last executing test programs:

3m36.599506892s ago: executing program 32 (id=1742):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
mmap(&(0x7f0000a19000/0x4000)=nil, 0x4000, 0x6, 0x12, r1, 0x76c25000)

3m36.492699514s ago: executing program 33 (id=1744):
r0 = syz_io_uring_setup(0x204, &(0x7f0000000480)={0x0, 0xbe09, 0x800, 0x0, 0x31e}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0xb, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x4, 0xfcc0, 0x41, 0x0, 0x0)
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

3m35.231395939s ago: executing program 34 (id=1745):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000340)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r1, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20)
bpf$LINK_DETACH(0x22, &(0x7f00000001c0)=r2, 0x4)

3m8.892878313s ago: executing program 35 (id=2973):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x5f, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r0}, 0x10)
syz_clone(0x40100000, 0x0, 0x0, 0x0, 0x0, 0x0)

2m33.780036698s ago: executing program 36 (id=3692):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
recvmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x10000)
syz_open_procfs(0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)

2m33.762398399s ago: executing program 37 (id=3693):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x58}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x40000000015, 0x5, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

2m32.779766638s ago: executing program 38 (id=3710):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000007cc0)=@newlink={0x3c, 0x10, 0x503, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21111, 0x62000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x7}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48890}, 0x0)

2m32.753601008s ago: executing program 39 (id=3709):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)=@generic={&(0x7f0000000040)='./file0\x00', r0}, 0x18)

2m32.70274778s ago: executing program 40 (id=3707):
r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r2}, 0x18)
keyctl$restrict_keyring(0xa, r0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')

1m55.551900445s ago: executing program 41 (id=4581):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x2, @multicast, 'ip_vti0\x00'}}, 0x1e)
connect$pppoe(r1, &(0x7f0000000340)={0x18, 0x0, {0x0, @multicast, 'macvlan0\x00'}}, 0x1e)

1m55.26871402s ago: executing program 42 (id=4598):
syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x21881e, &(0x7f00000000c0)={[{@mb_optimize_scan}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x4}}]}, 0x1, 0x50f, &(0x7f0000000140)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOUCQqgSokeQtiHxRlHsOIqd0oQ9pGeuSFTiBEf+AG5IPSFx5ILgxqUckPgRgRokDoNmPMk6WbuJNokdxZ+PNJr35s36+32bnffWL4lfACPrdkTsR8RERLwbEbP59UJ+xFudI73vk4NHK4cHj1YKkSTv/LOQtafXouvPpG7lr1mOiO9/O+JHhSfjtnb3Npbr9dp2Xp9vN7bmW7t799Yby2u1tdpmtbq0uLTwxv3Xq5fW15caE3npix//Yf9rP0nTmsmvdPfjMnW6XjqOkxqPiO9eRbAhGMv7MzHsRHgqxYh4PiJezp7/2RjLvpoAwE2WJLORzHbXAYCbrpitgRWKlXwtYCaKxUqls4b3QkwX681W++7D5s7mametbC5KxYfr9dpCvlY4F6VCWl/Myo/r1VP1+xHxXET8bHIqq1dWmvXVYf7HBwBG2K1T8/9/JjvzPwBww5WHnQAAMHDmfwAYPeZ/ABg95n8AGD2d+X9q2GkAAAPk/T8AjB7zPwCMlO+9/XZ6JIf551+vvre7s9F8795qrbVRaeysVFaa21uVtWZzLfvMnsZZr1dvNrcWX4ud9+e+vtVqz7d29x40mjub7QfZ53o/qJWyu/YH0DMAoJ/nXvroz4V0Rn5zKjuiay+H0lAzA65acdgJAEMzNuwEgKGx2xeMrgu8x7c8ADdEjy16j/3+W0lS7vULQkmSJFebFnCF7nzO+j+Mqq71fz8FDCPG+j+MLuv/MLqSpHDePf/jvDcCANebNX6gz/f/n8/Pv86/OfDD1dN3fHiVWQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD1drT/byXfC3wmisVKJeKZiJiLUuHher22EBHPRsSfJkuTaX1xyDkDABdV/Fsh3//rzuyrMyeaXrx1XJyIiB//4p2fv7/cbm//MWKi8K/Jo+vtD/Pr1cFnDwCc7Wiezs5db+Q/OXi0cnQMMp+/fzMiyp34hwcTcXgcfzzGs3M5ShEx/e9CXu8odK1dXMT+BxHx2V79L8RMtgbS2fn0dPw09jMDjV88Eb+YtXXO6d/FZy4hFxg1H6Xjz1u9nr9i3M7OvZ//cjZCXVw+/qUvtXKYjYGP4x+Nf2N9xr/b543x2u++0ylNPdn2QcTnxyOOYh92jT9H8Qt94r96+sX6DIh/+cKLL/fLLfllxJ3oHb871ny7sTXf2t27t95YXqut1Tar1aXFpYU37r9enc/WqOf7zwb/ePPus/3a0v5P94lfPqP/X+4b8aRf/e/dH3zpU+J/9ZVe8YvxwqfET+fEr5wz/vL0b8r92tL4q336f9bX/+4543/8170ntg0HAIantbu3sVyv17b7Fn47ffY9CgoDKaT/ZK9BGj0L3xhUrIno3fTTVzrP9KmmJHmqWCfHicfvHC9j1Q24Do4f+oj477CTAQAAAAAAAAAAAAAAehrEbywNu48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcXP8PAAD//9140jY=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x124)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x187842, 0x0)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x94)
ftruncate(r2, 0x2007ffc)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000240)={0x3920e, r0, 0x3, 0x1, 0x5, 0x53000000})

1m55.044698994s ago: executing program 43 (id=4608):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000400)='map_files\x00')
getdents(r2, 0x0, 0x0)

1m48.689801629s ago: executing program 44 (id=4777):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x5, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
openat(r2, &(0x7f00000000c0)='./file0\x00', 0x6a1c2, 0x50)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, './file0\x00'}, 0x6e)

1m29.742422228s ago: executing program 45 (id=5605):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r2, 0x0)
kexec_load(0x5, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x10000}], 0x0)

1m23.215266096s ago: executing program 46 (id=5818):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x97a3}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r3], 0x2c}}, 0x0)

1m8.328362346s ago: executing program 47 (id=6340):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x9, 0x6, 0x8, 0x8, 0x2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffa}, 0x50)

1m7.093936041s ago: executing program 48 (id=6356):
r0 = fsopen(&(0x7f0000000000)='devpts\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f00000001c0)=""/55, 0x37)

1m4.513121531s ago: executing program 49 (id=6422):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000002c0)='kmem_cache_free\x00', r1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000040c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
syz_emit_ethernet(0x3e, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000286dd60"], 0x0)

57.271736762s ago: executing program 50 (id=6675):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
r2 = syz_io_uring_setup(0x487, &(0x7f00000000c0)={0x0, 0x9010, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10000, 0x1})
io_uring_enter(r2, 0x3517, 0x173d, 0x42, 0x0, 0x0)

56.269411142s ago: executing program 5 (id=6711):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=@migrate={0xec, 0x21, 0x1, 0x0, 0xfffffffe, {{@in6=@private2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0xfffc, 0x0, 0x0, 0x0, 0xa, 0xe0, 0x80}, 0x2}, [@migrate={0x9c, 0x11, [{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@multicast2, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2b, 0x3, 0x0, 0x3504, 0xa, 0x2}, {@in=@private=0xa010102, @in6=@private0, @in6=@remote, @in=@broadcast, 0x6c, 0x1, 0x0, 0x0, 0xa, 0xa}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x800}, 0x0)

56.245523362s ago: executing program 5 (id=6712):
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRES8, @ANYRESHEX], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

56.199769173s ago: executing program 5 (id=6714):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x3ac66eac)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = eventfd2(0x0, 0x0)
readv(r1, &(0x7f0000000500)=[{&(0x7f0000000000)=""/92, 0x5c}], 0x1)

55.915756858s ago: executing program 9 (id=6721):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
readahead(0xffffffffffffffff, 0x7, 0x0)

54.642678153s ago: executing program 5 (id=6732):
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x8001, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='./file0/../file0/../file0/../file0\x00')

54.601347164s ago: executing program 9 (id=6725):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10)
recvmmsg(r0, &(0x7f0000001140)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/39, 0x27}], 0x1}, 0x46}], 0x1, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r1, 0x11, 0xa, &(0x7f0000000040)=0x4, 0x4)
sendmsg(r1, &(0x7f0000002c40)={&(0x7f0000000140)=@in={0x2, 0x4e24, @empty}, 0x80, &(0x7f0000001780)=[{&(0x7f00000001c0)='k', 0x1}], 0x1}, 0x0)

54.599858344s ago: executing program 5 (id=6727):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
r1 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2, 0x2, {0x3}}, 0x18)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r1)

54.497668656s ago: executing program 9 (id=6745):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000010000c50000000e00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='rxrpc_peer\x00', r0}, 0x10)
r1 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r1, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24)
sendmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '\n'}], 0x18, 0xe000}, 0x5}], 0x1, 0x0)

54.458727867s ago: executing program 9 (id=6736):
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x8001, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='./file0/../file0/../file0/../file0\x00')

54.429479257s ago: executing program 9 (id=6738):
r0 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r1}, 0x18)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x24403}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)

54.370800269s ago: executing program 5 (id=6740):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100), 0x8, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000002000000e27f000003"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
faccessat(r2, &(0x7f0000000000)='./file0\x00', 0x5)

54.370589889s ago: executing program 51 (id=6740):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100), 0x8, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000002000000e27f000003"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
faccessat(r2, &(0x7f0000000000)='./file0\x00', 0x5)

54.211105912s ago: executing program 9 (id=6756):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000000c0)={{0x2, 0xee01, 0x0, 0x0, 0xffffffffffffffff, 0x1a, 0x7}, 0x0, 0x0, 0x80, 0x101, 0x0, 0x14, 0x1, 0xe9, 0x3, 0x6})

54.194517772s ago: executing program 52 (id=6756):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000000c0)={{0x2, 0xee01, 0x0, 0x0, 0xffffffffffffffff, 0x1a, 0x7}, 0x0, 0x0, 0x80, 0x101, 0x0, 0x14, 0x1, 0xe9, 0x3, 0x6})

50.986419395s ago: executing program 8 (id=6779):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000780)={{0x14}, [@NFT_MSG_DELRULE={0x38, 0x6, 0xa, 0xe01, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x60}, 0x1, 0x0, 0x0, 0x20048880}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), r1)
sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000940)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x3}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x64000)

50.952864585s ago: executing program 8 (id=6781):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
msgsnd(0x0, 0x0, 0x401, 0x0)

50.918855696s ago: executing program 8 (id=6782):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x28, r1, 0x800, 0x70bd2a, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz0\x00'}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x2400c0c0}, 0x4001)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002e09000018000180140002006261746164765f736c6176655f31"], 0x2c}}, 0x0)
syz_open_dev$loop(&(0x7f0000000000), 0xfff, 0x80)

50.879469807s ago: executing program 8 (id=6785):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2f4, &(0x7f0000000900)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOn8oKVMKYVKEb6fhMxhzj3tvZ2SnNt02Lrz+nEhZ2k5vSLBmJKAiMi2yIgExRNwj0E7jkqzF3Jx8NvH/2/dvXcjnclMzig1lZ69lFJKDY++e/Is7g5bH5DNkQdbX1NfNv/e/Hfr5+yjvKXyliqWKkpXc6XPFX3ONNRC3ipoSk2bhm4ZKl+0jLKTLzn5nFlaXKwqvbgwlFgsG5al9GJVFYyqqpRUpVxVoYd6vqg0TVNDCUEn2ZWZGT19yOL5Hk8Gv0m5nNZDIhLfk8mu9GVCAACgr1r7/6CoXvb/q+c2KoO314bd/n896tf/X/7kPNau/j8mIr79v/f8vv2/3l3/v7cjOluO1P/jZBiN7jkVaIT1ZDmtJ9y/X9vL+6tjdkD/DwAAAAAAAAAAAAAAAAAAAADAn2C7VkvWarWkd/R+6rmYiDT/3iIkIlePf8bopXbXf6Dz9ccp0LhxLzwsYr5ayi5lnaM7YENETDFkTJLyw34/uOqxd+eRqhuR9+ayW7+8lA3ZmXRO8nb9uCQj0lpfq01dz0yOK8fu+ogkmutTkpS//OtTvvVRuXC+qV6TpHyYl5KYsmDPo1H/fFypazczLfVxexwAAAAAAKeBpnb47t81rV3eqd/ZX7d+PhBq7K/HfPfnYfkv3N+1AwAAAABwVljVpwXdNI3yPkFcOo9xgsgBxrQG4W4GdxF4Kzxolfddhh5P42CB9+S7UjH3ZM9flkAXL0ubICiHqRqtr0YddRXex0btxsj0xPFfQTv4583b7717wCtrsQ4rPXwQ2v8NEHG//gUAAADgFGk0/d6Zif5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+g4/jtav9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//9p2gTn")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
r1 = syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x2480)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}})

50.565350243s ago: executing program 8 (id=6795):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_timeval(r1, 0x1, 0x43, &(0x7f0000000000)={0x0, 0x2710}, 0x10)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e)

50.17291418s ago: executing program 8 (id=6801):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000b80)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}})
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

50.142280751s ago: executing program 53 (id=6801):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000b80)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}})
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

36.763980362s ago: executing program 4 (id=7401):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000001100)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000280)='io\x00')
preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/230, 0xe6}], 0x1, 0x401, 0x9)

36.684641404s ago: executing program 4 (id=7404):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
r3 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r3, &(0x7f0000000040)=[{0x4, 0x7, 0x0, 0x0, @tick=0xf64b, {0x0, 0xb8}, {0x4, 0x6}, @control={0x2, 0x7f, 0x2}}, {0x0, 0x3, 0x0, 0x4, @time={0x83, 0xa77f}, {0x2, 0x4}, {0x0, 0x2}, @control={0x8, 0x4, 0x4c8}}], 0x38)

36.677418864s ago: executing program 4 (id=7407):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000e2000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r3 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000001600)={r2, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

36.575983206s ago: executing program 4 (id=7411):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000140)='./file0/../file0\x00')
pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00')

36.575545976s ago: executing program 4 (id=7413):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="5c060101140d"], 0x6)

36.080339406s ago: executing program 4 (id=7437):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="8b332cbd70000000000005000000080003"], 0x2c}}, 0x4c002)

36.072279796s ago: executing program 54 (id=7437):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="8b332cbd70000000000005000000080003"], 0x2c}}, 0x4c002)

6.118182001s ago: executing program 3 (id=8742):
syz_open_dev$tty1(0xc, 0x4, 0x4)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x4, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x3, 0x0, 0x3, 0x5, 0x0, 0x4070bd2c, 0x25dfdbfc, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @empty}}]}, 0x28}, 0x1, 0x7}, 0x0)

6.018935843s ago: executing program 3 (id=8737):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000040))

5.975974473s ago: executing program 3 (id=8739):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)

5.894219415s ago: executing program 3 (id=8743):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='utf8=1,utf8=1,utf8\x00\x00,utf8=1,shortname=win95,errors=remount-ro,uni_xlate=1,\x00'], 0x3, 0x236, &(0x7f0000000380)="$eJzs2r+LHGUYB/BnLomJFy574i8SEF+0UJshd7VFDrmAuKBoVoiCZOLN6rLj7rGzHKyIuUpb/wRrsbQTJaXNNf4FFnbXXJlCHEl2Y3JhLYKYXfXzafaBZ7/M8+67vLzFHL761Sf9bp13i3GsZFmsXIr9uJXFeqzEXfvxyktXf3runavvvbHVbm+/ndLlrSsbmymlc8//+P5n375wc3z23e/OfX86DtY/ODza/PXgmYPzh79f+bhXp16dBsNxKtL14XBcXK/KtNOr+3lKb1VlUZepN6jL0bF+txru7k5SMdhZW90dlXWdisEk9ctJGg/TeDRJxUdFb5DyPE9rq8Hf0fnmVtPEUXPqWjRN8/jXcfZmrP0SrcieSNmTl7Knr2XP7mfnj5qmtehR+UfY//+3+w71MxHVl3udvc70c9rf6kYvqijjYrTit7j9N5mZ1pdfb29fTHesxxfVjVn+xl7nxPH8RrRifX5+Y5pPx/OnYzXiVMQsvxmteGpO/ofY3pybPxMvv3jf8/Noxc8fxjCq2Inb2XvP/3wjpdfebD+Qv3DnewAA/zV5+tPc+1ue/1V/mn+I++ED96uTceHkYtdORD35tF9UVTn6txd3F7Qs8yxr8dic1onZb7ccEyqWoljcmcSjc2/TFz0JAAAAAAAAAAAAD+NRvE646DUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADL7Y8AAAD//+u8zfo=")
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000240)='K', 0x1}], 0x1, 0x0, 0x0, 0x11000000}, 0x4008014)
r0 = syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000540))
ptrace$cont(0x21, r0, 0x0, 0x0)

5.802256457s ago: executing program 3 (id=8747):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xff\xff\xff\x7f\x00')
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000140)=[{&(0x7f00000001c0)="580000001400192340834b80040d8c560a067f0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c10000000010000000000", 0x58}], 0x1)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)

4.956593304s ago: executing program 3 (id=8768):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="5953fdfffffffddbdf256b000000080043"], 0x28}}, 0x50)

4.933996873s ago: executing program 55 (id=8768):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="5953fdfffffffddbdf256b000000080043"], 0x28}}, 0x50)

591.445348ms ago: executing program 1 (id=8941):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r1, 0x0, 0x9}, 0x18)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

555.805699ms ago: executing program 1 (id=8944):
perf_event_open(0x0, 0x0, 0x9, 0xffffffffffffffff, 0x2)
r0 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x79ab, 0x8, 0x8000, 0x400250}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000400)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_UNLINKAT={0x24, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000580)='./file0\x00', 0x0, 0x200, 0x1})
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2000009, 0x4082172, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)

499.60171ms ago: executing program 1 (id=8948):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@noblock_validity}]}, 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3M1rVFcbAPDn3nwYNb6JL/LyWkoNtGChOBrFSl2py9ZFof0DDHEiIdcPkhRMcBHbhXRVC910UWgXpX9AoetstNBV6aaVFrqXShHdp9zJnWQwM0mqMx4/fj84c8/HZM7z5JK555C5E8BLa6x8yCP2R8S5LGKk6s8jYrBRG4pYWn3eg/vXJh/evzaZxcrKB39nkVV9zdfKquPuqjEUEb+cyeK/n2ycd25hcWaiKOqzVfvw/MUrh+cWFg9NX5y4UL9QvzR+YvzY8RPHjr99pGu5vrv35tmvxk/t+f7Mrauv3fj9yyxOxXA11ppHt4zFWKxUWvv7I2Ki25Ml0lflk7X0Zf0JAwIAYFN5yxrufzESfbG+eBuJW78mDQ4AAADoipW+WPsfFQAAAPCiyuz/AQAA4AXX/BzAg/vXJpsl7ScSnq57pyNitF3+/bHUOA7FQETsepBF622t2eqPPbGxiNj30+iPZYke3Ye8maXrEfH/dvlnjfxHG3dxb8w/j4hu3Jk99kj7ecr/VBfmT50/AC+n5dOrF7KN1798bf0Tba5//W2uXY8j9fWv8/pvPf++Duu/97c5R/3Ap593Gmtd/xXfvnq7nL88PlFS/8K96xGv9Hde/5T5Zx3yP7fNOQb++PmHTmNl/mW+zfK081/5JuJg2/3P+jfaZJt/P9HhqemiXj22nePG7e/2dZq/9fyXpZy/uRd4Gsrzv6tD/lud/yvbnGP5r4N/dhrbOv/87mD2YaM2WPVcnZifnx2PGMzObuw/unkszec0X6PM/83XN//7b5d/+Z6wVP0eyr3A9epYtj9+ZM5D773zxuPn31tl/ucf8/zf3OYcX382e7fTWOr8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+5BExHFleW6vnea0WsTsi9sWuvLg8N//W1OWPLp0vxyJGYyCfmi7qRyJiZLWdle3xRn29ffSR9rGI2BsRX4zsbLRrk5eL86mTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM3uiBiOLK9FRB4RD0fyvFZLHRUAAADQdaOpAwAAAAB6zv4fAAAAXnz2/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTY3gPLd7KIWDq5s1FKg9XYQNLIgF7LUwcAJNOXOgAgmf7UAQDJ2OMD2RbjQx1HdnQ9FgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeXQf3L9/JImLp5M5GKQ1WYwNJIwN6LU8dAJBMX+oAgGT6UwcAJGOPD2RbjA91HNnR9VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHYNN0qW1yIib9TzvFaL2BMRozGQTU0X9SMR8Z+I+G1kYEfZHk8dNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF03t7A4M1EU9VkVFRWVtUrqdyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFKYW1icmSiK+uxc6kgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1OYWFmcmiqI+28NK6hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEjnnwAAAP///JMJmQ==")
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000240))

420.661772ms ago: executing program 1 (id=8952):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = add_key$user(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x0}, &(0x7f00000000c0)='5', 0x1, 0xfffffffffffffffd)
keyctl$KEYCTL_MOVE(0x1e, r2, 0xfffffffffffffffb, 0xffffffffffffffff, 0x1)

420.069302ms ago: executing program 6 (id=8954):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000069000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

413.493342ms ago: executing program 1 (id=8955):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

402.627872ms ago: executing program 6 (id=8956):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000048000000030a0101000000000000000001000000090003001e007a3200000000080007006e6174000900010073797a310000000014000480080002407c40280f080001"], 0xb8}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

361.330583ms ago: executing program 1 (id=8958):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0xce}]})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0)
getdents64(r1, 0x0, 0x0)

360.290663ms ago: executing program 6 (id=8961):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x21880, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x52}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x6}, 0x18)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1}, @void, {@ipv4={0x800, @generic={{0x9, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x41}, {[@ssrr={0x89, 0x7, 0xf3, [@broadcast]}, @cipso={0x86, 0x6}]}}}}}}, 0x0)

340.277673ms ago: executing program 7 (id=8963):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f00000005c0)='cgroup\x00')
lseek(r2, 0x10001, 0x0)

294.763744ms ago: executing program 7 (id=8964):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x20006}, 0x18)
syz_read_part_table(0x1059, &(0x7f0000000000)="$eJzsz8FNw0AUBNDxYmRbogNa4Ewn7scHCuFMT0hUwDmX6EdeR0oHSQ7v3Uazs9IPD/WRlpxqfG+ZkyXJuWpK8nb0VdVakr+ehtuwP+q2ek3ycoRx2f/JsF3LVv+fa9/VsC++l6/5aH4zZf25150AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MwuAQAA//9ZkRMF")

294.172804ms ago: executing program 6 (id=8966):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r1, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

293.721924ms ago: executing program 2 (id=8968):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)='/', 0x1}], 0x1}}], 0x2, 0x0)
close(r2)

224.665196ms ago: executing program 2 (id=8969):
socket$packet(0x11, 0xa, 0x300)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$tun(r0, &(0x7f00000002c0)={@val={0x0, 0x86dd}, @val={0x0, 0x4, 0x11, 0x4, 0x0, 0xa6b9}, @mpls={[], @ipv6=@gre_packet={0xe, 0x6, "ec00be", 0x44, 0x2f, 0xff, @local, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}, {0xa888, 0x88be, 0x2, {{0x6, 0x1, 0x9, 0x2, 0x1, 0x0, 0x3, 0x4}, 0x1, {0x8100}}}, {0x8, 0x22eb, 0x20000, {{0x0, 0x2, 0xc, 0x0, 0x0, 0x2, 0x7, 0x2}, 0x2, {0x2, 0x4, 0x0, 0x5, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x2}}}}}}, 0x7a)

224.232726ms ago: executing program 0 (id=8971):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000003740), 0x2000)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r2, 0xc0f85403, &(0x7f0000003780)={{0x3, 0x1, 0x4, 0x2, 0xfffffff1}, 0x8, 0x7, 'id0\x00', 'timer1\x00', 0x0, 0x15, 0x5, 0xb05, 0x8})

223.992466ms ago: executing program 7 (id=8972):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0)

203.711096ms ago: executing program 0 (id=8973):
r0 = syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd736, 0x8, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x1, @perf_config_ext={0x8, 0x6}, 0x120, 0x10000, 0x33f8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timer_getoverrun(0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
io_uring_enter(r0, 0x1c3a, 0xe176, 0x22, 0x0, 0x0)

188.215456ms ago: executing program 7 (id=8974):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x14)
prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='kfree\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x200, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
sendfile(r2, r1, 0x0, 0x6)

161.234177ms ago: executing program 0 (id=8975):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x8, 0xf9, 0x7ffc1ffb}]})
readahead(0xffffffffffffffff, 0x2, 0xd737)

160.940767ms ago: executing program 2 (id=8976):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r3}, &(0x7f0000000a00), &(0x7f0000000a40)=r2}, 0x20)

160.635707ms ago: executing program 7 (id=8977):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r2, 0x0, 0x5, &(0x7f0000000240)={@broadcast, @empty, 0xfffb, "66c5aff8a7eb3af1f6cec2e7420000008c84aea31700", 0x96bd, 0x1000000, 0x7e, 0x6b}, 0x3c)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000080)=0x300, 0x4)

96.166728ms ago: executing program 2 (id=8978):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0x600, 0x1}}, 0x20)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

95.353428ms ago: executing program 0 (id=8979):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

94.563338ms ago: executing program 7 (id=8980):
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xff\xff\xff\x7f\x00')
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4, 0x192}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x100000004, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)

94.283728ms ago: executing program 2 (id=8981):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0xff}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb:\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')

94.022248ms ago: executing program 0 (id=8982):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = dup(r1)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x4)

28.647339ms ago: executing program 0 (id=8983):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@debug}, {@norecovery}]}, 0x9, 0x458, &(0x7f0000002240)="$eJzs28tvG8UfAPDvbuz2lz5+MVV59AEECqLikTRpKT1wAAQSB5CQ4FCOIUmrUrdBTZBoVUFBqBxRJe6IIxJ/ASe4IOCExBU4o0oV6qUtJ6O1dxvbtdPW2HWoPx9p45ndsWa+nh17dicbwMiazP4kEVsi4reImGhkWwtMNl6uXj47f+3y2fkkarU3/0rq5a5cPjtfFC3et7nIlCLST5PY1aHe5dNnjs9Vq4un8vz0yon3ppfHzzxz7MTc0cWjiydnDx06sH/muYOzz/YlziyuKzs/XNq949W3L7w+f/jCOz99kxTxt8XRJ5Md95YaL4/Xan2ubri2NqWT0hAbwm0Zy0/Jcn38T8RYrHbeRLzyyVAbBwxUrVar3df98LkacBdLYtgtAIaj+KHPrn+L7Q5NPdaFSy82LoCyuK/mW+NIKdK8TLnt+rafJiPi8Lm/v8y2aL8PMT6gSgGAkfZdNv95utP8L43m+0L/z9dQKhFxT0Rsi4iDEbE9Iu6NqJe9PyIeuGmNl1py7YskN84/04s9B3cLsvnf8/naVuv8r5j9RWUsz22tx19OjhyrLu7LP5O9Ud6Y5WfWqOP7l3/9vNux5vlftmX1F3PBvB0XSxtb37MwtzL3b2JudunjiJ2lTvEn11cCkojYEREv9FjHsSe/3t3tWJf4W9cgu+nDOlPtq4gnGv1/LtriLyTX1ydPd1qfnP5fVBf3TRdnxY1+/uX8G93qv3n/D1bW/5s6nv9F/H9Ukub12uXbr+P87591vabs9fzfkLzVsu+DuZWVUzMRG5LX6vlK8/7ZtnKzq+Wz+Pfu6Tz+t8XqJ7ErIrKT+MGIeCgiHs7b/khEPBoRe9aI/8eXHnu39/gHK4t/Yc3+j7b+X01siPY9nRNjx3/4tqXSyu3En/X/gXpqb77nVr7/bqVdvZ3NAAAA8N+TRsSWSNKp6+k0nZpq/A//9tiUVpeWV546svT+yYXGMwKVKKfFna6JpvuhM/llfZGfbcvvz+8bfzE2Xs9PzS9VF4YdPIy4zV3Gf+bPsWG3Dhg4z2vB6DL+YXQZ/zCarrU9CASMlg6//x49gxHRaf7/0RDaAdx5beN/zWU/EwO4u7j/B6PL+IfRZfzDSFoej5s/JH93JNKIWAfNaE2UI2IdNKOHRKTrohkSA0oM+5sJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgP/4JAAD//5nH7E0=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000008c0)="3bf58d7d45d32cfe1da7c797b82fee444b42785c24a868a4046cf670ba8f376c429a424fcc374c08887ba2bb530d843b61bf79a3879fa0", 0x37)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

28.319019ms ago: executing program 6 (id=8984):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'geneve0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r2, 0xffffffffffffffff, 0x26, 0x0, @void}, 0x10)
sendto$packet(r0, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x88a8, r1}, 0x14)

27.924559ms ago: executing program 6 (id=8985):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r1, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])

0s ago: executing program 2 (id=8986):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000300)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e000000000000000000180002801400038010"], 0x44}}, 0x0)

kernel console output (not intermixed with test programs):

 will be lost
[  239.419261][T20447] 
[  239.436721][T20447] EXT4-fs (loop7): Total free blocks count 0
[  239.442838][T20447] EXT4-fs (loop7): Free/Dirty block details
[  239.448824][T20447] EXT4-fs (loop7): free_blocks=39626
[  239.451929][T20486] __nla_validate_parse: 6 callbacks suppressed
[  239.451944][T20486] netlink: 488 bytes leftover after parsing attributes in process `syz.3.7204'.
[  239.454102][T20447] EXT4-fs (loop7): dirty_blocks=2048
[  239.454117][T20447] EXT4-fs (loop7): Block reservation details
[  239.480823][T20447] EXT4-fs (loop7): i_reserved_data_blocks=2048
[  239.612538][T20509] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  239.622284][T20509] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  239.644907][T19146] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.667162][T20519] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7214'.
[  239.677270][T20519] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7214'.
[  239.757672][T20540] netdevsim netdevsim2: Direct firmware load for ./file0/file1 failed with error -2
[  239.859300][T20563] loop3: detected capacity change from 0 to 164
[  240.311641][T20665] netlink: 'syz.4.7282': attribute type 4 has an invalid length.
[  240.335001][T20665] netlink: 'syz.4.7282': attribute type 4 has an invalid length.
[  240.358480][T20669] loop0: detected capacity change from 0 to 1024
[  240.365525][T20669] EXT4-fs: inline encryption not supported
[  240.372144][T20669] EXT4-fs: Ignoring removed bh option
[  240.391095][T20675] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  240.407166][T20674] IPVS: stopping master sync thread 20675 ...
[  240.424568][T20669] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.479271][T19562] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.661830][ T3411] hid_parser_main: 18 callbacks suppressed
[  240.661845][ T3411] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  240.678122][ T3411] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  240.694065][ T3411] hid-generic 0000:0006:0007.000D: unknown main item tag 0x0
[  240.701524][ T3411] hid-generic 0000:0006:0007.000D: unknown main item tag 0x0
[  240.709123][ T3411] hid-generic 0000:0006:0007.000D: unknown main item tag 0x0
[  240.716788][ T3411] hid-generic 0000:0006:0007.000D: unknown main item tag 0x0
[  240.724177][ T3411] hid-generic 0000:0006:0007.000D: unknown main item tag 0x0
[  240.731801][ T3411] hid-generic 0000:0006:0007.000D: unknown main item tag 0x0
[  240.739332][ T3411] hid-generic 0000:0006:0007.000D: unknown main item tag 0x0
[  240.746916][ T3411] hid-generic 0000:0006:0007.000D: unknown main item tag 0x0
[  240.754386][ T3411] hid-generic 0000:0006:0007.000D: unknown main item tag 0x0
[  240.765354][ T3411] hid-generic 0000:0006:0007.000D: hidraw1: <UNKNOWN> HID v0.0b Device [syz1] on syz1
[  240.776583][T20723] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  240.881118][T20740] SELinux:  policydb version 6277 does not match my version range 15-35
[  240.895543][T20740] SELinux: failed to load policy
[  240.931129][T20746] loop0: detected capacity change from 0 to 512
[  240.938820][T20749] loop7: detected capacity change from 0 to 512
[  240.967802][T20746] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  240.976424][T20746] EXT4-fs (loop0): orphan cleanup on readonly fs
[  241.002254][T20749] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.015058][T20749] ext4 filesystem being mounted at /118/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  241.025830][T20746] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.7319: corrupted inode contents
[  241.040192][T19146] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.050893][T20746] EXT4-fs (loop0): Remounting filesystem read-only
[  241.059043][T20746] EXT4-fs (loop0): 1 truncate cleaned up
[  241.064815][ T5289] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  241.075476][ T5289] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  241.155050][T20770] netlink: 'syz.3.7329': attribute type 4 has an invalid length.
[  241.162938][T20770] netlink: 14345 bytes leftover after parsing attributes in process `syz.3.7329'.
[  241.186714][ T5289] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  241.205590][T20746] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  241.242730][T20776] SELinux:  Context  is not valid (left unmapped).
[  241.255722][T19562] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.270272][T20785] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7335'.
[  241.335376][T20797] atomic_op ffff888136e08d28 conn xmit_atomic 0000000000000000
[  241.420987][T20810] loop4: detected capacity change from 0 to 1024
[  241.435896][T20810] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  241.446863][T20810] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  241.501408][T20810] JBD2: no valid journal superblock found
[  241.507182][T20810] EXT4-fs (loop4): Could not load journal inode
[  241.539633][T20810] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  241.579715][T20835] loop7: detected capacity change from 0 to 1024
[  241.667790][T20851] netlink: 256 bytes leftover after parsing attributes in process `syz.2.7366'.
[  241.677703][T20835] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.699989][T20847] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  241.736410][T20835] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.7359: Allocating blocks 385-513 which overlap fs metadata
[  241.751691][T20847] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  241.781785][T20835] EXT4-fs (loop7): pa ffff888107184cb0: logic 16, phys. 129, len 24
[  241.789984][T20835] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  241.819791][T19146] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.004067][T20869] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  242.022004][T20869] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  242.070519][T20902] netlink: 272 bytes leftover after parsing attributes in process `syz.0.7388'.
[  242.093980][T20904] netlink: 'syz.0.7389': attribute type 4 has an invalid length.
[  242.114495][T20904] netlink: 'syz.0.7389': attribute type 4 has an invalid length.
[  242.149150][T20907] netlink: 'syz.0.7390': attribute type 21 has an invalid length.
[  242.157210][T20907] netlink: 128 bytes leftover after parsing attributes in process `syz.0.7390'.
[  242.166645][T20907] netlink: 'syz.0.7390': attribute type 5 has an invalid length.
[  242.174390][T20907] netlink: 'syz.0.7390': attribute type 6 has an invalid length.
[  242.182207][T20907] netlink: 3 bytes leftover after parsing attributes in process `syz.0.7390'.
[  242.310297][T20912] lo speed is unknown, defaulting to 1000
[  242.359440][T20922] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7397'.
[  242.411769][T20936] syzkaller1: entered promiscuous mode
[  242.417368][T20936] syzkaller1: entered allmulticast mode
[  242.439080][T20938] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  242.439080][T20938]    program syz.4.7404 not setting count and/or reply_len properly
[  242.483856][T20945] loop9: detected capacity change from 0 to 7
[  242.494736][T20945] buffer_io_error: 2 callbacks suppressed
[  242.494820][T20945] Buffer I/O error on dev loop9, logical block 0, async page read
[  242.509812][T20945] Buffer I/O error on dev loop9, logical block 0, async page read
[  242.517829][T20945]  loop9: unable to read partition table
[  242.523935][T20945] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  242.523935][T20945] 
) failed (rc=-5)
[  242.618437][T20960] loop7: detected capacity change from 0 to 1024
[  242.647677][T20960] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.670252][T19146] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.773582][ T5281] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.837717][ T5281] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.889219][ T5281] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.948550][ T5281] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.030290][T21005] loop7: detected capacity change from 0 to 128
[  243.063903][T21005] ext4 filesystem being mounted at /151/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  243.103029][ T5281] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  243.120558][T21005] EXT4-fs error (device loop7): dx_make_map:1296: inode #2: block 20: comm syz.7.7435: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  243.141350][T21013] loop2: detected capacity change from 0 to 512
[  243.150748][ T5281] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  243.164776][ T5281] .` (unregistering): (slave dummy0): Releasing backup interface
[  243.176036][T21005] EXT4-fs error (device loop7) in do_split:2029: Corrupt filesystem
[  243.185157][ T5281] .` (unregistering): Released all slaves
[  243.195155][T21013] $H�: renamed from .`
[  243.201194][T21013] $H�: entered promiscuous mode
[  243.206314][T21013] bond_slave_0: entered promiscuous mode
[  243.212067][T21013] bond_slave_1: entered promiscuous mode
[  243.222643][T21013] dummy0: entered promiscuous mode
[  243.247999][ T5281] hsr_slave_0: left promiscuous mode
[  243.254160][ T5281] hsr_slave_1: left promiscuous mode
[  243.260300][ T5281] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.267740][ T5281] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.282555][ T5281] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.290121][ T5281] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.313438][ T5281] veth1_macvtap: left promiscuous mode
[  243.319192][ T5281] veth0_macvtap: left promiscuous mode
[  243.342549][ T5281] veth1_vlan: left promiscuous mode
[  243.351629][ T5281] veth0_vlan: left promiscuous mode
[  243.423568][ T5281] team0 (unregistering): Port device team_slave_1 removed
[  243.433259][ T5281] team0 (unregistering): Port device team_slave_0 removed
[  243.484571][T21045] pim6reg: entered allmulticast mode
[  243.492686][T21050] pim6reg: left allmulticast mode
[  243.539444][T21016] lo speed is unknown, defaulting to 1000
[  243.577155][T21063] binfmt_misc: register: failed to install interpreter file ./file2
[  243.637541][T21016] chnl_net:caif_netlink_parms(): no params data found
[  243.709316][T21016] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.716773][T21016] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.724747][T21016] bridge_slave_0: entered allmulticast mode
[  243.731123][T21016] bridge_slave_0: entered promiscuous mode
[  243.739298][T21016] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.746572][T21016] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.753927][T21016] bridge_slave_1: entered allmulticast mode
[  243.760425][T21016] bridge_slave_1: entered promiscuous mode
[  243.772544][T21090] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  243.787971][T21016] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.799902][T21016] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.813459][T21092] loop3: detected capacity change from 0 to 512
[  243.826332][T21016] team0: Port device team_slave_0 added
[  243.829056][T21092] ext4 filesystem being mounted at /200/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.833270][T21016] team0: Port device team_slave_1 added
[  243.851598][T21092] SELinux:  Context @ is not valid (left unmapped).
[  243.858501][   T29] kauditd_printk_skb: 387 callbacks suppressed
[  243.858513][   T29] audit: type=1400 audit(2000000597.643:8832): avc:  denied  { relabelto } for  pid=21091 comm="syz.3.7468" name="cgroup.controllers" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@"
[  243.920604][T21016] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.927789][T21016] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.953921][T21016] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.968940][T21016] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.975934][T21016] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.001859][T21016] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.037224][T21016] hsr_slave_0: entered promiscuous mode
[  244.043223][T21016] hsr_slave_1: entered promiscuous mode
[  244.050199][T21016] debugfs: 'hsr0' already exists in 'hsr'
[  244.055955][T21016] Cannot create hsr debugfs directory
[  244.168099][   T29] audit: type=1400 audit(2000000597.953:8833): avc:  denied  { name_connect } for  pid=21131 comm="syz.7.7486" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  244.191630][   T29] audit: type=1400 audit(2000000597.973:8834): avc:  denied  { ioctl } for  pid=21129 comm="syz.0.7485" path="/dev/usbmon0" dev="devtmpfs" ino=141 ioctlcmd=0x9204 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  244.243482][   T29] audit: type=1400 audit(2000000598.013:8835): avc:  denied  { lock } for  pid=21135 comm="syz.2.7488" path="socket:[75915]" dev="sockfs" ino=75915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  244.266811][   T29] audit: type=1400 audit(2000000598.013:8836): avc:  denied  { mount } for  pid=21139 comm="syz.0.7490" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  244.315739][T21140] cgroup: cgroup_addrm_files: failed to add weight, err=-12
[  244.351867][T21149] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21149 comm=syz.0.7493
[  244.430757][T21016] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  244.450972][   T29] audit: type=1400 audit(2000000598.233:8837): avc:  denied  { mount } for  pid=21157 comm="syz.0.7498" name="/" dev="ramfs" ino=76886 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  244.452679][T21016] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  244.484953][T21016] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  244.494725][T21016] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  244.552444][T21016] 8021q: adding VLAN 0 to HW filter on device bond0
[  244.581341][T21016] 8021q: adding VLAN 0 to HW filter on device team0
[  244.594443][T21174] loop0: detected capacity change from 0 to 512
[  244.602908][T21172] __nla_validate_parse: 6 callbacks suppressed
[  244.602924][T21172] netlink: 96 bytes leftover after parsing attributes in process `syz.7.7501'.
[  244.619045][ T5281] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.626208][ T5281] bridge0: port 1(bridge_slave_0) entered forwarding state
[  244.636784][T21174] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.7502: corrupted in-inode xattr: bad e_name length
[  244.649398][ T5281] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.655540][T21174] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7502: couldn't read orphan inode 15 (err -117)
[  244.657507][ T5281] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.674594][T21174] EXT4-fs mount: 4 callbacks suppressed
[  244.674610][T21174] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.733635][   T29] audit: type=1400 audit(2000000598.513:8838): avc:  denied  { watch_reads } for  pid=21179 comm="syz.7.7504" path="/179" dev="tmpfs" ino=937 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  244.770551][T21174] EXT4-fs warning (device loop0): dx_probe:861: inode #2: comm syz.0.7502: dx entry: limit 0 != root limit 125
[  244.782447][T21174] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.7502: Corrupt directory, running e2fsck is recommended
[  244.811430][T21174] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.7502: path /148/file7: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  244.817560][T21016] 8021q: adding VLAN 0 to HW filter on device batadv0
[  244.883899][T19562] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.906407][T21196] random: crng reseeded on system resumption
[  244.927664][T21196] Restarting kernel threads ...
[  244.934028][T21196] Done restarting kernel threads.
[  245.006377][T21207] loop0: detected capacity change from 0 to 2048
[  245.038741][T21207] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  245.039372][T21016] veth0_vlan: entered promiscuous mode
[  245.061434][T21207] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.7510: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  245.067539][T21016] veth1_vlan: entered promiscuous mode
[  245.087908][T21207] EXT4-fs (loop0): Remounting filesystem read-only
[  245.111746][T21016] veth0_macvtap: entered promiscuous mode
[  245.124623][T21016] veth1_macvtap: entered promiscuous mode
[  245.138154][T21016] batman_adv: batadv0: Interface activated: batadv_slave_0
[  245.145008][T21215] hub 2-0:1.0: USB hub found
[  245.147247][T21016] batman_adv: batadv0: Interface activated: batadv_slave_1
[  245.160908][T21215] hub 2-0:1.0: 8 ports detected
[  245.169149][ T5308] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  245.177979][ T5308] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  245.189696][T21217] loop7: detected capacity change from 0 to 512
[  245.189782][T19562] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.217677][ T5308] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  245.226845][T21217] EXT4-fs (loop7): orphan cleanup on readonly fs
[  245.234225][T21222] loop2: detected capacity change from 0 to 128
[  245.253272][T21217] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.7511: bg 0: block 248: padding at end of block bitmap is not set
[  245.254910][   T29] audit: type=1400 audit(2000000599.033:8839): avc:  denied  { mounton } for  pid=21016 comm="syz-executor" path="/root/syzkaller.5kDw2d/syz-tmp" dev="sda1" ino=2101 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  245.292373][ T5310] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  245.301422][   T29] audit: type=1400 audit(2000000599.093:8840): avc:  denied  { mount } for  pid=21016 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  245.304823][T21222] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  245.327232][   T29] audit: type=1400 audit(2000000599.093:8841): avc:  denied  { mounton } for  pid=21016 comm="syz-executor" path="/root/syzkaller.5kDw2d/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  245.371179][T21217] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.7511: Failed to acquire dquot type 1
[  245.394352][T21217] EXT4-fs (loop7): 1 truncate cleaned up
[  245.400292][T21222] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  245.418134][T21217] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  245.452285][T21239] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7521'.
[  245.464557][ T5280] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  245.487085][T19146] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.539220][T21249] loop7: detected capacity change from 0 to 1024
[  245.539603][T21245] hub 2-0:1.0: USB hub found
[  245.552807][T21245] hub 2-0:1.0: 8 ports detected
[  245.562515][T21249] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  245.574635][T21249] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  245.593374][T21249] EXT4-fs (loop7): orphan cleanup on readonly fs
[  245.619798][T21249] EXT4-fs error (device loop7): ext4_free_blocks:6696: comm syz.7.7523: Freeing blocks not in datazone - block = 0, count = 4096
[  245.639615][T21256] netdevsim netdevsim3: Direct firmware load for 0.� failed with error -2
[  245.651806][T21249] EXT4-fs (loop7): 1 orphan inode deleted
[  245.658254][T21249] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  245.700012][T19146] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.771426][T21271] veth3: entered promiscuous mode
[  245.863173][T21280] netlink: 176 bytes leftover after parsing attributes in process `syz.3.7540'.
[  245.928469][T21288] loop0: detected capacity change from 0 to 512
[  245.935789][T21288] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  245.947613][T21288] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  245.968683][T21288] System zones: 1-12
[  245.974177][T21288] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.7544: corrupted in-inode xattr: e_value size too large
[  245.992688][T21288] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7544: couldn't read orphan inode 15 (err -117)
[  246.017243][T21288] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.067643][T19562] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.131571][T21305] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7552'.
[  246.288253][T21338] loop0: detected capacity change from 0 to 512
[  246.298306][T21338] EXT4-fs (loop0): orphan cleanup on readonly fs
[  246.308954][T21338] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.7568: bad orphan inode 13
[  246.327839][T21338] ext4_test_bit(bit=12, block=18) = 1
[  246.330089][T21347] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7572'.
[  246.333261][T21338] is_bad_inode(inode)=0
[  246.333272][T21338] NEXT_ORPHAN(inode)=2130706432
[  246.351277][T21338] max_ino=32
[  246.354466][T21338] i_nlink=1
[  246.360498][T21347] bond0: (slave wireguard0): The slave device specified does not support setting the MAC address
[  246.385005][T21338] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  246.398377][T21347] bond0: (slave wireguard0): Error -95 calling set_mac_address
[  246.410641][T21338] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  246.426460][T21338] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  246.447521][T19562] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.463313][T21361] validate_nla: 1 callbacks suppressed
[  246.463329][T21361] netlink: 'syz.2.7578': attribute type 10 has an invalid length.
[  246.478598][T21361] team0: Device hsr_slave_0 failed to register rx_handler
[  246.499815][T21365] netlink: 64 bytes leftover after parsing attributes in process `syz.3.7579'.
[  246.529327][T21367] loop2: detected capacity change from 0 to 512
[  246.533742][T21371] loop7: detected capacity change from 0 to 128
[  246.544186][T21371] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  246.556286][T21367] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  246.567855][T21371] SELinux: security_context_str_to_sid (��$i����qr���埋A�?U��<{ט'�5?}}�w�����z�-&�ד\k�O����wv7�����c����?5��'��Qo�ٝ����sm��S��z���=��g�ʯc�) failed with errno=-22
[  246.585642][T21367] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  246.596165][T21367] EXT4-fs (loop2): 1 truncate cleaned up
[  246.602621][T21367] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.621148][T21378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7585'.
[  246.630567][T21378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7585'.
[  246.639818][T21378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7585'.
[  246.649591][T21378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7585'.
[  246.650038][T21380] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  246.658744][T21376] IPVS: stopping master sync thread 21380 ...
[  246.702110][T12125] hid_parser_main: 44 callbacks suppressed
[  246.702125][T12125] hid-generic 0000:0000:0000.000E: unknown main item tag 0x1
[  246.715561][T12125] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  246.723165][T12125] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  246.730716][T12125] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  246.738156][T12125] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  246.747233][T12125] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  246.754658][T12125] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  246.762131][T12125] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  246.769674][T12125] hid-generic 0000:0000:0000.000E: unknown main item tag 0x2
[  246.777077][T12125] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  246.785646][T12125] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  246.796539][T19354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.002189][T21421] loop2: detected capacity change from 0 to 256
[  247.002456][T21421] msdos: Bad value for 'uid'
[  247.002468][T21421] msdos: Bad value for 'uid'
[  247.325753][T21459] sd 0:0:1:0: device reset
[  247.450199][ T3391] hid-generic 0000:0004:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  247.579215][T21495] loop6: detected capacity change from 0 to 1024
[  247.603908][T21495] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.619760][T21495] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.635197][T21495] EXT4-fs error (device loop6): ext4_map_blocks:814: inode #15: block 3: comm syz.6.7639: lblock 3 mapped to illegal pblock 3 (length 13)
[  247.650267][T21495] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  247.662863][T21495] EXT4-fs (loop6): This should not happen!! Data will be lost
[  247.662863][T21495] 
[  247.702438][T21016] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.104510][T21585] loop2: detected capacity change from 0 to 512
[  248.114765][T21585] EXT4-fs warning (device loop2): ext4_multi_mount_protect:332: MMP startup interrupted, failing mount
[  248.114765][T21585] 
[  248.201660][T21595] loop6: detected capacity change from 0 to 8192
[  248.218922][T21597] Falling back ldisc for ttyS3.
[  248.311810][T21614] loop6: detected capacity change from 0 to 128
[  248.319040][T21614] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  248.335765][T21614] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  248.686185][T21650] loop3: detected capacity change from 0 to 512
[  248.708807][T21656] binfmt_misc: register: failed to install interpreter file ./file2
[  248.709540][T21650] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.743405][T21650] ext4 filesystem being mounted at /235/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  248.809001][T18252] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.869540][T21671] loop3: detected capacity change from 0 to 512
[  248.881320][T21671] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.7715: error while reading EA inode 32 err=-116
[  248.891898][T21673] ALSA: seq fatal error: cannot create timer (-19)
[  248.905506][T21671] EXT4-fs (loop3): Remounting filesystem read-only
[  248.912064][T21671] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  248.919093][T21677] net_ratelimit: 3321 callbacks suppressed
[  248.919186][T21677] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  248.940901][T21671] EXT4-fs (loop3): 1 orphan inode deleted
[  248.953367][T21671] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.011744][T21682] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  249.018545][T21682] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  249.025333][T21682] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  249.032071][T21682] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  249.038979][T21682] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  249.045761][T21682] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  249.052637][T21682] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  249.059388][T21682] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  249.066244][T21682] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  249.092520][T21671] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.413656][ T3398] IPVS: starting estimator thread 0...
[  249.505478][T21699] IPVS: using max 2784 ests per chain, 139200 per kthread
[  249.575555][T21680] loop6: detected capacity change from 0 to 32768
[  249.647412][T21680]  loop6: p1 p3 < >
[  249.655655][   T29] kauditd_printk_skb: 244 callbacks suppressed
[  249.655671][   T29] audit: type=1326 audit(2000000603.433:9084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21711 comm="syz.2.7729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  249.685374][   T29] audit: type=1326 audit(2000000603.433:9085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21711 comm="syz.2.7729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  249.796378][   T29] audit: type=1326 audit(2000000603.493:9086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21711 comm="syz.2.7729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  249.819935][   T29] audit: type=1326 audit(2000000603.503:9087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21711 comm="syz.2.7729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  249.843500][   T29] audit: type=1326 audit(2000000603.503:9088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21711 comm="syz.2.7729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  249.866977][   T29] audit: type=1326 audit(2000000603.523:9089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21711 comm="syz.2.7729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  249.890504][   T29] audit: type=1326 audit(2000000603.533:9090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21711 comm="syz.2.7729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  249.914089][   T29] audit: type=1326 audit(2000000603.533:9091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21711 comm="syz.2.7729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  249.937728][   T29] audit: type=1326 audit(2000000603.533:9092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21711 comm="syz.2.7729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  249.961216][   T29] audit: type=1326 audit(2000000603.533:9093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21711 comm="syz.2.7729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  250.521675][T21745] netlink: 'syz.7.7743': attribute type 29 has an invalid length.
[  250.551394][T21745] netlink: 'syz.7.7743': attribute type 29 has an invalid length.
[  250.567243][T21745] __nla_validate_parse: 9 callbacks suppressed
[  250.567259][T21745] netlink: 488 bytes leftover after parsing attributes in process `syz.7.7743'.
[  250.602635][T21752] loop0: detected capacity change from 0 to 512
[  250.639495][T21752] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  250.654922][T21752] ext4 filesystem being mounted at /208/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.722793][T21772] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7756'.
[  250.733897][T21772] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7756'.
[  250.818859][T21752] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  250.834858][T21752] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 32768 with max blocks 2048 with error 28
[  250.847896][T21752] EXT4-fs (loop0): This should not happen!! Data will be lost
[  250.847896][T21752] 
[  250.857770][T21752] EXT4-fs (loop0): Total free blocks count 0
[  250.863989][T21752] EXT4-fs (loop0): Free/Dirty block details
[  250.869994][T21752] EXT4-fs (loop0): free_blocks=39626
[  250.875309][T21752] EXT4-fs (loop0): dirty_blocks=2048
[  250.880610][T21752] EXT4-fs (loop0): Block reservation details
[  250.886644][T21752] EXT4-fs (loop0): i_reserved_data_blocks=2048
[  250.912434][T21787] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2
[  251.043046][T21801] loop2: detected capacity change from 0 to 164
[  251.098140][T19562] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.154516][T21819] loop7: detected capacity change from 0 to 512
[  251.197532][T21819] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  251.213955][T21819] EXT4-fs (loop7): orphan cleanup on readonly fs
[  251.232293][T21819] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.7781: corrupted inode contents
[  251.248235][ T3398] Process accounting resumed
[  251.306660][T21819] EXT4-fs (loop7): Remounting filesystem read-only
[  251.356261][T21819] EXT4-fs (loop7): 1 truncate cleaned up
[  251.362083][ T5308] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  251.372639][ T5308] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  251.405665][ T5308] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  251.423049][T21819] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  251.490025][T19146] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.502243][T21860] loop2: detected capacity change from 0 to 128
[  251.524861][T21860] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  251.586958][T21860] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.703814][T21885] ������: renamed from vlan0 (while UP)
[  251.731139][T21891] random: crng reseeded on system resumption
[  251.778094][T19354] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  251.850244][T21908] @: renamed from vlan0 (while UP)
[  251.860503][T21906] loop0: detected capacity change from 0 to 512
[  251.877308][T21906] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  251.898965][T21906] EXT4-fs (loop0): 1 truncate cleaned up
[  251.904996][T21906] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.943430][T21906] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.052358][T21927] lo speed is unknown, defaulting to 1000
[  252.101732][T21940] SELinux:  policydb version 6277 does not match my version range 15-35
[  252.110949][T21940] SELinux: failed to load policy
[  252.166399][T21945] loop7: detected capacity change from 0 to 164
[  252.174843][T21945] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  252.199660][T21951] @: renamed from vlan0 (while UP)
[  252.288675][T21968] loop3: detected capacity change from 0 to 1024
[  252.302050][T21968] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  252.313271][T21968] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  252.324974][T21967] netlink: 256 bytes leftover after parsing attributes in process `syz.0.7856'.
[  252.346186][T21968] JBD2: no valid journal superblock found
[  252.351978][T21968] EXT4-fs (loop3): Could not load journal inode
[  252.397678][T21976] SELinux:  policydb version 6277 does not match my version range 15-35
[  252.414236][T21968] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  252.424186][T21976] SELinux: failed to load policy
[  252.474971][T21989] loop6: detected capacity change from 0 to 164
[  252.492319][T21992] loop0: detected capacity change from 0 to 1024
[  252.503832][T21989] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  252.524996][T21992] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.547722][T21992] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.7857: Allocating blocks 385-513 which overlap fs metadata
[  252.565472][T21992] EXT4-fs (loop0): pa ffff888107269540: logic 16, phys. 129, len 24
[  252.573577][T21992] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  252.619106][T19562] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.655974][T22013] SELinux:  policydb version 6277 does not match my version range 15-35
[  252.665301][T22011] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7865'.
[  252.677157][T22013] SELinux: failed to load policy
[  252.777070][T22033] loop2: detected capacity change from 0 to 1024
[  252.798056][T22033] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  252.809795][T22033] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  252.830174][T22033] JBD2: no valid journal superblock found
[  252.836093][T22033] EXT4-fs (loop2): Could not load journal inode
[  252.871232][T22045] loop6: detected capacity change from 0 to 1024
[  252.878351][T22033] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  252.895940][T22045] EXT4-fs: inline encryption not supported
[  252.905430][T22045] EXT4-fs: Ignoring removed bh option
[  252.941856][T22051] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7882'.
[  252.954607][T22045] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.000526][T21016] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.117900][T22077] binfmt_misc: register: failed to install interpreter file ./file2
[  253.336358][T22108] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22108 comm=syz.3.7908
[  253.339546][T22111] cgroup: cgroup_addrm_files: failed to add weight, err=-12
[  253.407003][T22119] netlink: 'syz.2.7911': attribute type 4 has an invalid length.
[  253.420203][T22119] netlink: 'syz.2.7911': attribute type 4 has an invalid length.
[  253.429083][T22123] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  253.469521][T22131] random: crng reseeded on system resumption
[  253.488034][T22131] Restarting kernel threads ...
[  253.494091][T22131] Done restarting kernel threads.
[  253.528026][T22140] netlink: 96 bytes leftover after parsing attributes in process `syz.6.7922'.
[  253.555199][T22146] IPVS: stopping master sync thread 22147 ...
[  253.556267][T22147] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  253.614497][T22152] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  253.795753][ T3391] hid_parser_main: 25 callbacks suppressed
[  253.795768][ T3391] hid-generic 0000:0006:0007.0010: unknown main item tag 0x0
[  253.809391][ T3391] hid-generic 0000:0006:0007.0010: unknown main item tag 0x0
[  253.817071][ T3391] hid-generic 0000:0006:0007.0010: unknown main item tag 0x0
[  253.824603][ T3391] hid-generic 0000:0006:0007.0010: unknown main item tag 0x0
[  253.830902][T22192] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7940'.
[  253.832194][ T3391] hid-generic 0000:0006:0007.0010: unknown main item tag 0x0
[  253.849342][ T3391] hid-generic 0000:0006:0007.0010: unknown main item tag 0x0
[  253.857135][ T3391] hid-generic 0000:0006:0007.0010: unknown main item tag 0x0
[  253.865483][ T3391] hid-generic 0000:0006:0007.0010: unknown main item tag 0x0
[  253.873780][ T3391] hid-generic 0000:0006:0007.0010: unknown main item tag 0x0
[  253.881272][ T3391] hid-generic 0000:0006:0007.0010: unknown main item tag 0x0
[  253.891241][ T3391] hid-generic 0000:0006:0007.0010: hidraw0: <UNKNOWN> HID v0.0b Device [syz1] on syz1
[  253.923654][T22198] rdma_op ffff888146e35180 conn xmit_rdma 0000000000000000
[  253.948504][T22201] netdevsim netdevsim6: Direct firmware load for 0.� failed with error -2
[  253.995535][T22213] net_ratelimit: 3320 callbacks suppressed
[  253.995561][T22213] openvswitch: netlink: Message has 6 unknown bytes.
[  254.198102][T22251] loop2: detected capacity change from 0 to 128
[  254.208398][T22251] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  254.220980][T22251] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  254.244228][ T5308] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  254.321335][T22269] loop2: detected capacity change from 0 to 512
[  254.343725][T22269] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.7970: corrupted in-inode xattr: bad e_name length
[  254.362045][T22269] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.7970: couldn't read orphan inode 15 (err -117)
[  254.378023][T22269] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.405496][T22269] EXT4-fs warning (device loop2): dx_probe:861: inode #2: comm syz.2.7970: dx entry: limit 0 != root limit 125
[  254.417363][T22269] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.7970: Corrupt directory, running e2fsck is recommended
[  254.436155][T22269] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.7970: path /245/file7: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  254.478178][T22287] loop6: detected capacity change from 0 to 128
[  254.487965][T22287] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  254.492576][T22284] hub 2-0:1.0: USB hub found
[  254.501996][T22287] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  254.525958][T22284] hub 2-0:1.0: 8 ports detected
[  254.535089][ T5325] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  254.555297][T19354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.640907][T22301] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7994'.
[  254.672573][T22300] hub 2-0:1.0: USB hub found
[  254.678733][T22300] hub 2-0:1.0: 8 ports detected
[  254.768854][T22325] loop3: detected capacity change from 0 to 512
[  254.778301][T22325] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  254.799837][T22325] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  254.810845][T22329] netlink: 176 bytes leftover after parsing attributes in process `syz.6.7996'.
[  254.815641][T22325] System zones: 1-12
[  254.831194][T22325] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.7995: corrupted in-inode xattr: e_value size too large
[  254.849642][T22335] loop0: detected capacity change from 0 to 128
[  254.857351][T22335] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  254.858110][T22325] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.7995: couldn't read orphan inode 15 (err -117)
[  254.874605][T22335] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  254.894961][T22325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.926966][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  254.926980][   T29] audit: type=1326 audit(2000000608.713:9274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.7.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  254.956787][   T29] audit: type=1326 audit(2000000608.713:9275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.7.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  254.987239][T18252] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.991131][   T29] audit: type=1326 audit(2000000608.743:9276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.7.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  255.020221][   T29] audit: type=1326 audit(2000000608.743:9277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.7.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  255.043782][   T29] audit: type=1326 audit(2000000608.743:9278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.7.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  255.067290][   T29] audit: type=1326 audit(2000000608.743:9279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.7.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  255.069771][T22342] loop7: detected capacity change from 0 to 128
[  255.090787][   T29] audit: type=1326 audit(2000000608.743:9280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.7.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  255.090837][   T29] audit: type=1326 audit(2000000608.743:9281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.7.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  255.090856][   T29] audit: type=1326 audit(2000000608.763:9282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.7.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  255.168886][T22342] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  255.182099][T22342] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  255.218705][ T5280] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  255.239633][ T5281] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  255.261116][ T3391] IPVS: starting estimator thread 0...
[  255.321634][T22363] loop0: detected capacity change from 0 to 512
[  255.338526][T22367] loop3: detected capacity change from 0 to 512
[  255.355465][T22353] IPVS: using max 2784 ests per chain, 139200 per kthread
[  255.370674][T22367] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.371655][T22363] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.409858][T22367] ext4 filesystem being mounted at /315/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  255.429278][T22363] ext4 filesystem being mounted at /256/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  255.443884][T22378] loop2: detected capacity change from 0 to 512
[  255.480034][T18252] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.490239][T22378] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.504109][T22378] ext4 filesystem being mounted at /253/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  255.528443][T19562] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.550173][T19354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.570018][T22390] loop0: detected capacity change from 0 to 128
[  255.576859][T22390] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  255.589248][T22393] netdevsim netdevsim6: Direct firmware load for ./file0/file1 failed with error -2
[  255.600548][T22390] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  255.640406][ T5325] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  255.672183][T22406] loop0: detected capacity change from 0 to 128
[  255.679714][T22406] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  255.691803][T22406] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  255.693183][T22402] loop7: detected capacity change from 0 to 512
[  255.706287][ T5281] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  255.717957][T22402] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.8039: error while reading EA inode 32 err=-116
[  255.730728][T22402] EXT4-fs (loop7): Remounting filesystem read-only
[  255.737297][T22402] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  255.750120][T22402] EXT4-fs (loop7): 1 orphan inode deleted
[  255.765639][T22402] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.780190][T22402] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.795397][   T29] audit: type=1107 audit(2000000609.573:9283): pid=22410 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='@'
[  255.840080][T22417] loop3: detected capacity change from 0 to 512
[  255.859412][T22421] loop7: detected capacity change from 0 to 164
[  255.888489][T22417] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.914753][T22417] ext4 filesystem being mounted at /319/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  255.963976][T22437] netdevsim netdevsim0: Direct firmware load for ./file0/file1 failed with error -2
[  255.980422][T18252] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.033161][T22445] loop7: detected capacity change from 0 to 128
[  256.040082][T22445] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  256.052387][T22445] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  256.063481][T22441] loop0: detected capacity change from 0 to 1024
[  256.070991][ T5325] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  256.081597][T22441] EXT4-fs: Ignoring removed bh option
[  256.102750][T22441] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.130113][T22453] loop2: detected capacity change from 0 to 512
[  256.137070][T22453] EXT4-fs: Ignoring removed orlov option
[  256.147612][T22453] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  256.147702][T19562] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.172071][T22453] EXT4-fs (loop2): orphan cleanup on readonly fs
[  256.180151][T22453] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8061: bg 0: block 248: padding at end of block bitmap is not set
[  256.206559][T22453] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.8061: Failed to acquire dquot type 1
[  256.221097][T22453] EXT4-fs (loop2): 1 truncate cleaned up
[  256.228508][T22453] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  256.263650][T22453] EXT4-fs: Ignoring removed orlov option
[  256.269434][T22453] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  256.286726][T22453] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  256.302671][T22477] loop0: detected capacity change from 0 to 164
[  256.311928][T22453] EXT4-fs error (device loop2): __ext4_remount:6740: comm syz.2.8061: Abort forced by user
[  256.343593][T22453] EXT4-fs (loop2): Remounting filesystem read-only
[  256.350171][T22453] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  256.377670][T22453] ext4 filesystem being remounted at /259/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  256.417995][T19354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.553013][T22501] loop7: detected capacity change from 0 to 128
[  256.559815][T22501] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  256.573570][T22501] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  256.587517][T22503] loop6: detected capacity change from 0 to 512
[  256.592178][ T5308] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  256.616914][T22503] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.641571][T22503] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  256.694066][T21016] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.744968][T22522] loop6: detected capacity change from 0 to 2048
[  256.753762][T22526] loop3: detected capacity change from 0 to 128
[  256.771854][T22522] EXT4-fs: Ignoring removed nomblk_io_submit option
[  256.780573][T22526] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  256.803986][T22526] ext4 filesystem being mounted at /328/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.826215][T22522] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.858594][T22522] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.8081: bg 0: block 2: invalid block bitmap
[  256.877651][T22522] EXT4-fs (loop6): Remounting filesystem read-only
[  256.899422][T18252] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  256.909163][T21016] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.920934][T15096] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  257.073067][T22559] loop2: detected capacity change from 0 to 512
[  257.099867][T22559] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.110543][T22561] ipvlan2: entered promiscuous mode
[  257.119261][T22561] bridge0: port 3(ipvlan2) entered blocking state
[  257.125760][T22561] bridge0: port 3(ipvlan2) entered disabled state
[  257.132581][T22561] ipvlan2: entered allmulticast mode
[  257.137928][T22561] bridge0: entered allmulticast mode
[  257.143775][T22559] ext4 filesystem being mounted at /269/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  257.144049][T22561] ipvlan2: left allmulticast mode
[  257.159201][T22561] bridge0: left allmulticast mode
[  257.187511][T19354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.218295][T22572] loop2: detected capacity change from 0 to 512
[  257.239608][T22572] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.257567][T22572] ext4 filesystem being mounted at /270/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  257.286397][T22580] loop7: detected capacity change from 0 to 512
[  257.296713][T22580] EXT4-fs: Ignoring removed orlov option
[  257.309604][T22580] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  257.311538][T19354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.337169][T22580] EXT4-fs (loop7): orphan cleanup on readonly fs
[  257.346900][T22580] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.8106: bg 0: block 248: padding at end of block bitmap is not set
[  257.363333][T22591] loop2: detected capacity change from 0 to 512
[  257.363974][T22580] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.8106: Failed to acquire dquot type 1
[  257.382289][T22580] EXT4-fs (loop7): 1 truncate cleaned up
[  257.390591][T22580] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  257.407173][T22591] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.431007][T22591] ext4 filesystem being mounted at /271/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.431102][T22580] EXT4-fs: Ignoring removed orlov option
[  257.450472][T22580] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  257.467186][T22580] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended
[  257.496918][T22580] EXT4-fs error (device loop7): __ext4_remount:6740: comm syz.7.8106: Abort forced by user
[  257.520968][T22609] netlink: 'syz.6.8113': attribute type 4 has an invalid length.
[  257.533670][T22580] EXT4-fs (loop7): Remounting filesystem read-only
[  257.540314][T22580] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  257.555897][T22609] netlink: 'syz.6.8113': attribute type 4 has an invalid length.
[  257.583679][T22580] ext4 filesystem being remounted at /302/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  257.625822][T22591] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  257.642395][T22591] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 32768 with max blocks 2048 with error 28
[  257.655382][T22591] EXT4-fs (loop2): This should not happen!! Data will be lost
[  257.655382][T22591] 
[  257.665309][T22591] EXT4-fs (loop2): Total free blocks count 0
[  257.671379][T22591] EXT4-fs (loop2): Free/Dirty block details
[  257.677547][T22591] EXT4-fs (loop2): free_blocks=39626
[  257.683028][T22591] EXT4-fs (loop2): dirty_blocks=2048
[  257.688327][T22591] EXT4-fs (loop2): Block reservation details
[  257.694295][T22591] EXT4-fs (loop2): i_reserved_data_blocks=2048
[  257.701046][T19146] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.712785][T22615] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  257.751622][T22619] loop7: detected capacity change from 0 to 512
[  257.780780][T22619] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.796611][T22619] ext4 filesystem being mounted at /303/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  257.864918][T22638] netlink: 'syz.0.8125': attribute type 4 has an invalid length.
[  257.879822][T22637] loop6: detected capacity change from 0 to 512
[  257.897121][T22637] EXT4-fs: Ignoring removed orlov option
[  257.903559][T22637] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  257.908717][T22640] loop2: detected capacity change from 0 to 1024
[  257.912753][T22637] EXT4-fs (loop6): orphan cleanup on readonly fs
[  257.925664][T22638] netlink: 'syz.0.8125': attribute type 4 has an invalid length.
[  257.926288][T22640] EXT4-fs: inline encryption not supported
[  257.939589][T22640] EXT4-fs: Ignoring removed bh option
[  257.946305][T22637] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.8126: bg 0: block 248: padding at end of block bitmap is not set
[  257.998998][T22645] loop9: detected capacity change from 0 to 7
[  258.012429][T22637] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.8126: Failed to acquire dquot type 1
[  258.027129][T22645] Buffer I/O error on dev loop9, logical block 0, async page read
[  258.035513][T22645] Buffer I/O error on dev loop9, logical block 0, async page read
[  258.043358][T22645]  loop9: unable to read partition table
[  258.049140][T22637] EXT4-fs (loop6): 1 truncate cleaned up
[  258.068183][T22645] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  258.068183][T22645] 
) failed (rc=-5)
[  258.084424][T22637] EXT4-fs: Ignoring removed orlov option
[  258.091655][T22637] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  258.113550][T22637] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  258.125740][T22637] EXT4-fs error (device loop6): __ext4_remount:6740: comm syz.6.8126: Abort forced by user
[  258.136499][T22637] EXT4-fs (loop6): Remounting filesystem read-only
[  258.143037][T22637] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  258.151657][T22637] ext4 filesystem being remounted at /115/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  258.252549][T22663] loop6: detected capacity change from 0 to 512
[  258.261755][T22666] __nla_validate_parse: 3 callbacks suppressed
[  258.261832][T22666] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8145'.
[  258.268410][T22667] loop0: detected capacity change from 0 to 512
[  258.286784][T22663] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.310209][T22667] ext4 filesystem being mounted at /276/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  258.378287][T22679] loop9: detected capacity change from 0 to 7
[  258.397350][T22679] Buffer I/O error on dev loop9, logical block 0, async page read
[  258.411628][T22679] Buffer I/O error on dev loop9, logical block 0, async page read
[  258.419667][T22679]  loop9: unable to read partition table
[  258.427924][T22679] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  258.427924][T22679] 
) failed (rc=-5)
[  258.473579][T22690] loop0: detected capacity change from 0 to 512
[  258.481128][T22690] EXT4-fs: Ignoring removed orlov option
[  258.488690][T22690] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  258.507159][T22690] EXT4-fs (loop0): orphan cleanup on readonly fs
[  258.518788][T22690] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8142: bg 0: block 248: padding at end of block bitmap is not set
[  258.535480][T22663] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  258.550189][T22663] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 32768 with max blocks 2048 with error 28
[  258.551382][T22690] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.8142: Failed to acquire dquot type 1
[  258.563073][T22663] EXT4-fs (loop6): This should not happen!! Data will be lost
[  258.563073][T22663] 
[  258.563091][T22663] EXT4-fs (loop6): Total free blocks count 0
[  258.563143][T22663] EXT4-fs (loop6): Free/Dirty block details
[  258.563154][T22663] EXT4-fs (loop6): free_blocks=39626
[  258.563167][T22663] EXT4-fs (loop6): dirty_blocks=2048
[  258.563180][T22663] EXT4-fs (loop6): Block reservation details
[  258.563190][T22663] EXT4-fs (loop6): i_reserved_data_blocks=2048
[  258.628798][T22690] EXT4-fs (loop0): 1 truncate cleaned up
[  258.704102][T22690] EXT4-fs: Ignoring removed orlov option
[  258.718739][T22690] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  258.731477][T22690] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  258.764843][T22701] loop7: detected capacity change from 0 to 512
[  258.777739][T22690] EXT4-fs error (device loop0): __ext4_remount:6740: comm syz.0.8142: Abort forced by user
[  258.794510][T22690] EXT4-fs (loop0): Remounting filesystem read-only
[  258.801102][T22690] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  258.802472][T22708] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8154'.
[  258.809748][T22690] ext4 filesystem being remounted at /278/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  258.821743][T22701] ext4 filesystem being mounted at /312/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  258.863333][T22715] loop9: detected capacity change from 0 to 7
[  258.869717][T22715] Buffer I/O error on dev loop9, logical block 0, async page read
[  258.877894][T22715] Buffer I/O error on dev loop9, logical block 0, async page read
[  258.881265][ T3391] hid_parser_main: 44 callbacks suppressed
[  258.881281][ T3391] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  258.885976][T22715]  loop9: unable to read partition table
[  258.886579][T22715] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  258.886579][T22715] 
) failed (rc=-5)
[  258.902502][ T3391] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  259.097851][T22731] loop3: detected capacity change from 0 to 1024
[  259.116268][T22731] EXT4-fs: inline encryption not supported
[  259.122424][T22731] EXT4-fs: Ignoring removed bh option
[  259.183442][T22742] netdevsim netdevsim2: Direct firmware load for ./file0/file1 failed with error -2
[  259.242464][T22748] loop0: detected capacity change from 0 to 1024
[  259.259239][T22755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8171'.
[  259.405733][T22768] loop2: detected capacity change from 0 to 1024
[  259.564557][T22794] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  259.564557][T22794]    program syz.3.8190 not setting count and/or reply_len properly
[  259.569115][T22792] lo speed is unknown, defaulting to 1000
[  259.594859][T22797] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8191'.
[  259.616738][T22797] netlink: 32 bytes leftover after parsing attributes in process `syz.6.8191'.
[  259.619587][T22799] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8192'.
[  259.680498][T22804] loop6: detected capacity change from 0 to 1024
[  259.833055][T22815] pim6reg: entered allmulticast mode
[  259.847220][T22815] pim6reg: left allmulticast mode
[  259.941310][   T29] kauditd_printk_skb: 222 callbacks suppressed
[  259.941323][   T29] audit: type=1326 audit(2000000613.723:9498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22818 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  259.971122][   T29] audit: type=1326 audit(2000000613.723:9499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22818 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  260.041031][   T29] audit: type=1326 audit(2000000613.723:9500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22820 comm="syz.0.8200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01f312ebe9 code=0x7ffc0000
[  260.064669][   T29] audit: type=1326 audit(2000000613.723:9501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22820 comm="syz.0.8200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01f312ebe9 code=0x7ffc0000
[  260.088210][   T29] audit: type=1326 audit(2000000613.723:9502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22820 comm="syz.0.8200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7f01f312ebe9 code=0x7ffc0000
[  260.111895][   T29] audit: type=1326 audit(2000000613.723:9503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22820 comm="syz.0.8200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01f312ebe9 code=0x7ffc0000
[  260.135798][   T29] audit: type=1326 audit(2000000613.723:9504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22820 comm="syz.0.8200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01f312ebe9 code=0x7ffc0000
[  260.159475][   T29] audit: type=1326 audit(2000000613.763:9505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22818 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  260.182936][   T29] audit: type=1326 audit(2000000613.763:9506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22818 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  260.197784][T22825] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.206548][   T29] audit: type=1326 audit(2000000613.763:9507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22818 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  260.227769][T22825] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.323342][T22845] pim6reg: entered allmulticast mode
[  260.332288][T22848] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8210'.
[  260.341976][T22845] pim6reg: left allmulticast mode
[  260.353059][T22852] loop6: detected capacity change from 0 to 512
[  260.370992][T22852] ext4 filesystem being mounted at /138/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.432724][T22864] loop6: detected capacity change from 0 to 512
[  260.440552][T22864] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.8219: corrupted in-inode xattr: bad e_name length
[  260.454939][T22864] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.8219: couldn't read orphan inode 15 (err -117)
[  260.477111][T22864] EXT4-fs warning (device loop6): dx_probe:861: inode #2: comm syz.6.8219: dx entry: limit 0 != root limit 125
[  260.488983][T22864] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.8219: Corrupt directory, running e2fsck is recommended
[  260.491613][T22868] cgroup: cgroup_addrm_files: failed to add weight, err=-12
[  260.510833][T22864] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 3: comm syz.6.8219: path /140/file7: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  260.562006][T22872] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.579784][T22872] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.590329][T22877] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22877 comm=syz.7.8222
[  260.697880][T22894] loop6: detected capacity change from 0 to 128
[  260.701478][T22896] loop7: detected capacity change from 0 to 512
[  260.704727][T22894] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  260.722579][T22894] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  260.739691][T22896] ext4 filesystem being mounted at /321/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.771782][ T5308] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  260.792327][T22901] binfmt_misc: register: failed to install interpreter file ./file2
[  260.873323][T22915] loop3: detected capacity change from 0 to 512
[  260.881181][T22915] EXT4-fs: Ignoring removed orlov option
[  260.886931][T22913] veth3: entered promiscuous mode
[  260.924233][T22915] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  260.934761][T22915] EXT4-fs (loop3): orphan cleanup on readonly fs
[  260.949584][T22915] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.8239: bg 0: block 248: padding at end of block bitmap is not set
[  260.964353][T22915] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.8239: Failed to acquire dquot type 1
[  260.977565][T22915] EXT4-fs (loop3): 1 truncate cleaned up
[  260.988556][T22921] hub 2-0:1.0: USB hub found
[  260.993498][T22921] hub 2-0:1.0: 8 ports detected
[  260.997448][T22915] EXT4-fs: Ignoring removed orlov option
[  261.004187][T22915] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  261.013055][T22915] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  261.031241][T22915] EXT4-fs error (device loop3): __ext4_remount:6740: comm syz.3.8239: Abort forced by user
[  261.041677][T22926] loop7: detected capacity change from 0 to 128
[  261.044495][T22915] EXT4-fs (loop3): Remounting filesystem read-only
[  261.053656][T22926] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  261.054560][T22915] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  261.067097][T22926] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  261.085019][T22915] ext4 filesystem being remounted at /349/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  261.140302][ T5281] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  261.163670][T22932] loop2: detected capacity change from 0 to 512
[  261.177768][T22936] loop3: detected capacity change from 0 to 512
[  261.186595][T22936] EXT4-fs: Ignoring removed orlov option
[  261.192738][T22936] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  261.194104][T22932] ext4 filesystem being mounted at /300/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.216792][T22936] EXT4-fs (loop3): orphan cleanup on readonly fs
[  261.230607][T22936] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.8256: bg 0: block 248: padding at end of block bitmap is not set
[  261.260388][T22936] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.8256: Failed to acquire dquot type 1
[  261.299598][T22936] EXT4-fs (loop3): 1 truncate cleaned up
[  261.332030][T22936] EXT4-fs: Ignoring removed orlov option
[  261.351080][T22936] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  261.371035][T22936] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  261.385620][T22950] veth3: entered promiscuous mode
[  261.395789][T22936] EXT4-fs error (device loop3): __ext4_remount:6740: comm syz.3.8256: Abort forced by user
[  261.415715][T22936] EXT4-fs (loop3): Remounting filesystem read-only
[  261.422270][T22936] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  261.435747][T22936] ext4 filesystem being remounted at /350/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  261.518121][T22967] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.531208][T22967] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.537234][T22965] hub 2-0:1.0: USB hub found
[  261.543666][T22965] hub 2-0:1.0: 8 ports detected
[  261.573103][T22972] loop0: detected capacity change from 0 to 512
[  261.608894][T22972] ext4 filesystem being mounted at /299/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.658773][T22983] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8266'.
[  261.686799][T22991] loop0: detected capacity change from 0 to 512
[  261.693441][T22991] EXT4-fs: Ignoring removed orlov option
[  261.700371][T22991] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  261.710430][T22991] EXT4-fs (loop0): orphan cleanup on readonly fs
[  261.713720][T22989] hub 2-0:1.0: USB hub found
[  261.717250][T22991] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8269: bg 0: block 248: padding at end of block bitmap is not set
[  261.721782][T22989] hub 2-0:1.0: 8 ports detected
[  261.736502][T22991] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.8269: Failed to acquire dquot type 1
[  261.752726][T22991] EXT4-fs (loop0): 1 truncate cleaned up
[  261.774097][T22991] EXT4-fs: Ignoring removed orlov option
[  261.786502][T22991] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  261.795851][T22991] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  261.816817][T22991] EXT4-fs error (device loop0): __ext4_remount:6740: comm syz.0.8269: Abort forced by user
[  261.842575][T22991] EXT4-fs (loop0): Remounting filesystem read-only
[  261.849202][T22991] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  261.858891][T22991] ext4 filesystem being remounted at /301/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  261.894208][T23000] veth3: entered promiscuous mode
[  262.108634][T23010] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  262.115235][T23010] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  262.122895][T23010] vhci_hcd vhci_hcd.0: Device attached
[  262.164906][T23010] loop6: detected capacity change from 0 to 512
[  262.204743][T23010] EXT4-fs warning (device loop6): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  262.223667][T23010] EXT4-fs (loop6): mount failed
[  262.231391][T23016] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8287'.
[  262.241658][T23011] vhci_hcd: connection closed
[  262.241754][ T5310] vhci_hcd: stop threads
[  262.250782][ T5310] vhci_hcd: release socket
[  262.255249][ T5310] vhci_hcd: disconnect device
[  262.272462][T23016] bond0: (slave wireguard0): The slave device specified does not support setting the MAC address
[  262.288111][T23016] bond0: (slave wireguard0): Error -95 calling set_mac_address
[  262.305041][T23022] loop7: detected capacity change from 0 to 512
[  262.330234][T23022] ext4 filesystem being mounted at /327/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.400980][T23030] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8280'.
[  262.448165][T23036] netlink: 'syz.7.8282': attribute type 10 has an invalid length.
[  262.459442][T23036] team0: Device hsr_slave_0 failed to register rx_handler
[  262.608886][T23039] loop3: detected capacity change from 0 to 128
[  262.615617][T23039] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  262.631325][T23043] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.636826][T23039] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  262.640051][T23043] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.691075][ T5280] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  262.713413][T23048] loop3: detected capacity change from 0 to 128
[  262.722497][T23048] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  262.736588][T23048] SELinux: security_context_str_to_sid (��$i����qr���埋A�?U��<{ט'�5?}}�w�����z�-&�ד\k�O����wv7�����c����?5��'��Qo�ٝ����sm��S��z���=��g�ʯc�) failed with errno=-22
[  262.779124][T23052] loop6: detected capacity change from 0 to 512
[  262.796128][T23052] EXT4-fs (loop6): orphan cleanup on readonly fs
[  262.809278][T23052] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.8289: bad orphan inode 13
[  262.820162][T23052] ext4_test_bit(bit=12, block=18) = 1
[  262.825608][T23052] is_bad_inode(inode)=0
[  262.830071][T23052] NEXT_ORPHAN(inode)=2130706432
[  262.835090][T23052] max_ino=32
[  262.838328][T23052] i_nlink=1
[  262.846140][T23052] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  262.865642][T23052] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  262.931067][T23070] loop6: detected capacity change from 0 to 256
[  262.939515][T23070] msdos: Bad value for 'uid'
[  262.944157][T23070] msdos: Bad value for 'uid'
[  262.965825][T23073] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  262.967180][T23072] IPVS: stopping master sync thread 23073 ...
[  263.046952][T23085] loop2: detected capacity change from 0 to 512
[  263.056450][T23085] EXT4-fs (loop2): orphan cleanup on readonly fs
[  263.063130][T23085] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.8305: bad orphan inode 13
[  263.074235][T23085] ext4_test_bit(bit=12, block=18) = 1
[  263.079760][T23085] is_bad_inode(inode)=0
[  263.083956][T23085] NEXT_ORPHAN(inode)=2130706432
[  263.088875][T23085] max_ino=32
[  263.092108][T23085] i_nlink=1
[  263.098799][T23085] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  263.118223][T23085] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  263.183652][T23101] loop3: detected capacity change from 0 to 256
[  263.191803][T23101] msdos: Bad value for 'uid'
[  263.196543][T23101] msdos: Bad value for 'uid'
[  263.202917][T23104] IPVS: stopping master sync thread 23106 ...
[  263.203854][T23106] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  263.259374][T23113] loop2: detected capacity change from 0 to 512
[  263.267801][T23113] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  263.278353][T15084] hid-generic 0000:0000:0000.0013: unknown main item tag 0x1
[  263.285849][T15084] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  263.288257][T23113] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  263.293244][T15084] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  263.308556][T15084] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  263.315588][T23113] System zones: 1-12
[  263.315998][T15084] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  263.335429][T15084] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  263.343010][T15084] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  263.350578][T15084] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  263.357987][T15084] hid-generic 0000:0000:0000.0013: unknown main item tag 0x2
[  263.365904][T15084] hid-generic 0000:0000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  263.367889][T23113] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.8317: corrupted in-inode xattr: e_value size too large
[  263.396265][T23113] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.8317: couldn't read orphan inode 15 (err -117)
[  263.456626][T23123] __nla_validate_parse: 2 callbacks suppressed
[  263.456640][T23123] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8322'.
[  263.483466][T23127] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8323'.
[  263.547311][T23135] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8328'.
[  263.560371][T23137] loop7: detected capacity change from 0 to 256
[  263.586622][T23137] msdos: Bad value for 'uid'
[  263.591255][T23137] msdos: Bad value for 'uid'
[  263.677336][T23158] loop7: detected capacity change from 0 to 512
[  263.695275][T23158] EXT4-fs warning (device loop7): ext4_multi_mount_protect:332: MMP startup interrupted, failing mount
[  263.695275][T23158] 
[  263.770584][T23180] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  263.777123][T23180] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  263.784772][T23180] vhci_hcd vhci_hcd.0: Device attached
[  263.809435][T23180] loop3: detected capacity change from 0 to 512
[  263.826609][T23180] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  263.843034][T23180] EXT4-fs (loop3): mount failed
[  263.860065][T23182] vhci_hcd: connection closed
[  263.860349][ T5310] vhci_hcd: stop threads
[  263.869347][ T5310] vhci_hcd: release socket
[  263.873749][ T5310] vhci_hcd: disconnect device
[  263.902630][T23198] siw: device registration error -23
[  263.987324][T23213] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23213 comm=syz.0.8359
[  264.754579][T23223] loop6: detected capacity change from 0 to 512
[  264.781516][T23223] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  264.805497][T23223] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  264.813711][T23223] System zones: 1-12
[  264.818277][T23223] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.8366: corrupted in-inode xattr: e_value size too large
[  264.833050][T23223] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.8366: couldn't read orphan inode 15 (err -117)
[  264.905661][T23243] Falling back ldisc for ttyS3.
[  264.950568][   T29] kauditd_printk_skb: 255 callbacks suppressed
[  264.950580][   T29] audit: type=1326 audit(2000000618.733:9755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23234 comm="syz.7.8368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  264.994464][   T29] audit: type=1326 audit(2000000618.773:9756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23231 comm="syz.7.8368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe467feadb9 code=0x7ffc0000
[  265.017941][   T29] audit: type=1326 audit(2000000618.773:9757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23231 comm="syz.7.8368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  265.041472][   T29] audit: type=1326 audit(2000000618.773:9758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23231 comm="syz.7.8368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46804ebe9 code=0x7ffc0000
[  265.089173][   T29] audit: type=1326 audit(2000000618.873:9759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23260 comm="syz.2.8382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  265.131569][   T29] audit: type=1326 audit(2000000618.873:9760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23260 comm="syz.2.8382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  265.155187][   T29] audit: type=1326 audit(2000000618.873:9761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23260 comm="syz.2.8382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  265.175912][T23265] SELinux: failed to load policy
[  265.178830][   T29] audit: type=1326 audit(2000000618.873:9762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23260 comm="syz.2.8382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  265.207229][   T29] audit: type=1326 audit(2000000618.873:9763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23260 comm="syz.2.8382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  265.230723][   T29] audit: type=1326 audit(2000000618.873:9764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23260 comm="syz.2.8382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a5b3ebe9 code=0x7ffc0000
[  265.264321][T23270] loop7: detected capacity change from 0 to 512
[  265.287813][T23270] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  265.304766][T23270] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  265.314879][T23281] SELinux:  policydb version -821099834 does not match my version range 15-35
[  265.324032][T23270] System zones: 1-12
[  265.328657][T23281] SELinux: failed to load policy
[  265.329645][T23270] EXT4-fs error (device loop7): ext4_iget_extra_inode:5104: inode #15: comm syz.7.8387: corrupted in-inode xattr: e_value size too large
[  265.365198][T23270] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.8387: couldn't read orphan inode 15 (err -117)
[  265.414942][T23288] loop0: detected capacity change from 0 to 8192
[  265.506409][T23301] vhci_hcd: invalid port number 224
[  265.521307][T23313] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  265.527865][T23313] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  265.535593][T23313] vhci_hcd vhci_hcd.0: Device attached
[  265.547596][T23313] loop2: detected capacity change from 0 to 512
[  265.567222][T23320] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23320 comm=syz.3.8410
[  265.581260][T23313] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  265.597957][T23313] EXT4-fs (loop2): mount failed
[  265.606419][T23327] loop7: detected capacity change from 0 to 512
[  265.616639][T23314] vhci_hcd: connection closed
[  265.616774][ T5280] vhci_hcd: stop threads
[  265.617443][T23327] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  265.621472][ T5280] vhci_hcd: release socket
[  265.621481][ T5280] vhci_hcd: disconnect device
[  265.627245][T23327] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  265.655755][T23327] System zones: 1-12
[  265.659947][T23327] EXT4-fs error (device loop7): ext4_iget_extra_inode:5104: inode #15: comm syz.7.8413: corrupted in-inode xattr: e_value size too large
[  265.675838][T23327] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.8413: couldn't read orphan inode 15 (err -117)
[  265.688531][T23328] loop0: detected capacity change from 0 to 512
[  265.726427][T23328] ext4 filesystem being mounted at /328/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.807092][T23349] vhci_hcd: invalid port number 224
[  265.825092][T23360] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8426'.
[  265.834693][T23360] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8426'.
[  265.960300][T23382] netlink: 'syz.3.8435': attribute type 10 has an invalid length.
[  265.969503][T23382] .`: (slave dummy0): Releasing backup interface
[  265.978444][T23382] team0: Port device dummy0 added
[  265.985449][T23382] netlink: 'syz.3.8435': attribute type 10 has an invalid length.
[  265.995132][T23382] team0: Port device dummy0 removed
[  266.002283][T23382] .`: (slave dummy0): Enslaving as an active interface with an up link
[  266.047368][T23386] vhci_hcd: invalid port number 224
[  266.068552][T23390] wg2: entered promiscuous mode
[  266.073468][T23390] wg2: entered allmulticast mode
[  266.086198][T23394] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8441'.
[  266.095959][T23394] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8441'.
[  266.147086][T23398] loop3: detected capacity change from 0 to 8192
[  266.209718][T23406] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23406 comm=syz.2.8447
[  266.292629][T23422] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3)
[  266.299154][T23422] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  266.306844][T23422] vhci_hcd vhci_hcd.0: Device attached
[  266.315587][T23418] Falling back ldisc for ttyS3.
[  266.320771][T23422] loop7: detected capacity change from 0 to 512
[  266.338818][T23422] EXT4-fs warning (device loop7): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  266.353881][T23422] EXT4-fs (loop7): mount failed
[  266.367751][T23423] vhci_hcd: connection closed
[  266.367805][ T5325] vhci_hcd: stop threads
[  266.376818][ T5325] vhci_hcd: release socket
[  266.381214][ T5325] vhci_hcd: disconnect device
[  266.401442][T23433] SELinux:  policydb version -821099834 does not match my version range 15-35
[  266.410608][T23433] SELinux: failed to load policy
[  266.640597][T23442] macvtap0: refused to change device tx_queue_len
[  266.667673][T23446] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8463'.
[  266.676779][T23446] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8463'.
[  266.685874][T23446] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8463'.
[  266.695705][T23446] netlink: 'syz.2.8463': attribute type 6 has an invalid length.
[  266.968821][T23480] macvtap0: refused to change device tx_queue_len
[  266.987331][T23485] wg2: entered promiscuous mode
[  266.992231][T23485] wg2: entered allmulticast mode
[  267.043759][T23497] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  267.043759][T23497]    program syz.2.8485 not setting count and/or reply_len properly
[  267.094523][T23504] netlink: 'syz.2.8488': attribute type 10 has an invalid length.
[  267.102752][T23504] $H�: (slave dummy0): Releasing backup interface
[  267.102958][T23504] dummy0: left promiscuous mode
[  267.116709][T23504] team0: Port device dummy0 added
[  267.129411][T23504] netlink: 'syz.2.8488': attribute type 10 has an invalid length.
[  267.148262][T23504] team0: Port device dummy0 removed
[  267.155946][T23504] dummy0: entered promiscuous mode
[  267.161360][T23504] $H�: (slave dummy0): Enslaving as an active interface with an up link
[  267.367172][T23514] macvtap0: refused to change device tx_queue_len
[  267.547647][T23527] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  267.547647][T23527]    program syz.3.8497 not setting count and/or reply_len properly
[  267.593639][T23532] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  267.622926][T23537] 0�X���: renamed from caif0
[  267.631658][T23537] 0�X���: entered allmulticast mode
[  267.637048][T23537] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  267.692896][T23545] siw: device registration error -23
[  267.747171][T23551] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  267.756311][T23551] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  267.836394][T23565] 0�X���: renamed from caif0
[  267.847151][T23567] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3)
[  267.853697][T23567] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  267.861295][T23567] vhci_hcd vhci_hcd.0: Device attached
[  267.861283][T23565] 0�X���: entered allmulticast mode
[  267.871992][T23565] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  267.876126][T23567] loop7: detected capacity change from 0 to 512
[  267.907277][T23567] EXT4-fs warning (device loop7): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  267.923130][T23567] EXT4-fs (loop7): mount failed
[  267.940327][T23568] vhci_hcd: connection closed
[  267.940454][T23573] SELinux: failed to load policy
[  267.950211][ T5325] vhci_hcd: stop threads
[  267.954469][ T5325] vhci_hcd: release socket
[  267.958951][ T5325] vhci_hcd: disconnect device
[  268.037065][T23596] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 1
[  268.102500][T23607] SELinux: failed to load policy
[  268.206159][T23627] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  268.250921][T23631] loop0: detected capacity change from 0 to 512
[  268.258049][T23631] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  268.269014][T23631] EXT4-fs (loop0): 1 truncate cleaned up
[  268.367817][T23639] 9pnet_fd: Insufficient options for proto=fd
[  268.371823][T23617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  268.385592][T23641] IPv6: Can't replace route, no match found
[  268.387427][T23617] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.437127][T23645] netlink: 'syz.3.8553': attribute type 6 has an invalid length.
[  268.509492][T23660] netlink: 'syz.7.8559': attribute type 10 has an invalid length.
[  268.540618][T23660] team0: Port device dummy0 added
[  268.552405][T23660] netlink: 'syz.7.8559': attribute type 10 has an invalid length.
[  268.564255][T23660] team0: Port device dummy0 removed
[  268.571834][T23669] loop3: detected capacity change from 0 to 128
[  268.579545][T23660] .`: (slave dummy0): Enslaving as an active interface with an up link
[  268.800467][T23701] loop3: detected capacity change from 0 to 512
[  268.807465][T23701] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  268.819659][T23701] EXT4-fs (loop3): 1 truncate cleaned up
[  268.843973][T23707] 9pnet_fd: Insufficient options for proto=fd
[  268.906704][T23711] netlink: 'syz.3.8582': attribute type 3 has an invalid length.
[  268.925824][T23713] __nla_validate_parse: 9 callbacks suppressed
[  268.925856][T23713] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8581'.
[  268.941089][T23713] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8581'.
[  268.974615][T23718] lo speed is unknown, defaulting to 1000
[  268.990754][T23723] loop2: detected capacity change from 0 to 512
[  268.997954][T23723] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  269.019158][T23723] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.8588: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  269.040284][T23723] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.8588: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  269.061893][T23723] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.8588: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  269.085046][T23723] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 14: comm syz.2.8588: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  269.107221][T23723] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 15: comm syz.2.8588: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  269.132496][T23723] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz.2.8588: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  269.155376][T23723] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 17: comm syz.2.8588: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  269.177940][T23723] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 18: comm syz.2.8588: lblock 23 mapped to illegal pblock 18 (length 1)
[  269.196775][T23723] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 19: comm syz.2.8588: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  269.232518][T23723] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 20: comm syz.2.8588: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  269.371971][T23741] loop6: detected capacity change from 0 to 512
[  269.379944][T23741] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  269.393927][T23741] EXT4-fs (loop6): 1 truncate cleaned up
[  269.514906][T23751] loop7: detected capacity change from 0 to 1024
[  269.523120][T23751] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  269.534049][T23751] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  269.547745][T23751] JBD2: no valid journal superblock found
[  269.553589][T23751] EXT4-fs (loop7): Could not load journal inode
[  269.599284][T23757] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  269.610462][T23757] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  269.848282][T23769] netlink: 36 bytes leftover after parsing attributes in process `syz.0.8607'.
[  269.863831][T19354] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  269.920792][T23777] lo speed is unknown, defaulting to 1000
[  269.959800][T23785] loop0: detected capacity change from 0 to 2048
[  269.967353][   T29] kauditd_printk_skb: 156 callbacks suppressed
[  269.967366][   T29] audit: type=1400 audit(2000000623.753:9918): avc:  denied  { read write } for  pid=21016 comm="syz-executor" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  269.997990][   T29] audit: type=1400 audit(2000000623.753:9919): avc:  denied  { open } for  pid=21016 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  270.027430][   T29] audit: type=1400 audit(2000000623.753:9920): avc:  denied  { mounton } for  pid=23784 comm="syz.0.8615" path="/362/file0" dev="tmpfs" ino=1882 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  270.050211][   T29] audit: type=1400 audit(2000000623.763:9921): avc:  denied  { ioctl } for  pid=21016 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  270.095274][   T29] audit: type=1400 audit(2000000623.873:9922): avc:  denied  { mount } for  pid=23784 comm="syz.0.8615" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  270.100547][T23793] lo speed is unknown, defaulting to 1000
[  270.126241][T23792] loop6: detected capacity change from 0 to 164
[  270.140927][T23792] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  270.154573][T23785] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.8615: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  270.172456][   T29] audit: type=1400 audit(2000000623.933:9923): avc:  denied  { open } for  pid=23784 comm="syz.0.8615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  270.191957][   T29] audit: type=1400 audit(2000000623.933:9924): avc:  denied  { kernel } for  pid=23784 comm="syz.0.8615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  270.216691][T23792] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  270.239559][T23792] Symlink component flag not implemented
[  270.245337][T23792] Symlink component flag not implemented
[  270.252408][T23785] EXT4-fs (loop0): Remounting filesystem read-only
[  270.256441][T23792] Symlink component flag not implemented (7)
[  270.259066][   T29] audit: type=1400 audit(2000000624.003:9925): avc:  denied  { mount } for  pid=23790 comm="syz.6.8617" name="/" dev="loop6" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  270.264927][T23792] Symlink component flag not implemented (116)
[  270.284746][T23793] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8618'.
[  270.287370][   T29] audit: type=1400 audit(2000000624.003:9926): avc:  denied  { name_bind } for  pid=23795 comm="syz.2.8619" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  270.323746][   T29] audit: type=1400 audit(2000000624.003:9927): avc:  denied  { node_bind } for  pid=23795 comm="syz.2.8619" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  270.383977][T23808] loop6: detected capacity change from 0 to 128
[  270.461062][T23824] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8632'.
[  270.470023][T23824] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8632'.
[  270.775347][T23853] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8645'.
[  270.784310][T23853] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8645'.
[  270.784543][T23850] loop2: detected capacity change from 0 to 512
[  270.804405][T23850] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  270.819361][T23850] EXT4-fs (loop2): 1 truncate cleaned up
[  270.854657][T23863] loop6: detected capacity change from 0 to 512
[  270.870248][T23863] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  270.897102][T23863] EXT4-fs (loop6): 1 truncate cleaned up
[  271.233959][T23899] loop7: detected capacity change from 0 to 512
[  271.242624][T23899] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  271.272229][T23899] EXT4-fs (loop7): 1 truncate cleaned up
[  271.337782][T23908] netlink: 'syz.0.8670': attribute type 1 has an invalid length.
[  271.345585][T23908] netlink: 'syz.0.8670': attribute type 4 has an invalid length.
[  271.353314][T23908] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.8670'.
[  271.511541][T23926] loop0: detected capacity change from 0 to 1024
[  271.527729][T23926] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  271.538780][T23926] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  271.567276][T23926] JBD2: no valid journal superblock found
[  271.573104][T23926] EXT4-fs (loop0): Could not load journal inode
[  271.582092][T23926] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  271.615267][T23928] netlink: 80 bytes leftover after parsing attributes in process `syz.3.8680'.
[  271.837991][T23956] lo speed is unknown, defaulting to 1000
[  271.932264][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  272.133624][T23970] loop7: detected capacity change from 0 to 32768
[  272.190273][T23986] netlink: 'syz.6.8706': attribute type 1 has an invalid length.
[  272.198095][T23986] netlink: 'syz.6.8706': attribute type 4 has an invalid length.
[  272.280005][T24001] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  272.493092][T24002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.506300][T24002] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.042904][T24041] loop7: detected capacity change from 0 to 1024
[  273.066863][T24041] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.8741: Allocating blocks 497-513 which overlap fs metadata
[  273.082367][T24041] EXT4-fs (loop7): pa ffff888107184e00: logic 256, phys. 369, len 9
[  273.090519][T24041] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  273.207802][T24063] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  273.207802][T24063]    program syz.3.8739 not setting count and/or reply_len properly
[  273.259525][T24067] loop3: detected capacity change from 0 to 128
[  273.630205][T24093] loop2: detected capacity change from 0 to 1024
[  273.652804][T24093] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  273.663863][T24093] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  273.696081][T24093] JBD2: no valid journal superblock found
[  273.701861][T24093] EXT4-fs (loop2): Could not load journal inode
[  273.759321][T24093] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  273.841063][T24101] loop2: detected capacity change from 0 to 256
[  273.867277][T24104] lo speed is unknown, defaulting to 1000
[  273.989030][T24115] batadv_slave_0: entered promiscuous mode
[  274.006434][T24114] batadv_slave_0: left promiscuous mode
[  274.113112][T24104] __nla_validate_parse: 3 callbacks suppressed
[  274.113135][T24104] netlink: 24 bytes leftover after parsing attributes in process `syz.7.8759'.
[  274.152463][ T5289] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.174549][T24122] program syz.2.8767 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  274.198953][ T5289] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.264059][ T5289] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.322396][T24141] batadv_slave_0: entered promiscuous mode
[  274.337375][ T5289] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.352044][T24140] batadv_slave_0: left promiscuous mode
[  274.556180][ T5289] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  274.575848][ T5289] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  274.613724][ T5289] .` (unregistering): (slave dummy0): Releasing backup interface
[  274.633901][ T5289] .` (unregistering): Released all slaves
[  274.679652][ T5289] hsr_slave_0: left promiscuous mode
[  274.680340][T24132] loop2: detected capacity change from 0 to 32768
[  274.691570][ T5289] hsr_slave_1: left promiscuous mode
[  274.700802][ T5289] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  274.708261][ T5289] batman_adv: batadv0: Removing interface: batadv_slave_0
[  274.733028][ T5289] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  274.740586][ T5289] batman_adv: batadv0: Removing interface: batadv_slave_1
[  274.763573][T24132]  loop2: p1 p3 < >
[  274.817780][T24173] loop7: detected capacity change from 0 to 512
[  274.846770][T24173] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  274.865481][ T5289] team0 (unregistering): Port device team_slave_1 removed
[  274.874115][T24173] EXT4-fs (loop7): 1 truncate cleaned up
[  274.883450][ T5289] team0 (unregistering): Port device team_slave_0 removed
[  274.891032][T24173] EXT4-fs mount: 72 callbacks suppressed
[  274.891048][T24173] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.951317][T24174] pim6reg: entered allmulticast mode
[  274.970209][T24178] pim6reg: left allmulticast mode
[  274.970203][ T3384] lo speed is unknown, defaulting to 1000
[  274.981013][ T3384] infiniband syz2: ib_query_port failed (-19)
[  275.052117][T24186] netlink: 48 bytes leftover after parsing attributes in process `syz.2.8799'.
[  275.126289][T24138] chnl_net:caif_netlink_parms(): no params data found
[  275.163843][T24138] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.171037][T24138] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.179705][T24138] bridge_slave_0: entered allmulticast mode
[  275.186589][T24138] bridge_slave_0: entered promiscuous mode
[  275.193519][T24138] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.200657][T24138] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.207880][T24138] bridge_slave_1: entered allmulticast mode
[  275.214365][T24138] bridge_slave_1: entered promiscuous mode
[  275.231917][T24138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  275.242329][ T5289] IPVS: stop unused estimator thread 0...
[  275.249465][T24138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  275.272554][T24138] team0: Port device team_slave_0 added
[  275.279598][T24138] team0: Port device team_slave_1 added
[  275.298602][T24138] batman_adv: batadv0: Adding interface: batadv_slave_0
[  275.305611][T24138] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.331579][T24138] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  275.342910][T24138] batman_adv: batadv0: Adding interface: batadv_slave_1
[  275.349916][T24138] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.375909][T24138] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  275.416576][T24138] hsr_slave_0: entered promiscuous mode
[  275.422814][T24138] hsr_slave_1: entered promiscuous mode
[  275.430047][T24138] debugfs: 'hsr0' already exists in 'hsr'
[  275.435835][T24138] Cannot create hsr debugfs directory
[  275.699806][T19146] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.754417][T24138] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  275.786516][T24138] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  275.795544][   T29] kauditd_printk_skb: 171 callbacks suppressed
[  275.795557][   T29] audit: type=1400 audit(2000000629.583:10099): avc:  denied  { read } for  pid=24203 comm="syz.6.8795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  275.823055][T24138] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  275.843245][T24138] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  275.860322][T24138] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.867435][T24138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  275.874686][T24138] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.881775][T24138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  275.912415][T24138] 8021q: adding VLAN 0 to HW filter on device bond0
[  275.920070][T24222] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8802'.
[  275.923708][T24138] 8021q: adding VLAN 0 to HW filter on device team0
[  275.939772][ T5280] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.953652][ T5280] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.960812][ T5280] bridge0: port 2(bridge_slave_1) entered forwarding state
[  275.988469][T24226] random: crng reseeded on system resumption
[  275.997212][   T29] audit: type=1400 audit(2000000629.773:10100): avc:  denied  { write } for  pid=24224 comm="syz.0.8804" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  276.008301][T24138] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  276.020569][   T29] audit: type=1400 audit(2000000629.773:10101): avc:  denied  { open } for  pid=24224 comm="syz.0.8804" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  276.054688][   T29] audit: type=1400 audit(2000000629.783:10102): avc:  denied  { firmware_load } for  pid=5325 comm="kworker/u8:64" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  276.078232][T24138] 8021q: adding VLAN 0 to HW filter on device batadv0
[  276.080042][   T29] audit: type=1400 audit(2000000629.783:10103): avc:  denied  { execute } for  pid=24223 comm="syz.7.8803" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=85970 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  276.143667][T24240] loop2: detected capacity change from 0 to 512
[  276.161057][T24240] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  276.181202][T24240] EXT4-fs (loop2): 1 truncate cleaned up
[  276.191308][T24240] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.207646][   T29] audit: type=1400 audit(2000000629.993:10104): avc:  denied  { mount } for  pid=24237 comm="syz.2.8806" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  276.229689][   T29] audit: type=1400 audit(2000000629.993:10105): avc:  denied  { write } for  pid=24238 comm="syz.7.8807" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  276.255457][T24138] veth0_vlan: entered promiscuous mode
[  276.271470][T24138] veth1_vlan: entered promiscuous mode
[  276.294231][T24138] veth0_macvtap: entered promiscuous mode
[  276.342200][T24138] veth1_macvtap: entered promiscuous mode
[  276.360288][T24138] batman_adv: batadv0: Interface activated: batadv_slave_0
[  276.368335][   T29] audit: type=1400 audit(2000000629.993:10106): avc:  denied  { read write } for  pid=24237 comm="syz.2.8806" name="loop2" dev="devtmpfs" ino=571 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  276.391673][   T29] audit: type=1400 audit(2000000629.993:10107): avc:  denied  { open } for  pid=24237 comm="syz.2.8806" path="/dev/loop2" dev="devtmpfs" ino=571 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  276.396966][T24138] batman_adv: batadv0: Interface activated: batadv_slave_1
[  276.415242][   T29] audit: type=1400 audit(2000000630.003:10108): avc:  denied  { add_name } for  pid=24237 comm="syz.2.8806" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  276.445635][ T5308] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  276.468466][ T5308] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  276.498097][T24260] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8814'.
[  276.509189][ T5289] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  276.531696][ T5289] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  276.798319][T24269] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  276.818158][T24269] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.868543][T24294] SELinux:  policydb version -25284851 does not match my version range 15-35
[  276.885281][T24294] SELinux: failed to load policy
[  277.055504][T24312] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=24312 comm=syz.0.8837
[  277.068209][T24312] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=24312 comm=syz.0.8837
[  277.087689][T19354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.140137][T24318] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8840'.
[  277.167893][T24318] IPVS: Unknown mcast interface: ipvlan1
[  277.178152][T24322] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8843'.
[  277.178880][T24324] loop6: detected capacity change from 0 to 1024
[  277.197579][T24322] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8843'.
[  277.213066][T24324] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.228409][T24324] ext4 filesystem being mounted at /272/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  277.242800][T24335] loop2: detected capacity change from 0 to 512
[  277.252809][T24335] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  277.268531][T21016] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.282572][T24335] EXT4-fs (loop2): 1 truncate cleaned up
[  277.295745][T24335] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  277.382575][T24347] openvswitch: netlink: Message has 6 unknown bytes.
[  277.398357][T19354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.422907][T24351] smc: net device bond0 applied user defined pnetid SYZ0
[  277.441114][T24353] loop6: detected capacity change from 0 to 1024
[  277.448745][T24351] smc: net device bond0 erased user defined pnetid SYZ0
[  277.456924][T24353] EXT4-fs: Ignoring removed bh option
[  277.462333][T24353] EXT4-fs: Ignoring removed mblk_io_submit option
[  277.480481][T24353] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  277.508796][T24353] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.577332][T21016] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.610400][T24380] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8867'.
[  277.646472][T24380] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8867'.
[  277.659152][T24388] netlink: 'syz.7.8872': attribute type 16 has an invalid length.
[  277.667099][T24388] netlink: 156 bytes leftover after parsing attributes in process `syz.7.8872'.
[  277.715022][T24395] pim6reg: entered allmulticast mode
[  277.739730][T24395] pim6reg: left allmulticast mode
[  277.755626][T24404] loop7: detected capacity change from 0 to 1024
[  277.772388][T24404] EXT4-fs: Ignoring removed nomblk_io_submit option
[  277.806933][T24404] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.853274][T19146] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.994804][T24451] loop2: detected capacity change from 0 to 128
[  278.007403][T24451] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  278.073074][T24451] bio_check_eod: 214 callbacks suppressed
[  278.073088][T24451] syz.2.8901: attempt to access beyond end of device
[  278.073088][T24451] loop2: rw=0, sector=97, nr_sectors = 944 limit=128
[  278.105079][ T5310] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  278.155010][T24466] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  278.222563][T24474] random: crng reseeded on system resumption
[  278.420754][T24512] netlink: 'syz.6.8931': attribute type 21 has an invalid length.
[  278.487826][T24523] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  278.565804][T24537] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=24537 comm=syz.6.8942
[  278.578387][T24537] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=24537 comm=syz.6.8942
[  278.675879][T24554] loop2: detected capacity change from 0 to 2048
[  278.701178][T24551] SELinux: failed to load policy
[  278.701301][T24554]  loop2: p1 < > p4
[  278.723898][T24554] loop2: p4 size 8388608 extends beyond EOD, truncated
[  278.860776][T24582] loop7: detected capacity change from 0 to 8192
[  279.060882][T24619] loop2: detected capacity change from 0 to 1024
[  279.069287][T24619] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  279.080302][T24619] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  279.103199][T24619] JBD2: no valid journal superblock found
[  279.109012][T24619] EXT4-fs (loop2): Could not load journal inode
[  279.127173][T24619] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  279.154672][T24623] ==================================================================
[  279.162870][T24623] BUG: KCSAN: data-race in shmem_file_splice_read / shmem_file_splice_read
[  279.171463][T24623] 
[  279.173783][T24623] write to 0xffff8881206c1828 of 8 bytes by task 24628 on cpu 1:
[  279.181484][T24623]  shmem_file_splice_read+0x470/0x600
[  279.186879][T24623]  splice_direct_to_actor+0x26c/0x680
[  279.192251][T24623]  do_splice_direct+0xda/0x150
[  279.197012][T24623]  do_sendfile+0x380/0x650
[  279.201429][T24623]  __x64_sys_sendfile64+0x105/0x150
[  279.206626][T24623]  x64_sys_call+0x2bb0/0x2ff0
[  279.211305][T24623]  do_syscall_64+0xd2/0x200
[  279.215822][T24623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.221718][T24623] 
[  279.224037][T24623] write to 0xffff8881206c1828 of 8 bytes by task 24623 on cpu 0:
[  279.231746][T24623]  shmem_file_splice_read+0x470/0x600
[  279.237139][T24623]  splice_direct_to_actor+0x26c/0x680
[  279.242512][T24623]  do_splice_direct+0xda/0x150
[  279.247270][T24623]  do_sendfile+0x380/0x650
[  279.251683][T24623]  __x64_sys_sendfile64+0x105/0x150
[  279.256886][T24623]  x64_sys_call+0x2bb0/0x2ff0
[  279.261559][T24623]  do_syscall_64+0xd2/0x200
[  279.266070][T24623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.271946][T24623] 
[  279.274267][T24623] value changed: 0x0000000000032bae -> 0x0000000000032c53
[  279.281354][T24623] 
[  279.283660][T24623] Reported by Kernel Concurrency Sanitizer on:
[  279.289809][T24623] CPU: 0 UID: 0 PID: 24623 Comm: syz.0.8983 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  279.301179][T24623] Tainted: [W]=WARN
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  279.304967][T24623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  279.315019][T24623] ==================================================================
[  279.719233][ T5310] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.777751][ T5310] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.855748][ T5310] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.898022][ T5310] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.996604][ T5310] smc: removing net device bond0 with user defined pnetid SYZ2
[  280.004730][ T5310] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  280.014102][ T5310] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  280.023619][ T5310] .` (unregistering): (slave dummy0): Releasing backup interface
[  280.032564][ T5310] .` (unregistering): Released all slaves
[  280.080586][ T5310] hsr_slave_0: left promiscuous mode
[  280.086961][ T5310] hsr_slave_1: left promiscuous mode
[  280.092545][ T5310] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.099934][ T5310] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.107402][ T5310] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  280.114895][ T5310] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.123656][ T5310] veth1_macvtap: left promiscuous mode
[  280.129283][ T5310] veth0_macvtap: left promiscuous mode
[  280.167712][ T5310] team0 (unregistering): Port device team_slave_1 removed
[  280.176977][ T5310] team0 (unregistering): Port device team_slave_0 removed
[  280.498953][ T5310] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.547738][ T5310] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.607231][ T5310] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.657375][ T5310] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.717700][ T5310] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.777448][ T5310] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.827571][ T5310] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.897232][ T5310] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.948317][ T5310] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.987676][ T5310] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.048001][ T5310] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.107469][ T5310] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.168404][ T5310] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.217706][ T5310] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.277396][ T5310] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.327843][ T5310] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.387593][ T5310] bridge_slave_1: left allmulticast mode
[  281.393252][ T5310] bridge_slave_1: left promiscuous mode
[  281.399246][ T5310] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.406908][ T5310] bridge_slave_0: left allmulticast mode
[  281.412570][ T5310] bridge_slave_0: left promiscuous mode
[  281.418266][ T5310] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.426488][ T5310] bridge_slave_1: left allmulticast mode
[  281.432140][ T5310] bridge_slave_1: left promiscuous mode
[  281.437815][ T5310] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.445674][ T5310] bridge_slave_0: left allmulticast mode
[  281.451317][ T5310] bridge_slave_0: left promiscuous mode
[  281.456992][ T5310] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.577614][ T5310] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.587333][ T5310] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.596958][ T5310] bond0 (unregistering): Released all slaves
[  281.619466][ T5310] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.628688][ T5310] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.637868][ T5310] .` (unregistering): (slave dummy0): Releasing backup interface
[  281.646417][ T5310] .` (unregistering): Released all slaves
[  281.654196][ T5310] bond0 (unregistering): Released all slaves
[  281.718084][ T5310] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.727723][ T5310] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.736913][ T5310] bond0 (unregistering): Released all slaves
[  281.759720][ T5310] smc: removing net device bond0 with user defined pnetid SYZ2
[  281.767892][ T5310] $H� (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.776718][ T5310] bond_slave_0: left promiscuous mode
[  281.783215][ T5310] $H� (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.792068][ T5310] bond_slave_1: left promiscuous mode
[  281.798672][ T5310] $H� (unregistering): (slave dummy0): Releasing backup interface
[  281.806971][ T5310] dummy0: left promiscuous mode
[  281.812460][ T5310] $H� (unregistering): Released all slaves
[  281.820567][ T5310] bond0 (unregistering): Released all slaves
[  281.893575][ T5310] hsr_slave_0: left promiscuous mode
[  281.899230][ T5310] hsr_slave_1: left promiscuous mode
[  281.904850][ T5310] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  281.912294][ T5310] batman_adv: batadv0: Removing interface: batadv_slave_0
[  281.919699][ T5310] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  281.927137][ T5310] batman_adv: batadv0: Removing interface: batadv_slave_1
[  281.935137][ T5310] hsr_slave_0: left promiscuous mode
[  281.941102][ T5310] hsr_slave_1: left promiscuous mode
[  281.946715][ T5310] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  281.954130][ T5310] batman_adv: batadv0: Removing interface: batadv_slave_0
[  281.961864][ T5310] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  281.969306][ T5310] batman_adv: batadv0: Removing interface: batadv_slave_1
[  281.978014][ T5310] hsr_slave_0: left promiscuous mode
[  281.983761][ T5310] hsr_slave_1: left promiscuous mode
[  281.989510][ T5310] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  281.996945][ T5310] batman_adv: batadv0: Removing interface: batadv_slave_0
[  282.004432][ T5310] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  282.011820][ T5310] batman_adv: batadv0: Removing interface: batadv_slave_1
[  282.019790][ T5310] hsr_slave_0: left promiscuous mode
[  282.026148][ T5310] hsr_slave_1: left promiscuous mode
[  282.031784][ T5310] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  282.039221][ T5310] batman_adv: batadv0: Removing interface: batadv_slave_0
[  282.046779][ T5310] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  282.054156][ T5310] batman_adv: batadv0: Removing interface: batadv_slave_1
[  282.068274][ T5310] veth1_macvtap: left promiscuous mode
[  282.073752][ T5310] veth0_macvtap: left promiscuous mode
[  282.079763][ T5310] veth1_macvtap: left promiscuous mode
[  282.085288][ T5310] veth0_macvtap: left promiscuous mode
[  282.091213][ T5310] veth1_macvtap: left promiscuous mode
[  282.096851][ T5310] veth0_macvtap: left promiscuous mode
[  282.102361][ T5310] veth1_vlan: left promiscuous mode
[  282.107664][ T5310] veth0_vlan: left promiscuous mode
[  282.113313][ T5310] veth1_macvtap: left promiscuous mode
[  282.118956][ T5310] veth0_macvtap: left promiscuous mode
[  282.228585][ T5310] team0 (unregistering): Port device team_slave_1 removed
[  282.238253][ T5310] team0 (unregistering): Port device team_slave_0 removed
[  282.277268][ T5310] team0 (unregistering): Port device team_slave_1 removed
[  282.287553][ T5310] team0 (unregistering): Port device team_slave_0 removed
[  282.330238][ T5310] team0 (unregistering): Port device team_slave_1 removed
[  282.339889][ T5310] team0 (unregistering): Port device team_slave_0 removed
[  282.378552][ T5310] team0 (unregistering): Port device team_slave_1 removed
[  282.388565][ T5310] team0 (unregistering): Port device team_slave_0 removed
[  282.415513][T15097] infiniband syz1: ib_query_port failed (-19)
[  283.278859][ T5310] IPVS: stop unused estimator thread 0...
[  283.284987][ T5310] IPVS: stop unused estimator thread 0...