697][ T3693] EXT4-fs (loop0): dirty_blocks=8208
[   57.299032][ T3693] EXT4-fs (loop0): Block reservation details
[   57.305053][ T3693] EXT4-fs (loop0): i_reserved_data_blocks=513
[   57.357141][ T3693] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28
[   57.380694][ T5107] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.450'.
[   57.535749][ T5110] Zero length message leads to an empty skb
[   57.603255][ T5112] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=18 sclass=netlink_audit_socket pid=5112 comm=syz.1.451
[   57.763939][ T5124] loop0: detected capacity change from 0 to 1024
[   57.807040][ T5124] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   57.845775][ T5124] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.866791][ T5135] pim6reg1: entered promiscuous mode
[   57.872199][ T5135] pim6reg1: entered allmulticast mode
[   57.948364][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.998323][ T5143] netlink: 4 bytes leftover after parsing attributes in process `syz.4.463'.
[   58.096415][ T5146] loop5: detected capacity change from 0 to 512
[   58.106542][ T5146] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[   58.137415][ T5146] EXT4-fs error (device loop5): ext4_orphan_get:1389: inode #17: comm syz.5.464: iget: bad i_size value: -6917529027641081756
[   58.185437][ T5146] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.464: couldn't read orphan inode 17 (err -117)
[   58.225201][ T5146] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.289327][ T5151] netlink: 100 bytes leftover after parsing attributes in process `syz.1.476'.
[   58.311707][ T5152] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=18 sclass=netlink_audit_socket pid=5152 comm=syz.4.466
[   58.324780][ T3736] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.410227][ T5161] loop0: detected capacity change from 0 to 512
[   58.435808][ T5161] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.470068][ T5161] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.519514][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.563936][ T5178] syz.0.483[5178] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.564003][ T5178] syz.0.483[5178] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.576636][ T5178] syz.0.483[5178] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.283797][ T5207] net_ratelimit: 1202 callbacks suppressed
[   59.283818][ T5207] netlink: zone id is out of range
[   59.316557][ T5207] netlink: set zone limit has 4 unknown bytes
[   59.670824][ T5258] pim6reg1: entered promiscuous mode
[   59.676265][ T5258] pim6reg1: entered allmulticast mode
[   59.704995][ T5261] loop4: detected capacity change from 0 to 128
[   59.711632][ T5261] EXT4-fs: Ignoring removed nobh option
[   59.729425][ T5261] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   59.742022][ T5261] ext4 filesystem being mounted at /85/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   59.762327][   T29] kauditd_printk_skb: 907 callbacks suppressed
[   59.762343][   T29] audit: type=1400 audit(1737314706.828:1905): avc:  denied  { mounton } for  pid=5265 comm="syz.0.493" path="/117/file0" dev="tmpfs" ino=624 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   59.812944][   T29] audit: type=1400 audit(1737314706.878:1906): avc:  denied  { setattr } for  pid=5260 comm="syz.4.492" path="/85/mnt/file1" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   59.849305][   T29] audit: type=1400 audit(1737314706.908:1907): avc:  denied  { create } for  pid=5260 comm="syz.4.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   59.941465][ T5273] loop0: detected capacity change from 0 to 1024
[   59.956169][ T3300] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   59.980714][ T5273] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.011060][ T5273] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.024034][   T29] audit: type=1400 audit(1737314707.098:1908): avc:  denied  { ioctl } for  pid=5272 comm="syz.0.496" path="/118/file1/file1" dev="loop0" ino=15 ioctlcmd=0x5839 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   60.102214][   T29] audit: type=1326 audit(1737314707.168:1909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5288 comm="syz.1.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25562e5d29 code=0x7ffc0000
[   60.125756][   T29] audit: type=1326 audit(1737314707.168:1910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5288 comm="syz.1.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25562e5d29 code=0x7ffc0000
[   60.153093][ T5291] loop5: detected capacity change from 0 to 512
[   60.163445][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.187765][ T5291] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.210901][   T29] audit: type=1326 audit(1737314707.178:1911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5288 comm="syz.1.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f25562e5d29 code=0x7ffc0000
[   60.234281][   T29] audit: type=1326 audit(1737314707.178:1912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5288 comm="syz.1.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25562e5d29 code=0x7ffc0000
[   60.257803][   T29] audit: type=1326 audit(1737314707.178:1913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5288 comm="syz.1.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25562e5d29 code=0x7ffc0000
[   60.265546][ T5291] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.281172][   T29] audit: type=1326 audit(1737314707.188:1914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5288 comm="syz.1.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f25562e5d29 code=0x7ffc0000
[   60.390511][ T3736] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.460207][ T5306] lo speed is unknown, defaulting to 1000
[   60.563865][ T5324] loop5: detected capacity change from 0 to 128
[   61.536757][ T5354] loop5: detected capacity change from 0 to 164
[   61.668975][ T5360] syz.5.512: attempt to access beyond end of device
[   61.668975][ T5360] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   61.731973][ T5360] syz.5.512: attempt to access beyond end of device
[   61.731973][ T5360] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[   61.829595][ T5363] loop0: detected capacity change from 0 to 2048
[   61.926414][ T5363] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.002280][ T5363] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.585337][ T5372] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.515: bg 0: block 345: padding at end of block bitmap is not set
[   62.620279][ T5372] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[   62.632884][ T5372] EXT4-fs (loop0): This should not happen!! Data will be lost
[   62.632884][ T5372] 
[   62.753379][ T5377] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[   62.762277][ T5377] SELinux: failed to load policy
[   62.832998][ T3693] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[   62.845764][ T3693] EXT4-fs (loop0): This should not happen!! Data will be lost
[   62.845764][ T3693] 
[   62.922780][   T28] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[   62.935630][   T28] EXT4-fs (loop0): This should not happen!! Data will be lost
[   62.935630][   T28] 
[   62.945348][   T28] EXT4-fs (loop0): Total free blocks count 0
[   62.951438][   T28] EXT4-fs (loop0): Free/Dirty block details
[   62.957635][   T28] EXT4-fs (loop0): free_blocks=0
[   63.437303][ T5426] netlink: 'syz.0.523': attribute type 16 has an invalid length.
[   63.445152][ T5426] netlink: 'syz.0.523': attribute type 17 has an invalid length.
[   63.497112][ T5426] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   63.727989][ T5440] loop1: detected capacity change from 0 to 128
[   63.752191][ T5440] EXT4-fs: Ignoring removed nobh option
[   63.780577][ T5440] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   63.824155][ T5440] ext4 filesystem being mounted at /110/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   63.889035][ T5447] loop0: detected capacity change from 0 to 2048
[   63.918188][ T5447] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.994968][ T5447] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 8 with max blocks 2 with error 28
[   64.007281][ T5447] EXT4-fs (loop0): This should not happen!! Data will be lost
[   64.007281][ T5447] 
[   64.016999][ T5447] EXT4-fs (loop0): Total free blocks count 0
[   64.022993][ T5447] EXT4-fs (loop0): Free/Dirty block details
[   64.028972][ T5447] EXT4-fs (loop0): free_blocks=0
[   64.034185][ T5447] EXT4-fs (loop0): dirty_blocks=0
[   64.039371][ T5447] EXT4-fs (loop0): Block reservation details
[   64.045441][ T5447] EXT4-fs (loop0): i_reserved_data_blocks=0
[   64.053984][ T3297] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   64.148647][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.201632][ T5453] lo speed is unknown, defaulting to 1000
[   65.136667][ T5525] netlink: 4 bytes leftover after parsing attributes in process `syz.1.546'.
[   65.155417][ T5527] netlink: 2 bytes leftover after parsing attributes in process `syz.0.545'.
[   65.168847][ T5527] netlink: 2 bytes leftover after parsing attributes in process `syz.0.545'.
[   65.197075][   T29] kauditd_printk_skb: 47 callbacks suppressed
[   65.197088][   T29] audit: type=1326 audit(1737314712.268:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   65.235474][ T5525] hsr_slave_1 (unregistering): left promiscuous mode
[   65.243046][   T29] audit: type=1326 audit(1737314712.298:1963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   65.266327][   T29] audit: type=1326 audit(1737314712.298:1964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   65.289755][   T29] audit: type=1326 audit(1737314712.298:1965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.0.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   65.363758][ T5532] syz.0.548[5532] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.363833][ T5532] syz.0.548[5532] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.415515][ T5532] syz.0.548[5532] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.489615][ T5537] netlink: 24 bytes leftover after parsing attributes in process `syz.0.550'.
[   65.536023][ T5537] netlink: 4 bytes leftover after parsing attributes in process `syz.0.550'.
[   65.719523][ T5542] lo speed is unknown, defaulting to 1000
[   65.961530][ T5557] loop4: detected capacity change from 0 to 512
[   65.970307][ T5557] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   65.979820][ T5557] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.061717][ T3300] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 3: comm syz-executor: path /93/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   66.083577][ T3300] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 12: comm syz-executor: path /93/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   66.085458][ T3300] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 13: comm syz-executor: path /93/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   66.086531][ T3300] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 14: comm syz-executor: path /93/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   66.087552][ T3300] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 15: comm syz-executor: path /93/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   66.087741][ T3300] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /93/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   66.087947][ T3300] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 17: comm syz-executor: path /93/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   66.088140][ T3300] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #2: block 18: comm syz-executor: lblock 23 mapped to illegal pblock 18 (length 1)
[   66.088390][ T3300] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 19: comm syz-executor: path /93/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   66.092073][ T3300] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 20: comm syz-executor: path /93/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[   66.413171][   T29] audit: type=1400 audit(1737314713.478:1966): avc:  denied  { ioctl } for  pid=5573 comm="syz.5.558" path="/dev/usbmon0" dev="devtmpfs" ino=141 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   66.839697][ T5593] netlink: 8 bytes leftover after parsing attributes in process `syz.0.560'.
[   66.848536][ T5593] netlink: 12 bytes leftover after parsing attributes in process `syz.0.560'.
[   67.179039][ T5589] lo speed is unknown, defaulting to 1000
[   67.208048][   T29] audit: type=1400 audit(1737314714.278:1967): avc:  denied  { write } for  pid=5590 comm="syz.0.560" path="socket:[10481]" dev="sockfs" ino=10481 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   67.511233][   T29] audit: type=1400 audit(1737314714.578:1968): avc:  denied  { read } for  pid=5606 comm="syz.0.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   67.639851][   T29] audit: type=1400 audit(1737314714.708:1969): avc:  denied  { bind } for  pid=5609 comm="syz.0.564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   67.668317][ T5610] netlink: 4 bytes leftover after parsing attributes in process `syz.0.564'.
[   67.787370][   T29] audit: type=1400 audit(1737314714.858:1970): avc:  denied  { wake_alarm } for  pid=5611 comm="syz.0.565" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   67.819041][ T5616] loop5: detected capacity change from 0 to 512
[   67.828242][ T5614] loop1: detected capacity change from 0 to 512
[   67.846995][ T5616] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   67.864165][ T5616] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   67.876526][ T5614] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.900223][ T5616] System zones: 1-12
[   67.904252][ T5614] ext4 filesystem being mounted at /118/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   67.921625][ T5616] EXT4-fs (loop5): 1 truncate cleaned up
[   67.934966][ T5616] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.954704][   T29] audit: type=1400 audit(1737314715.018:1971): avc:  denied  { execute } for  pid=5620 comm="syz.3.568" path="/133/bus" dev="tmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   68.009373][ T5614] EXT4-fs error (device loop1): ext4_get_first_dir_block:3547: inode #12: block 32: comm syz.1.566: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   68.030221][ T5614] EXT4-fs error (device loop1): ext4_get_first_dir_block:3550: inode #12: comm syz.1.566: directory missing '.'
[   68.055314][ T5616] loop5: detected capacity change from 512 to 0
[   68.072934][ T5624] syz.5.567: attempt to access beyond end of device
[   68.072934][ T5624] loop5: rw=524288, sector=12, nr_sectors = 2 limit=0
[   68.087421][ T5624] syz.5.567: attempt to access beyond end of device
[   68.087421][ T5624] loop5: rw=524288, sector=14, nr_sectors = 2 limit=0
[   68.087964][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.102584][ T5624] syz.5.567: attempt to access beyond end of device
[   68.102584][ T5624] loop5: rw=524288, sector=18, nr_sectors = 2 limit=0
[   68.143158][ T5624] syz.5.567: attempt to access beyond end of device
[   68.143158][ T5624] loop5: rw=12288, sector=16, nr_sectors = 2 limit=0
[   68.156579][    C1] I/O error, dev loop5, sector 10 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   68.190414][ T5624] EXT4-fs error (device loop5): ext4_get_inode_loc:4573: inode #15: block 8: comm syz.5.567: unable to read itable block
[   68.232741][ T5624] syz.5.567: attempt to access beyond end of device
[   68.232741][ T5624] loop5: rw=145409, sector=2, nr_sectors = 2 limit=0
[   68.245943][ T5624] Buffer I/O error on dev loop5, logical block 1, lost sync page write
[   68.265104][ T5630] loop1: detected capacity change from 0 to 2048
[   68.293491][ T5630] EXT4-fs: Ignoring removed bh option
[   68.307030][ T5624] EXT4-fs (loop5): I/O error while writing superblock
[   68.315894][ T5632] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=7 sclass=netlink_xfrm_socket pid=5632 comm=syz.0.572
[   68.328850][ T5624] syz.5.567: attempt to access beyond end of device
[   68.328850][ T5624] loop5: rw=524288, sector=10, nr_sectors = 2 limit=0
[   68.343892][ T5624] syz.5.567: attempt to access beyond end of device
[   68.343892][ T5624] loop5: rw=524288, sector=12, nr_sectors = 2 limit=0
[   68.343939][ T5624] syz.5.567: attempt to access beyond end of device
[   68.343939][ T5624] loop5: rw=524288, sector=14, nr_sectors = 2 limit=0
[   68.343996][ T5624] syz.5.567: attempt to access beyond end of device
[   68.343996][ T5624] loop5: rw=524288, sector=18, nr_sectors = 2 limit=0
[   68.344026][ T5624] syz.5.567: attempt to access beyond end of device
[   68.344026][ T5624] loop5: rw=12288, sector=16, nr_sectors = 2 limit=0
[   68.344098][ T5624] EXT4-fs error (device loop5): ext4_get_inode_loc:4573: inode #15: block 8: comm syz.5.567: unable to read itable block
[   68.344135][ T5624] Buffer I/O error on dev loop5, logical block 1, lost sync page write
[   68.344161][ T5624] EXT4-fs (loop5): I/O error while writing superblock
[   68.344246][ T5624] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5837: IO failure
[   68.344273][ T5624] Buffer I/O error on dev loop5, logical block 1, lost sync page write
[   68.344290][ T5624] EXT4-fs (loop5): I/O error while writing superblock
[   68.344304][ T5624] EXT4-fs error (device loop5): ext4_setattr:5507: inode #15: comm syz.5.567: mark_inode_dirty error
[   68.344335][ T5624] Buffer I/O error on dev loop5, logical block 1, lost sync page write
[   68.344352][ T5624] EXT4-fs (loop5): I/O error while writing superblock
[   68.344415][ T5624] EXT4-fs error (device loop5) in ext4_setattr:5568: IO failure
[   68.344482][ T5624] Buffer I/O error on dev loop5, logical block 1, lost sync page write
[   68.344496][ T5624] EXT4-fs (loop5): I/O error while writing superblock
[   68.344757][ T5630] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.434618][ T5638] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   68.434753][ T5638] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 544 with error 28
[   68.434826][ T5638] EXT4-fs (loop1): This should not happen!! Data will be lost
[   68.434826][ T5638] 
[   68.434840][ T5638] EXT4-fs (loop1): Total free blocks count 0
[   68.434851][ T5638] EXT4-fs (loop1): Free/Dirty block details
[   68.434862][ T5638] EXT4-fs (loop1): free_blocks=2415919104
[   68.434873][ T5638] EXT4-fs (loop1): dirty_blocks=560
[   68.434885][ T5638] EXT4-fs (loop1): Block reservation details
[   68.434906][ T5638] EXT4-fs (loop1): i_reserved_data_blocks=35
[   68.466966][   T50] EXT4-fs error (device loop5): __ext4_get_inode_loc_noinmem:4558: inode #18: block 9: comm kworker/u8:3: unable to read itable block
[   68.467039][   T50] Buffer I/O error on dev loop5, logical block 1, lost sync page write
[   68.467053][   T50] EXT4-fs (loop5): I/O error while writing superblock
[   68.472209][ T3736] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.500079][ T3736] Buffer I/O error on dev loop5, logical block 1, lost sync page write
[   68.500099][ T3736] EXT4-fs (loop5): I/O error while writing superblock
[   68.539143][   T50] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[   68.628520][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.1.578'.
[   68.699253][ T5651] xt_hashlimit: max too large, truncated to 1048576
[   68.837002][ T5655] bridge0: entered promiscuous mode
[   68.837096][ T5655] macvlan2: entered promiscuous mode
[   68.838302][ T5655] bridge0: port 1(macvlan2) entered blocking state
[   68.838332][ T5655] bridge0: port 1(macvlan2) entered disabled state
[   68.838427][ T5655] macvlan2: entered allmulticast mode
[   68.838443][ T5655] bridge0: entered allmulticast mode
[   68.838988][ T5655] macvlan2: left allmulticast mode
[   68.839002][ T5655] bridge0: left allmulticast mode
[   68.839553][ T5655] bridge0: left promiscuous mode
[   68.904343][ T5656] lo speed is unknown, defaulting to 1000
[   68.946214][ T5670] netlink: 4 bytes leftover after parsing attributes in process `syz.3.586'.
[   69.154125][ T5678] loop0: detected capacity change from 0 to 2048
[   69.161393][ T5678] EXT4-fs: Ignoring removed bh option
[   69.190812][ T5656] chnl_net:caif_netlink_parms(): no params data found
[   69.199836][ T5678] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.319471][ T5656] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.326789][ T5656] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.356634][ T5684] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   69.375407][ T5656] bridge_slave_0: entered allmulticast mode
[   69.406654][ T5656] bridge_slave_0: entered promiscuous mode
[   69.418503][ T5684] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 480 with error 28
[   69.430981][ T5684] EXT4-fs (loop0): This should not happen!! Data will be lost
[   69.430981][ T5684] 
[   69.435684][ T5656] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.440693][ T5684] EXT4-fs (loop0): Total free blocks count 0
[   69.440709][ T5684] EXT4-fs (loop0): Free/Dirty block details
[   69.440720][ T5684] EXT4-fs (loop0): free_blocks=2415919104
[   69.447818][ T5656] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.453762][ T5684] EXT4-fs (loop0): dirty_blocks=496
[   69.477761][ T5684] EXT4-fs (loop0): Block reservation details
[   69.483759][ T5684] EXT4-fs (loop0): i_reserved_data_blocks=31
[   69.510461][ T5656] bridge_slave_1: entered allmulticast mode
[   69.517077][ T5656] bridge_slave_1: entered promiscuous mode
[   69.546471][ T5656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.565604][ T5656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.600313][ T5656] team0: Port device team_slave_0 added
[   69.612755][ T5656] team0: Port device team_slave_1 added
[   69.638617][ T5656] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.645617][ T5656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.671746][ T5656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.684521][   T28] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[   69.713126][ T5656] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.720233][ T5656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.746153][ T5656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.787267][ T5692] loop0: detected capacity change from 0 to 128
[   69.830463][ T5656] hsr_slave_0: entered promiscuous mode
[   69.848569][ T5656] hsr_slave_1: entered promiscuous mode
[   70.001551][ T5656] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   70.029444][ T5656] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   70.050895][ T5656] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   70.073660][ T5656] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   70.166985][ T5656] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.197897][ T5656] 8021q: adding VLAN 0 to HW filter on device team0
[   70.221958][ T3693] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.229085][ T3693] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.262990][ T3693] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.270163][ T3693] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.570771][ T5706] loop1: detected capacity change from 0 to 512
[   70.633754][ T5706] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.671155][ T5656] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.685465][ T5706] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.896883][ T5724] syz.1.598[5724] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.897016][ T5724] syz.1.598[5724] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.908462][ T5724] syz.1.598[5724] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.546620][ T5656] veth0_vlan: entered promiscuous mode
[   71.619160][ T5656] veth1_vlan: entered promiscuous mode
[   71.677297][ T5656] veth0_macvtap: entered promiscuous mode
[   71.708858][ T5656] veth1_macvtap: entered promiscuous mode
[   71.751623][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.762137][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.771982][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.782504][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.903584][ T5656] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.965968][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.976714][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.986732][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.997185][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.021182][ T5740] loop0: detected capacity change from 0 to 2048
[   72.065844][ T5656] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.077049][ T5656] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.085841][ T5656] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.094636][ T5656] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.103357][ T5656] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.162559][   T29] kauditd_printk_skb: 8 callbacks suppressed
[   72.162584][   T29] audit: type=1400 audit(1737314719.218:1980): avc:  denied  { mount } for  pid=5656 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   72.282862][   T29] audit: type=1400 audit(1737314719.288:1981): avc:  denied  { mount } for  pid=5656 comm="syz-executor" name="/" dev="gadgetfs" ino=3537 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   72.357960][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.427272][ T5746] netlink: 'syz.1.603': attribute type 21 has an invalid length.
[   72.435070][ T5746] netlink: 8 bytes leftover after parsing attributes in process `syz.1.603'.
[   72.439510][ T5740] Alternate GPT is invalid, using primary GPT.
[   72.450252][ T5740]  loop0: p2 p3 p7
[   72.753564][ T3000] Alternate GPT is invalid, using primary GPT.
[   72.760086][ T3000]  loop0: p2 p3 p7
[   73.046771][ T5751] loop1: detected capacity change from 0 to 164
[   73.104410][ T5753] lo speed is unknown, defaulting to 1000
[   73.136474][ T5751] bio_check_eod: 20911 callbacks suppressed
[   73.136490][ T5751] syz.1.605: attempt to access beyond end of device
[   73.136490][ T5751] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   73.185416][ T5751] syz.1.605: attempt to access beyond end of device
[   73.185416][ T5751] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   73.206844][ T5757] netlink: 4 bytes leftover after parsing attributes in process `syz.3.606'.
[   73.223951][   T29] audit: type=1400 audit(1737314720.288:1982): avc:  denied  { execmem } for  pid=5750 comm="syz.1.605" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   73.571041][ T5772] syz.0.611[5772] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.571119][ T5772] syz.0.611[5772] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.583866][ T5772] syz.0.611[5772] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.598803][ T5772] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   73.634060][   T29] audit: type=1400 audit(1737314720.688:1983): avc:  denied  { create } for  pid=5774 comm="syz.1.612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   73.654370][   T29] audit: type=1400 audit(1737314720.688:1984): avc:  denied  { write } for  pid=5774 comm="syz.1.612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   73.674536][   T29] audit: type=1400 audit(1737314720.688:1985): avc:  denied  { nlmsg_write } for  pid=5774 comm="syz.1.612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   73.788766][ T5781] loop1: detected capacity change from 0 to 8192
[   73.886612][ T5787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.617'.
[   74.260990][   T29] audit: type=1326 audit(1737314721.328:1986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5794 comm="syz.0.619" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55fa585d29 code=0x0
[   74.766154][ T5805] lo speed is unknown, defaulting to 1000
[   75.027936][ T5808] netlink: 64 bytes leftover after parsing attributes in process `syz.0.624'.
[   75.179554][ T5812] bridge: RTM_NEWNEIGH with invalid ether address
[   75.245070][ T5819] netlink: 40 bytes leftover after parsing attributes in process `syz.1.628'.
[   75.381606][ T3300] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   75.407131][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.478831][ T5832] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.509139][ T5828] netlink: 4 bytes leftover after parsing attributes in process `syz.4.557'.
[   75.530533][ T5832] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.546600][ T5836] loop1: detected capacity change from 0 to 1024
[   75.555229][ T5836] EXT4-fs: Ignoring removed nobh option
[   75.586976][ T5836] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.601184][ T5832] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.618021][ T5836] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.634: bg 0: block 456: padding at end of block bitmap is not set
[   75.639454][   T29] audit: type=1400 audit(1737314722.708:1987): avc:  denied  { remove_name } for  pid=5835 comm="syz.1.634" name="file0" dev="loop1" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   75.661737][   T29] audit: type=1400 audit(1737314722.708:1988): avc:  denied  { rmdir } for  pid=5835 comm="syz.1.634" name="file0" dev="loop1" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   75.685671][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.729861][ T5832] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.730740][ T5847] sd 0:0:1:0: device reset
[   75.747811][ T5843] pim6reg1: entered promiscuous mode
[   75.753163][ T5843] pim6reg1: entered allmulticast mode
[   75.813585][ T5832] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.825271][ T5832] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.836924][ T5832] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.848444][ T5832] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.944876][   T29] audit: type=1400 audit(1737314723.008:1989): avc:  denied  { create } for  pid=5853 comm="syz.6.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   76.015864][ T5859] wg2: left promiscuous mode
[   76.020511][ T5859] wg2: left allmulticast mode
[   76.020564][ T5860] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   76.035874][ T5860] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   76.129218][ T5866] netlink: 4 bytes leftover after parsing attributes in process `syz.3.646'.
[   76.173574][ T5871] team0: entered promiscuous mode
[   76.178743][ T5871] team_slave_0: entered promiscuous mode
[   76.184462][ T5871] team_slave_1: entered promiscuous mode
[   76.191865][ T5870] team0: left promiscuous mode
[   76.196732][ T5870] team_slave_0: left promiscuous mode
[   76.202260][ T5870] team_slave_1: left promiscuous mode
[   76.282045][ T5875] loop0: detected capacity change from 0 to 512
[   76.293725][ T5875] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   76.316892][ T5875] EXT4-fs (loop0): 1 truncate cleaned up
[   76.323147][ T5875] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.339784][ T5875] netlink: 664 bytes leftover after parsing attributes in process `syz.0.649'.
[   76.361077][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.447109][ T5888] netlink: 104 bytes leftover after parsing attributes in process `syz.0.652'.
[   76.582366][ T5898] loop6: detected capacity change from 0 to 512
[   76.597573][ T5898] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.610284][ T5898] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.835484][ T5902] syz.6.657[5902] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.835599][ T5902] syz.6.657[5902] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.847756][ T5902] syz.6.657[5902] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.205298][   T29] kauditd_printk_skb: 32 callbacks suppressed
[   77.205317][   T29] audit: type=1400 audit(1737314724.258:2022): avc:  denied  { read } for  pid=5907 comm="syz.1.660" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   77.369004][ T5914] syz.0.663[5914] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.369140][ T5914] syz.0.663[5914] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.386098][ T5916] loop4: detected capacity change from 0 to 512
[   77.405186][ T5914] syz.0.663[5914] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.407974][ T5916] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   77.491631][ T5918] lo speed is unknown, defaulting to 1000
[   77.497122][ T5916] EXT4-fs (loop4): 1 truncate cleaned up
[   77.542985][   T29] audit: type=1400 audit(1737314724.608:2023): avc:  denied  { sqpoll } for  pid=5923 comm="syz.0.666" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   77.552595][ T5916] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.627014][ T5916] netlink: 664 bytes leftover after parsing attributes in process `syz.4.664'.
[   77.643833][ T5920] loop1: detected capacity change from 0 to 8192
[   77.712502][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.259514][   T29] audit: type=1326 audit(1737314725.328:2024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5967 comm="syz.4.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb5d271cce7 code=0x7ffc0000
[   78.282891][   T29] audit: type=1326 audit(1737314725.328:2025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5967 comm="syz.4.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb5d26c1f29 code=0x7ffc0000
[   78.306202][   T29] audit: type=1326 audit(1737314725.328:2026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5967 comm="syz.4.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb5d271cce7 code=0x7ffc0000
[   78.329858][   T29] audit: type=1326 audit(1737314725.328:2027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5967 comm="syz.4.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb5d26c1f29 code=0x7ffc0000
[   78.353370][   T29] audit: type=1326 audit(1737314725.328:2028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5967 comm="syz.4.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5d2725d29 code=0x7ffc0000
[   78.376791][   T29] audit: type=1326 audit(1737314725.328:2029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5967 comm="syz.4.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5d2725d29 code=0x7ffc0000
[   78.400237][   T29] audit: type=1326 audit(1737314725.328:2030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5967 comm="syz.4.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5d2725d29 code=0x7ffc0000
[   78.423575][   T29] audit: type=1326 audit(1737314725.328:2031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5967 comm="syz.4.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5d2725d29 code=0x7ffc0000
[   78.433367][ T5968] loop4: detected capacity change from 0 to 512
[   78.512559][ T5968] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[   78.589205][ T5979] loop1: detected capacity change from 0 to 128
[   78.705661][ T5994] loop1: detected capacity change from 0 to 2048
[   78.764519][ T5994] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.814648][ T6001] loop0: detected capacity change from 0 to 512
[   78.821761][ T6001] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   78.832025][ T6001] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002]
[   78.840057][ T6001] EXT4-fs (loop0): orphan cleanup on readonly fs
[   78.847742][ T6001] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #11: comm syz.0.678: attempt to clear invalid blocks 1024 len 1
[   78.861654][ T6001] EXT4-fs (loop0): Remounting filesystem read-only
[   78.869733][ T6001] EXT4-fs (loop0): 1 truncate cleaned up
[   78.875818][ T6001] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[   78.878968][ T6004] loop4: detected capacity change from 0 to 1024
[   78.887792][ T6001] SELinux: (dev loop0, type ext4) getxattr errno 5
[   78.888341][ T6001] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[   78.942956][ T6004] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.964861][ T6004] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.023155][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.552033][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.724503][ T5656] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.061138][ T6029] lo speed is unknown, defaulting to 1000
[   80.479940][ T6032] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[   80.788488][ T6040] netlink: 4 bytes leftover after parsing attributes in process `syz.1.692'.
[   80.975484][ T6063] loop4: detected capacity change from 0 to 512
[   80.987144][ T6063] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   81.010202][ T6063] EXT4-fs (loop4): 1 truncate cleaned up
[   81.016419][ T6063] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.322508][ T6048] Set syz1 is full, maxelem 65536 reached
[   81.458714][ T6073] netlink: 'syz.6.702': attribute type 11 has an invalid length.
[   81.466591][ T6073] netlink: 140 bytes leftover after parsing attributes in process `syz.6.702'.
[   81.468607][ T6074] loop0: detected capacity change from 0 to 2048
[   81.491746][ T6074] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.702125][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.776843][ T6093] netlink: 'syz.4.710': attribute type 10 has an invalid length.
[   81.792110][ T6098] bond_slave_0: entered promiscuous mode
[   81.797891][ T6098] bond_slave_1: entered promiscuous mode
[   81.804740][ T6098] macvtap1: entered promiscuous mode
[   81.810083][ T6098] bond0: entered promiscuous mode
[   81.817370][ T6098] 8021q: adding VLAN 0 to HW filter on device macvtap1
[   81.847846][ T6102] netlink: 28 bytes leftover after parsing attributes in process `syz.1.714'.
[   81.856866][ T6102] netlink: 28 bytes leftover after parsing attributes in process `syz.1.714'.
[   81.867352][ T6098] bond0: left promiscuous mode
[   81.872429][ T6098] bond_slave_0: left promiscuous mode
[   81.877855][ T6098] bond_slave_1: left promiscuous mode
[   81.878012][ T6100] netlink: 4 bytes leftover after parsing attributes in process `syz.4.710'.
[   81.894976][ T6093] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.932739][ T6093] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.939860][ T6093] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.950306][ T6093] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   81.961146][ T6102] team0: entered promiscuous mode
[   81.968298][ T6102] team0: left promiscuous mode
[   81.974960][ T6100] bridge_slave_1: left allmulticast mode
[   81.980757][ T6100] bridge_slave_1: left promiscuous mode
[   81.986530][ T6100] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.141102][ T6100] bond0: (slave bridge0): Releasing backup interface
[   82.318491][   T29] kauditd_printk_skb: 98 callbacks suppressed
[   82.318582][   T29] audit: type=1400 audit(1737314729.388:2130): avc:  denied  { rmdir } for  pid=3302 comm="syz-executor" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   82.351109][ T3302] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   82.377434][   T29] audit: type=1400 audit(1737314729.448:2131): avc:  denied  { unlink } for  pid=3302 comm="syz-executor" name="file1" dev="loop0" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[   82.416346][ T6110] netlink: 4 bytes leftover after parsing attributes in process `syz.3.717'.
[   82.418786][   T29] audit: type=1400 audit(1737314729.488:2132): avc:  denied  { unlink } for  pid=3302 comm="syz-executor" name="bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   82.448703][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.470189][ T6110] hsr_slave_1 (unregistering): left promiscuous mode
[   82.539095][   T29] audit: type=1326 audit(1737314729.608:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6120 comm="syz.3.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   82.562538][   T29] audit: type=1326 audit(1737314729.608:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6120 comm="syz.3.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   82.588300][   T29] audit: type=1326 audit(1737314729.658:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6120 comm="syz.3.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   82.611889][   T29] audit: type=1326 audit(1737314729.658:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6120 comm="syz.3.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   82.635356][   T29] audit: type=1326 audit(1737314729.658:2137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6120 comm="syz.3.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   82.658834][   T29] audit: type=1326 audit(1737314729.658:2138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6120 comm="syz.3.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   82.682904][   T29] audit: type=1326 audit(1737314729.658:2139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6120 comm="syz.3.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd70b5d29 code=0x7ffc0000
[   82.835553][ T6125] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.906643][ T6125] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.931240][ T6132] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[   82.992874][ T6125] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.044110][ T6140] random: crng reseeded on system resumption
[   83.106012][ T6146] netlink: 4 bytes leftover after parsing attributes in process `syz.4.732'.
[   83.114989][ T6144] netlink: 96 bytes leftover after parsing attributes in process `syz.0.731'.
[   83.146939][ T6125] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.243831][ T6125] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.278709][ T6125] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.303248][ T6125] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.315157][ T6125] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.462336][ T6162] loop1: detected capacity change from 0 to 1024
[   83.474611][ T6162] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   83.488492][ T6162] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   83.497048][ T6162] EXT4-fs (loop1): orphan cleanup on readonly fs
[   83.511131][ T6168] loop0: detected capacity change from 0 to 256
[   83.518198][ T6166] netlink: 28 bytes leftover after parsing attributes in process `syz.3.740'.
[   83.527154][ T6166] netlink: 28 bytes leftover after parsing attributes in process `syz.3.740'.
[   83.537604][ T6162] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   83.596967][ T6171] IPv4: Oversized IP packet from 127.202.26.0
[   83.606559][ T6162] EXT4-fs (loop1): Remounting filesystem read-only
[   83.613231][ T6162] EXT4-fs (loop1): 1 orphan inode deleted
[   83.633360][ T6166] team0: entered promiscuous mode
[   83.638452][ T6166] team_slave_0: entered promiscuous mode
[   83.644145][ T6166] team_slave_1: entered promiscuous mode
[   83.665469][ T6162] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   83.678727][ T6166] team0: left promiscuous mode
[   83.678915][ T6162] SELinux: (dev loop1, type ext4) getxattr errno 5
[   83.683616][ T6166] team_slave_0: left promiscuous mode
[   83.683670][ T6166] team_slave_1: left promiscuous mode
[   83.692065][ T6162] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.766689][ T6180] netlink: 4 bytes leftover after parsing attributes in process `syz.0.746'.
[   83.799005][ T6180] hsr_slave_1 (unregistering): left promiscuous mode
[   83.843775][ T6182] loop1: detected capacity change from 0 to 2048
[   83.881820][ T6182] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.110206][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.120043][ T6206] loop4: detected capacity change from 0 to 128
[   84.326670][ T6210] lo speed is unknown, defaulting to 1000
[   84.336344][ T6206] syz.4.764: attempt to access beyond end of device
[   84.336344][ T6206] loop4: rw=0, sector=121, nr_sectors = 920 limit=128
[   84.387776][ T6215] loop6: detected capacity change from 0 to 512
[   84.410565][ T6215] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   84.418305][ T6217] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.441007][ T6215] EXT4-fs (loop6): 1 truncate cleaned up
[   84.457798][ T6215] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.515414][ T6217] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.586101][ T6217] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.614747][ T6217] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.929606][ T6215] Set syz1 is full, maxelem 65536 reached
[   85.108845][ T5656] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.219203][ T6227] syz.1.760[6227] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.219338][ T6227] syz.1.760[6227] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.255620][ T6227] syz.1.760[6227] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.550485][ T6237] lo speed is unknown, defaulting to 1000
[   85.899586][ T6244] loop4: detected capacity change from 0 to 512
[   85.909869][ T6244] EXT4-fs: inline encryption not supported
[   85.937148][ T6244] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.949920][ T6244] ext4 filesystem being mounted at /127/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   85.990553][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.044546][ T6251] syzkaller0: entered allmulticast mode
[   86.230874][ T6265] loop6: detected capacity change from 0 to 2048
[   86.238305][ T6265] EXT4-fs: Ignoring removed nobh option
[   86.267005][ T6265] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.268475][ T6264] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   86.301411][ T6265] EXT4-fs (loop6): shut down requested (0)
[   86.305751][ T6264] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   86.324251][ T6265] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[   86.352000][ T6265] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[   86.399593][ T6265] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[   86.419969][ T6271] 9Hÿ: renamed from bond0 (while UP)
[   86.451700][ T6271] 9Hÿ: entered promiscuous mode
[   86.456851][ T6271] bond_slave_0: entered promiscuous mode
[   86.462811][ T6271] bond_slave_1: entered promiscuous mode
[   86.515747][ T6269] loop4: detected capacity change from 0 to 8192
[   86.523214][ T5656] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.523705][ T6277] lo speed is unknown, defaulting to 1000
[   86.625923][ T6287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   86.638062][ T6287] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   86.698767][ T6290] .: renamed from bond0 (while UP)
[   86.863219][ T6298] infiniband syz!: set active
[   86.868093][ T6298] infiniband syz!: added team_slave_0
[   86.880709][ T6299] loop4: detected capacity change from 0 to 512
[   86.887080][ T6301] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   86.902843][ T6299] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.789: corrupted in-inode xattr: invalid ea_ino
[   86.918200][ T6298] RDS/IB: syz!: added
[   86.926728][ T6298] smc: adding ib device syz! with port count 1
[   86.930661][ T6299] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.789: couldn't read orphan inode 15 (err -117)
[   86.950270][ T6298] smc:    ib device syz! port 1 has pnetid 
[   86.979115][ T6299] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.101383][ T6313] syzkaller0: entered allmulticast mode
[   87.193441][ T6316] bridge0: port 3(bond0) entered blocking state
[   87.199797][ T6316] bridge0: port 3(bond0) entered disabled state
[   87.218074][ T6316] bond0: entered allmulticast mode
[   87.223234][ T6316] bond_slave_0: entered allmulticast mode
[   87.229007][ T6316] bond_slave_1: entered allmulticast mode
[   87.237114][ T6316] bond0: entered promiscuous mode
[   87.242303][ T6316] bond_slave_0: entered promiscuous mode
[   87.248158][ T6316] bond_slave_1: entered promiscuous mode
[   87.255681][ T6316] bridge0: port 3(bond0) entered blocking state
[   87.261965][ T6316] bridge0: port 3(bond0) entered forwarding state
[   87.274503][ T6317] lo speed is unknown, defaulting to 1000
[   87.781038][   T29] kauditd_printk_skb: 282 callbacks suppressed
[   87.781054][   T29] audit: type=1326 audit(1737314734.848:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6324 comm="syz.0.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   87.843773][   T29] audit: type=1326 audit(1737314734.878:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6324 comm="syz.0.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   87.867240][   T29] audit: type=1326 audit(1737314734.878:2420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6324 comm="syz.0.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   87.890762][   T29] audit: type=1326 audit(1737314734.878:2421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6324 comm="syz.0.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   87.914136][   T29] audit: type=1326 audit(1737314734.888:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6324 comm="syz.0.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   87.937593][   T29] audit: type=1326 audit(1737314734.888:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6324 comm="syz.0.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   87.961070][   T29] audit: type=1326 audit(1737314734.888:2424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6324 comm="syz.0.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   87.984707][   T29] audit: type=1326 audit(1737314734.888:2425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6324 comm="syz.0.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   88.008259][   T29] audit: type=1326 audit(1737314734.888:2426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6324 comm="syz.0.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   88.031677][   T29] audit: type=1326 audit(1737314734.888:2427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6324 comm="syz.0.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55fa585d29 code=0x7ffc0000
[   88.057899][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.123465][ T6329] netlink: 36 bytes leftover after parsing attributes in process `syz.4.811'.
[   88.132395][ T6329] netlink: 16 bytes leftover after parsing attributes in process `syz.4.811'.
[   88.133314][ T6331] loop6: detected capacity change from 0 to 128
[   88.141272][ T6329] netlink: 36 bytes leftover after parsing attributes in process `syz.4.811'.
[   88.185635][ T6329] netlink: 36 bytes leftover after parsing attributes in process `syz.4.811'.
[   88.244676][ T6331] syz.6.801: attempt to access beyond end of device
[   88.244676][ T6331] loop6: rw=0, sector=121, nr_sectors = 920 limit=128
[   88.302314][ T6335] SET target dimension over the limit!
[   88.384218][ T6339] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   88.392350][ T6339] batadv_slave_0: entered promiscuous mode
[   88.525708][ T6344] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6344 comm=syz.0.806
[   88.607464][ T6349] netlink: 4 bytes leftover after parsing attributes in process `syz.4.808'.
[   88.767069][ T6353] loop0: detected capacity change from 0 to 8192
[   88.974852][ T6359] ==================================================================
[   88.983235][ T6359] BUG: KCSAN: data-race in mark_buffer_dirty_inode / sync_mapping_buffers
[   88.991783][ T6359] 
[   88.994124][ T6359] write to 0xffff88811c415400 of 8 bytes by task 6356 on cpu 0:
[   89.001774][ T6359]  sync_mapping_buffers+0x159/0x7c0
[   89.006994][ T6359]  fat_file_fsync+0xa7/0x100
[   89.011615][ T6359]  vfs_fsync_range+0x116/0x130
[   89.016410][ T6359]  generic_file_write_iter+0x185/0x1c0
[   89.021895][ T6359]  iter_file_splice_write+0x5f1/0x980
[   89.027289][ T6359]  direct_splice_actor+0x160/0x2c0
[   89.032418][ T6359]  splice_direct_to_actor+0x302/0x670
[   89.037819][ T6359]  do_splice_direct+0xd7/0x150
[   89.042623][ T6359]  do_sendfile+0x398/0x660
[   89.047064][ T6359]  __x64_sys_sendfile64+0x110/0x150
[   89.052309][ T6359]  x64_sys_call+0xfbd/0x2dc0
[   89.056926][ T6359]  do_syscall_64+0xc9/0x1c0
[   89.061455][ T6359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.067391][ T6359] 
[   89.069735][ T6359] read to 0xffff88811c415400 of 8 bytes by task 6359 on cpu 1:
[   89.077387][ T6359]  mark_buffer_dirty_inode+0x96/0x1c0
[   89.082787][ T6359]  fat_mirror_bhs+0x241/0x330
[   89.087506][ T6359]  fat_alloc_clusters+0x994/0xa80
[   89.092553][ T6359]  fat_get_block+0x25c/0x5e0
[   89.097171][ T6359]  __block_write_begin_int+0x417/0xfa0
[   89.102661][ T6359]  cont_write_begin+0x546/0x860
[   89.107547][ T6359]  fat_write_begin+0x51/0xe0
[   89.112156][ T6359]  generic_perform_write+0x1a8/0x4a0
[   89.117483][ T6359]  __generic_file_write_iter+0xa1/0x120
[   89.123066][ T6359]  generic_file_write_iter+0x77/0x1c0
[   89.128471][ T6359]  vfs_write+0x77f/0x920
[   89.132743][ T6359]  ksys_write+0xe8/0x1b0
[   89.137036][ T6359]  __x64_sys_write+0x42/0x50
[   89.141651][ T6359]  x64_sys_call+0x287e/0x2dc0
[   89.146355][ T6359]  do_syscall_64+0xc9/0x1c0
[   89.150877][ T6359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.156813][ T6359] 
[   89.159149][ T6359] value changed: 0xffff8881062d6c08 -> 0x0000000000000000
[   89.166284][ T6359] 
[   89.168631][ T6359] Reported by Kernel Concurrency Sanitizer on:
[   89.174792][ T6359] CPU: 1 UID: 0 PID: 6359 Comm: syz.0.810 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[   89.185442][ T6359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   89.195518][ T6359] ==================================================================