last executing test programs:

9m53.840448357s ago: executing program 32 (id=848):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

8m54.781930585s ago: executing program 33 (id=2831):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r3, @ANYBLOB="0524060000000001300012800b00010062726964676500002000"], 0x6c}}, 0x0)

8m38.437240363s ago: executing program 34 (id=3980):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, &(0x7f00000003c0)='./file0\x00')

8m38.394522134s ago: executing program 35 (id=3981):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
setitimer(0x2, 0x0, 0x0)

8m38.298143586s ago: executing program 36 (id=3984):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18)
sendmmsg$inet(r0, &(0x7f0000003b80)=[{{0x0, 0x0, &(0x7f0000002940)=[{&(0x7f0000002640)="ef0ba606342672dabc", 0x9}], 0x1}}], 0x1, 0x20000010)
recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)=""/189, 0xbd}, {&(0x7f00000002c0)=""/182, 0xb6}], 0x2}}], 0x1, 0x0, 0x0)

8m38.293421706s ago: executing program 37 (id=3985):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_io_uring_setup(0x88f, &(0x7f00000010c0)={0x0, 0xc941, 0x0, 0x3, 0xbfdffffc}, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f00000000c0)=@in={0x2, 0x4e24, @remote}, 0x0, 0x0, 0x2})
io_uring_enter(r1, 0x47f6, 0x0, 0x4, 0x0, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f00000000c0), 0x10)

7m29.234464719s ago: executing program 38 (id=6132):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x1010040, &(0x7f00000003c0)={[{@noquota}, {@debug}, {@jqfmt_vfsv0}, {@noauto_da_alloc}, {@minixdf}]}, 0x3, 0x4eb, &(0x7f0000001fc0)="$eJzs3d9rW20dAPDvSX9u62ynXsyBc+ikG7ikXd1WvJgVRK8Gznlfa5uW0rQpbbqtZUiHf4Ag/kKvvPJG8FoE2Z8gwkDvRUQZus0LL973zUuSk3ddlrYpa5q2+Xzg6XnOj57v90k4T/LkHM4JoGtdiYipiOiJiOsRMZwuz6Qltmulst2rl09mKyWJcvnBf5JI0mX1fSXp9Fz6b4MR8d1vR/wgeTfu+ubW0kyhkF9L53Ol5dXc+ubWjcXlmYX8Qn5lamL89uSdyVuTY4fW1rvf/OfPf/zbb93901ce/X3639d+WElrKF23sx2t2G5xu1rT+6qvRV1vRKwdJNgx1pO2p6/TiQAA0JLKd/xPR8QXI+L1rzqdDQAAANAO5a8PxQdJRBkAAAA4tTLVa2CTTDa9FmAoMplstnYN72fjbKbQHxHzxY2Vudq1siPRl5lfLOTH0muFR6IvqcyPV+tv5m82zE9ExIWI+Onwmep8drZYmOv0jx8AAADQJc41jP//N1wb/wMAAACnzMgBtm1yLy8AAADgBDjI+B8AAAA4mXYd/ye9R5sIAAAA0A7fuXevUsr151/PPdzcWCo+vDGXX1/KLm/MZmeLa6vZhWJxoXrPvuX99lcoFle/Gisbj3Ol/Hopt765Nb1c3FgpTVef6z2d95xoAAAAOHoXvvDsb0lEbH/tTLVU9KfrWhirT7U3O6CdMgfb3N0/4BTp6XQCQMc0XODb36k8gKPnfDywz8D+Zw3zB/zZAAAAOA5GP/de5/+dD4QTzEAeupfz/9C93OALupfz/9DlBvbfZHC3FX8+5FwAAIC2GaqWJJNNzwUORSaTzUacrz4WoC+ZXyzkxyLiUxHx1+G+gcr8eKeTBgAAAAAAAAAAAAAAAAAAAAAAAIATplxOogwAAACcahGZfyXpg/xHh68ONf4+0J/8f7g6jYhHv37wi8czpdLaeGX5fz9ZXvpluvxmfQkAAADQSfVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH6dXLJ7P1cpRxX3wjIkaaxe+Nwep08A/DEXH2dRK9O/4viYieQ4i//TQiLr4dvyeNMFJNrZZFY/xMRJxpU/xoMf65Q4gP3exZpf+Zqhx/fQ3HXyauVKfNj7/etLyvF1d26/8y9f6v2s816//O773rwXrl0vPf53aN/zTiUm/z/qceP3nP/vf739va2m1d+TcRo/t8/lRi5UrLq7n1za0bi8szC/mF/MrExPjtyTuTtybHcvOLhXz6t2mMn3z+jx/t1f6zTePX+t+92n/13d0NNIvx4fPHLz+zR/xrX2r+/l/cI37ltf9y+jlQWT9ar2/X6jtd/t1fLu/V/rld2r/f+39tt502uH7/R/9ocVMA4Aisb24tzRQK+bWTUYmofSs/Lvl0tnI+jkUaKq1VhtJjbseqnrYHvf9u0NYqneuTAACA9njzpb/TmQAAAAAAAAAAAAAAAAAAAED3avudzwbevrPAYOeaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwp48DAAD//85EyV0=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r2, r2, 0x0, 0x800000009)

6m28.314821825s ago: executing program 39 (id=8757):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xe5)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
write$qrtrtun(r0, &(0x7f0000001880)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e84b928ecb96e0e4e781bfca4c928c956321dd51400000000000020011584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26cfbb2eb91e40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a63d070000930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299dea6c08073dd0c47b9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8303985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725436101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35cfe7d498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c17d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f91", 0x45c)
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r3, 0x0, 0x0}, 0x10)

6m17.982792216s ago: executing program 40 (id=9026):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendmmsg$inet(r2, &(0x7f0000000940)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000100)='\x00', 0x1}], 0x1}}], 0x1, 0x2400c042)

6m3.184347314s ago: executing program 41 (id=9490):
socket(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

5m55.67420157s ago: executing program 42 (id=9761):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x104, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000100000000000a20000000000a01010000000000000000010000000900010073797a300000000068000000090a010400000000000000000100000008000a4000000000200011800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30000000000900020073797a3200000000080005400000001f0c000980080001400037"], 0xb0}}, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)

5m46.638465286s ago: executing program 43 (id=10134):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='br_fdb_add\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

4m54.194356476s ago: executing program 44 (id=12120):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r2}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x0, 0x0, 0x0, r2})

4m22.775300287s ago: executing program 45 (id=13405):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x71, 0x5, 0xc, 0x8, 0x0, 0x1f, 0x4204, 0x8, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x1}, 0xb07, 0x3, 0x8, 0x1, 0x7f, 0x8802, 0x5, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_clone(0xae12e400, 0x0, 0x0, 0x0, 0x0, 0x0)

3m45.218930358s ago: executing program 46 (id=14983):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1ec}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f00000000c0)={0x1, &(0x7f0000000300)=[{0x6, 0x60}]})

59.144339759s ago: executing program 0 (id=20411):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141b42, 0x4)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r3, 0x0, 0x1000, 0x0)
splice(r1, 0x0, r5, 0x0, 0x80, 0x0)
write$binfmt_aout(r2, &(0x7f00000004c0)=ANY=[], 0x120)

58.957655193s ago: executing program 0 (id=20416):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000001b00)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
shutdown(r0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
faccessat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x5)

58.121193329s ago: executing program 4 (id=20439):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=@newlink={0x48, 0x10, 0x401, 0x0, 0x4, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, r4, 0x0, 0x343}}}}}}]}, 0x48}}, 0x0)

58.09265117s ago: executing program 0 (id=20440):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@journal_dev={'journal_dev', 0x3d, 0x2d353}}, {@nobh}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tcuTEXE1f9tURHztyxHfTA7Gbe7sri/WatWtvFxp1TcrzZ3d62v1xdXqanVjfn7ujYU3F15fmM1yT9TOUi/zky99/vanv/W7G3++9u12tT73kShEXztOUrfphc626Glvo63TCDYCE3l7CqOuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymsxKP7lU45f6myawfHTiLh6AvFhnN1p9z9vDfr+pfFS53Xw928yT09qeP+X5pGf7/Rzg/qfZw+srT4wxgv3flYZGv9WxAuTg/ufXv+bDIn/8oG1/SvLsoMxvvH13d1h8bMfR8wM/P1JHotVadU3K82d3etr9cXV6mp1Y35+7o2FNxdeX5itrKzVqvnfgTG+97GfPzys/VcGxP/tb7r972Htf2XYSvv8597N+x/qZguD4l97eeDv71QMiZ/mv32fzPPt+TO9/F43v9+LP7374mHtXx6y/Y/6/K8ds/2vfvW7vz/mogDAGWju7K4v1mrVrUMyU8dY5mnM/GLqXFTj/8xk3+l+cuelPu83095bfTSl16pzULF9mezMYk3EOWny/zIj7ZYAAIBT8Ginf9Q1AQAAAAAAAAAAAAAAAAAAgPF1FrcT64+5N5qmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAc6r8BAAD//0wa4Aw=")
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={r2, 0x4a, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000000)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x8, 0x0, 0x0}}, 0x10)

58.07619576s ago: executing program 0 (id=20441):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioperm(0x9, 0x9, 0x7)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)

58.006129861s ago: executing program 4 (id=20443):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
close(0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
mkdir(&(0x7f0000000000)='./file0\x00', 0xbe9bac6d2d0f4e0b)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002280)=@generic={&(0x7f0000002240)='./file0\x00', r2}, 0x18)

58.005674041s ago: executing program 4 (id=20446):
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x5, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x6}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0x4f, 0x200cc, 0x6, 0x5}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240), 0x4af, r3}, 0x38)

57.908160923s ago: executing program 4 (id=20449):
socket$kcm(0xa, 0x2, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000600)={<r1=>0x0})
r2 = socket$tipc(0x1e, 0x5, 0x0)
listen(r2, 0x0)
accept4(r2, 0x0, 0x0, 0x400000000000000)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000240)={r1, 0x1, r0, 0x6})

57.449057492s ago: executing program 47 (id=20470):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000380), 0x84, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r1}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
recvmsg$kcm(r2, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)

57.05620603s ago: executing program 0 (id=20472):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r1}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
recvmsg$kcm(r2, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x40010000)

57.05578931s ago: executing program 4 (id=20473):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffff8, 0xaeb, 0xe57, 0x1, 0x7, "3ce6920887000000000000000d00", 0x4, 0x1ff})
r1 = syz_io_uring_setup(0x88e, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x2, 0x1b9}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x8)

56.612650388s ago: executing program 0 (id=20474):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003d00)=[{{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000b40)="8b5a", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)}}, {{0x0, 0x0, &(0x7f0000000dc0)}}], 0x3, 0x48800)

56.604465778s ago: executing program 48 (id=20474):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003d00)=[{{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000b40)="8b5a", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)}}, {{0x0, 0x0, &(0x7f0000000dc0)}}], 0x3, 0x48800)

56.562385759s ago: executing program 4 (id=20476):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)

56.52264218s ago: executing program 49 (id=20476):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)

46.075901913s ago: executing program 1 (id=20764):
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r1=>0x0})
r2 = socket(0x200000000000011, 0x2, 0x0)
bind$packet(r2, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @random="933c547ecfa7"}, 0x14)
r3 = socket(0x200000000000011, 0x2, 0xd)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004500002400000002"], 0x0)

46.041518974s ago: executing program 1 (id=20766):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="940000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c0002800500010000000000080007"], 0x94}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000e00)=ANY=[@ANYBLOB="14000000020105"], 0x14}, 0x1, 0x0, 0x0, 0x24040091}, 0x40040)

45.904035557s ago: executing program 1 (id=20769):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x16)
r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0)
ioctl$IMADDTIMER(r2, 0x80044940, &(0x7f0000000600)=0x14)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000240)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000f00030001332564aaee7b1d58b9a64411f6bbf44d", 0x39}], 0x1)
close(r2)

45.783466469s ago: executing program 1 (id=20775):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_continue}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
rename(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00')
creat(&(0x7f0000000080)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4000001, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "035f47c6780820d1cbf7966da2dc499b060000002ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00002f00", "f28359738e229a4c66810000000000d300e6d602000004000000000000000001", [0x81, 0x1]})
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
pwritev2(r1, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0x1}], 0x1, 0x800001, 0x0, 0x0)

45.476884435s ago: executing program 1 (id=20781):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

45.24972447s ago: executing program 1 (id=20793):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xa, 0x4, 0x8, 0x8}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="4800000010000104000500"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001280090001007665746800000000180002801400010000000000", @ANYRES32=r4], 0x48}}, 0x0)

45.23189638s ago: executing program 50 (id=20793):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xa, 0x4, 0x8, 0x8}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="4800000010000104000500"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001280090001007665746800000000180002801400010000000000", @ANYRES32=r4], 0x48}}, 0x0)

39.267021586s ago: executing program 5 (id=20979):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x4f}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0xf, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x2, 0x0, &(0x7f0000000100)="e0b9", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0xfffffffe, @local, 0x4}, 0x1c)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)

39.242844486s ago: executing program 5 (id=20981):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000400)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/56, 0x38}, 0x1fff}], 0x1, 0x1832b, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4d, &(0x7f0000000180)=0x8, 0x4)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
sendto$inet6(r1, &(0x7f0000001440)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9abaeed9ace110469c51f4f211dd9fad815eb5b273ac04e1edc679bcdf0a0d24482de5454be9003cb80714a95e136bb704ee58e707d1e69b3c3a1c2c37f9c0402e14abdeb32086a49aff25e5c0f0131d59b4783316b9fa2c71c51ce76942d5f519145c9e3bf0d4182b4a62970b2ce81d35a7afc8384b387b8e21f2051d90d92323a710cabe5275d335b64453e759251a140de480541d8dd7662a14296a59eba99b95bfdf5b22992c323865b471d13ad79867e2692fd4eece299a81e2b33336b6801f51c2ae8d73e4df90c9bd70cd535b72cbdf67754acdc44b3780450308d9c5527c3314eb7b2cc96403a30a8ba0c8a357aa04d3c62bc51bcf55cf214f44a909b29c30c18c3a43c86472612086664a80f2aa8490e58352732acb96eb46deab42895d1957a6029ad86e7a5ced6bde89c158aaee721954beeebe5973059007f7dd5459029af6d3f1d73d35f07d19b7cedfc80d1d7ef37f8b113f564afd0f093202929fef43e788619ca522c7f679dd2f27949d879b4dab46581a0e054b4ed1db37e43f528748b56ec5a54b7af198d4ae551046f7814fe3a5cbc1cc7cb6655fc198939b049f3c02443148c588e34d6ebef81096b4e48f468016d2bde0828664c0874d71e2d88b3bc04079d4a504255a83c3f07a4f1c3e5a4c66f55f36e51e344392487c8299d8d1bfb568780c0d57df48990cb5d6b35c3f7445f80312186d8598faf61072d4eefc961fb5a7e72b971c8f94a8346effd27362cee8d72a98b55e317de280d2d63ee83ca7140b7913122d402c536d914c8510c81d08f0ad1c952f5b7ad5e7ef72d7c58cb4d5bafbea535b381df6ebe94c62cf782cf7ab81c017c296a88ca91d641b45748d230cf5e87e5dbee4764ea4d131ae022e6bbf3ffc3ea7b264736d9db44354bfffa63d79bc403d3ac23fb615edc382d18b0daf1bbb2fbd708d1830ddac1c3f098b8cb1ef9a0019d804bf5c553110f12f3b9a8b9b7e0c61cb5d34116add1fc9a92721ffa5fdc83e1488cf88aa6e56ad2dd55e0aadd827cc7b4e7242f01241f49e905e5e7451092c28c3f6560a6a0002e5d91fc253a5a8fd8f27e42f4f02f5849528b7d93df9b0c568022acaff410e797e88d2f8eeadbba62e423335b843df734d203fa62a861b712da8f33d5ea721767871aa2cd53e659e505507de9a54d7e6fa3c20bbfb28cd6dd2b314dabbb59e9ce15c0a94ec3b3efc54eaaa27bd7576a687dcaf58dc182662539943014a02e76dc89f48c9f83cc7199038418f965ad3dc866098b89cabcac8691b0f51ffb71902337e49293309c4480a8f1b32411cc1b55a0ec0fe2c2572fe9d488a25bfc12ba74048e1d7beee93321c7aa49ea17cb9728dc46e5272154b3b995feacbacb8885621b335274af4df9365f8c8121ff323b572d320c8fc46acd6218b9579d43005e7b0506ccb14d9a0dac4cc6efaf5366c44342eaea8b5a11457f5afbea4c64dec53db7713485bc46e714ca5741da38a7cceb9e85d77fd03f83f7a5ecc7241e69e2bda327f769b48ba5f13662585c72778d12bd0e9a62a3d0dbe376d1aee81e6845c2cf23f42c458ae5668c8d387bf9ab224bc9703f1c08347be810d2f19278fe8d97560b3c9f1816667d0461a25e778eb1404dcaac1ed0a6a0745f3a5d2dc1b6babf98f5135d531cb26334ef2fec4c78c95b7193935139664fc65f17b047eb3dc39e251ba52ce33f8099719f1a789db1690347355e7b02d4c522692b8e97fd31abb90f973ae4eb0bd0d900cdd887ff01d4845d7f0aee39b220a65a5aeee0fd386054070723c841c042d5339cc6325f07f0f733d124c6524f388ef7419f42c06278b8fceaa3a16b202dfb539b129762397e29cdd679ca6240272fa0c3e2e8c0a27aaa407f30b4024d0638dfca1bc9483db3ccc2880f000000d824c3106871274a1c37ff06bcb145fb9868158e1a35fe4caac682c9fe759b489323da422ddc2e16f9073809dd", 0x5ad, 0x6d91fb6102d8910c, 0x0, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

39.162460328s ago: executing program 5 (id=20989):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='b *:* m'], 0x47)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r3 = openat$cgroup_devices(r2, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000180)={0x1})
splice(r0, 0x0, r3, 0x0, 0x47, 0x0)

39.122803869s ago: executing program 5 (id=20992):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
open$dir(&(0x7f0000000080)='./file0/file0\x00', 0x200000, 0x27)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

39.102838279s ago: executing program 5 (id=20994):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000500)='rxrpc_local\x00', r2}, 0x18)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, &(0x7f00000005c0)=@in4={0x21, 0x8, 0x2, 0x10, {0x2, 0x1, @empty}}, 0x24)
close_range(r1, 0xffffffffffffffff, 0x0)

38.974415362s ago: executing program 5 (id=21001):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000680)={'batadv0\x00', <r3=>0x0})
getsockopt$packet_buf(r0, 0x107, 0x16, 0x0, 0x0)
sendto$packet(r0, &(0x7f00000000c0)="ea3d8100", 0x4, 0xb01, &(0x7f0000000080)={0x11, 0x8100, r3, 0x1, 0x2}, 0x14)

38.937546242s ago: executing program 51 (id=21001):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000680)={'batadv0\x00', <r3=>0x0})
getsockopt$packet_buf(r0, 0x107, 0x16, 0x0, 0x0)
sendto$packet(r0, &(0x7f00000000c0)="ea3d8100", 0x4, 0xb01, &(0x7f0000000080)={0x11, 0x8100, r3, 0x1, 0x2}, 0x14)

14.89127556s ago: executing program 7 (id=21868):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
io_setup(0x3, &(0x7f0000000340))

14.805818902s ago: executing program 7 (id=21870):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010100008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

14.733339784s ago: executing program 7 (id=21871):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)

14.693320804s ago: executing program 7 (id=21872):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

14.617484795s ago: executing program 7 (id=21874):
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRES8, @ANYRESHEX], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

14.272534372s ago: executing program 7 (id=21884):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe89}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x105480, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

14.272435712s ago: executing program 52 (id=21884):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe89}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x105480, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

1.949145092s ago: executing program 8 (id=22279):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macvlan1\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
r3 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
bind$packet(r3, &(0x7f0000000280)={0x11, 0x0, r5, 0x1, 0xf, 0x6, @multicast}, 0x14)
preadv(r2, &(0x7f0000000180)=[{&(0x7f0000000600)=""/222, 0xde}], 0x1, 0x1a, 0x0)

1.890384743s ago: executing program 8 (id=22282):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000000240)=[{r1}, {r1, 0x8153}], 0x2, 0x0, 0x0, 0x0)
recvmmsg$unix(r0, &(0x7f0000003c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x12122, 0x0)

1.162465917s ago: executing program 9 (id=22311):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000140), 0x802)
preadv2(r0, 0x0, 0x0, 0x80, 0x8000, 0x0)
r1 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)

1.148131898s ago: executing program 9 (id=22314):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x17, 0x40, 0x6, 0x0, 0x0, 0x10609, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x4}, 0x108bcf, 0x7ff, 0xffff, 0x8, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x100000b, 0x12011, r0, 0x0)
r1 = syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x8, 0x0, 0xfffffdfc}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

1.0185589s ago: executing program 8 (id=22317):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x14)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000cd03000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0xedf0e51957efc755, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

752.149075ms ago: executing program 6 (id=22325):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4a20, 0x0, @mcast2, 0x81}, {0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xda}, r3, 0x8}}, 0x48)

678.599097ms ago: executing program 2 (id=22327):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r3 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r2)

678.421687ms ago: executing program 6 (id=22328):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x204000, 0x1000}, 0x20)

678.336607ms ago: executing program 2 (id=22329):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000540)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000140), 0x760, 0xa382)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000feffdfff0000000000110000850000008b000000950000000000d700d37b3011b0a5f000faf208588642c1e443a45d7dc2e6f067cc362250aeb8a44501b2f8b37caef031ec2b9f545839051ad4299e81631dd090fb1decc31c2ad6f2309ced747b104d03f79fa0c725c52316215a4b5c4c02ccd11dbdc5e9dfbb403cb66661043a929c4ff480edd48234e51586d8ebfdf5bfbc1715"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x3, 0x0, 0x11, 0x1, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e17bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978072a8b070006584a128d7469166ffbffffff19e7df4af14e1df82d", [0x1, 0x7]})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x5452, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)

675.390107ms ago: executing program 6 (id=22330):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x23)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
unshare(0x2040400)
r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r2, 0x0, 0x0)

661.315727ms ago: executing program 2 (id=22331):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
recvmsg$unix(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x22fe0}], 0x1}, 0x0)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)

642.514767ms ago: executing program 6 (id=22332):
unshare(0x40060480)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x80a, &(0x7f0000000340)={[{@grpquota}, {@lazytime}, {@stripe={'stripe', 0x3d, 0x1200}}, {@quota}]}, 0x1, 0x7c0, &(0x7f0000000380)="$eJzs3d9rW9cdAPDvlX8lTrJ4MFiyl3gvWyBETjIv2WAwhz2MwQKB7XmJkRXjWbaCJYfY+GEhGwxKaRv60NK+9Lk/0re+lva5f0NfSikJaeuEuvShVbmyZMuWLf+IJSf15wNXOufqXJ3z1dE990o66AZwYA2mN5mIkxHxchJxvLY+iYieaqo7YmS53NLiQi5dkqhU/vFVUi3zZHEhFw3bpI7UMici4qP/RZzJNNdbmpufHC0U8jO1/FB56uZQaW7+7MTU6Hh+PD998fzw8IVLv790ce9i/eaT+aMPX/nrb98b+e7uL++/+HESI3G09lhjHHtlMAZrr0lP+hKu8Ze9rmyfJfvdAHYl3TW7lvfyOBnHo6uaAgB+ytLjfwUAOGASx38AOGDq3wM8WVzI1Zf9/Uaisx5djkiS5fiXFhdyd1fi7679Zneo+jto/5MkutPUD7/e0/oHI+LND/71TrpEm36HBNjIf+5ExPWBwebxP2mas7BT57ZRZnBd3vgHnfPh5Yj4w0bnf5mV859YOf9Z1bfBvrsbgxG9jfnm/T/zYMMN/7wHldfO//60PLctDbR6Dlirt15koKuWO5ZmTkXERCGfjm0/i4jT0dN3Y6KQP9+ijtOPv3+82WON539f3/v322n96f1qicyD7r6124yNlkefJuZGj+5E/Kp7dW7fUtP4f6g6t2t9/6frrrZ64lOryb/98f9vbFYsjT+Nt740x99elbcifhMbx1+XtJyfOJR2/7nl243reP+z1/o3q7+x/9Mlrb/+WaAT0v7vbx3/QNI4X7O0t/VvHf/G7//e5J/VdH3wuD1aLs+cj+hN/t68/sLqtvV8en8sGiNdH3+m5fs//Ux4fZsxdj/88t3dx7+iLVMs0/4f21H/7zxxf2mya/fxp/0/XE2drq3ZzvhXyPfGdhr4NK8dAAAAAAAAAAAAAAAAAAAAAAAAAGxXJiKORpLJrqQzmWx2+Rrev4j+TKFYKp+5UZydHovqtbIHoidT/6vL+n8s1v//dGD58STNX1iX/11E/DwiXu07XM1nc8XC2D7HDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1Rza5/n/qi74WGybdnWoiANAOh7Ys8Ti/JlupVCptbA8A0H5bH/+bvf5SGxoCAHRMi+P/4U62AwDonN18/gcAnm+O/wBw8Dj+AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GZXr1xJl8q3iwu5ND92a252snjr7Fi+NJmdms1lc8WZm9nxYnG8kM/milNbPV+hWLw5HNOzt4fK+VJ5qDQ3f22qODtdvjYxNTqev5bv6UhUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAzpbn5ydFCIT/TmcR/21vFCxGxdk2lwwG2LZHEM9GMfUl8fvbTE63K3NvibTzyTETxnCUaBok7+zhAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADzjfgwAAP//S+0lnQ==")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="080086dd0001110004000000a60c6eec00"], 0xfdef)

605.111038ms ago: executing program 8 (id=22334):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x79, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0, 0x81, 0x1080a422012f758f})
r0 = syz_io_uring_setup(0x17dc, &(0x7f0000000240)={0x0, 0x5bc4, 0x100, 0x80000ffc, 0x5cc}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$TIPC_CMD_GET_MAX_PORTS(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x4, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

584.470989ms ago: executing program 8 (id=22335):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x401}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c783, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0xffffffff}, @TCA_FQ_RATE_ENABLE={0x8, 0x5, 0x1}]}}]}, 0x40}}, 0x4048000)

563.565649ms ago: executing program 2 (id=22337):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x19, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

515.50537ms ago: executing program 8 (id=22338):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000280)=[{{0x2, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x1, 0x0, 0x1}, {0x3, 0x1}}], 0x10)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x0)
poll(0x0, 0x0, 0x4e21)
listen(0xffffffffffffffff, 0xc6)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)

498.65844ms ago: executing program 2 (id=22339):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7}, 0x18)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000080)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)

430.611152ms ago: executing program 2 (id=22340):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r3)
close_range(r2, 0xffffffffffffffff, 0x0)

430.445302ms ago: executing program 3 (id=22341):
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000440)=""/183}, 0x20)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xa7f10723c5e5444d}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)='cpuset.mem_hardwall\x00', 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080))

422.894592ms ago: executing program 9 (id=22342):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
getpeername$unix(0xffffffffffffffff, 0x0, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)

388.649512ms ago: executing program 3 (id=22343):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xc4, 0x19, 0xfd3649826d894c67, 0x2, 0x0, {{@in6=@empty, @in6=@mcast2, 0x1, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x400000000}, 0x400, 0x0, 0x0, 0x1}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x4c050)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003082f00fe88a43de1a400000000000000007d01ff020000000000000000000000000001"], 0xfdef)

344.150243ms ago: executing program 6 (id=22344):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000006003051878536f1216d114000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0xfffffffc, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
open(&(0x7f0000000380)='./file0\x00', 0x82ff, 0x9a)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
fcntl$setlease(r2, 0x400, 0x300000000000000)

326.025273ms ago: executing program 6 (id=22345):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$binfmt_misc(r0, &(0x7f0000000240), 0xfffffecc)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r4], 0x1c}}, 0x0)
write$nci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="42110141"], 0x4)

226.564565ms ago: executing program 3 (id=22346):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r3 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r2}, 0x8)
close(r3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_DETACH(0x22, 0x0, 0x0)

225.632665ms ago: executing program 3 (id=22347):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r3, &(0x7f0000000140)={'full'}, 0xfffffdef)

122.019198ms ago: executing program 9 (id=22348):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa0}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r3, &(0x7f0000000100)={0x0, 0x20, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYBLOB="40000000210a010900000000000000000a0000010900020073797a31000000000900010073797a31"], 0x40}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)

121.415908ms ago: executing program 3 (id=22358):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000540)={&(0x7f00000001c0)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x2}}, 0x10, 0x0}, 0x10)
pwritev2(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}], 0x1, 0xe7b, 0x9, 0x0)

77.972479ms ago: executing program 9 (id=22349):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
write$P9_RLERRORu(r2, &(0x7f0000000500)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

433.6µs ago: executing program 3 (id=22350):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x80)
fchdir(r1)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r2 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0x1, 0x89}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
io_uring_enter(r2, 0x3518, 0xaddf, 0x2, 0x0, 0x0)

0s ago: executing program 9 (id=22351):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000800)=@newtfilter={0x68, 0x28, 0xd27, 0x1000004, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0xd, 0x9}, {0x4}, {0x3, 0xa}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34, 0x1, [@m_skbedit={0x30, 0x0, 0x0, 0x0, {{0xc}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x68}}, 0x4000)

kernel console output (not intermixed with test programs):

amed from eth3
[  589.900334][T24072] 8021q: adding VLAN 0 to HW filter on device bond0
[  589.916320][T24072] 8021q: adding VLAN 0 to HW filter on device team0
[  589.925632][T20168] bridge0: port 1(bridge_slave_0) entered blocking state
[  589.933226][T20168] bridge0: port 1(bridge_slave_0) entered forwarding state
[  589.944809][T20168] bridge0: port 2(bridge_slave_1) entered blocking state
[  589.952673][T20168] bridge0: port 2(bridge_slave_1) entered forwarding state
[  590.030768][T24072] 8021q: adding VLAN 0 to HW filter on device batadv0
[  590.059206][T24064] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  590.087243][T24064] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  590.107874][T24065] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  590.118169][T24064] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  590.128550][T24064] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  590.151481][T24065] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  590.175198][T24065] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  590.205154][T24065] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  590.309275][T24065] 8021q: adding VLAN 0 to HW filter on device bond0
[  590.319852][T24064] 8021q: adding VLAN 0 to HW filter on device bond0
[  590.337734][T24072] veth0_vlan: entered promiscuous mode
[  590.347461][T24072] veth1_vlan: entered promiscuous mode
[  590.366862][T24065] 8021q: adding VLAN 0 to HW filter on device team0
[  590.390923][T14612] bridge0: port 1(bridge_slave_0) entered blocking state
[  590.398394][T14612] bridge0: port 1(bridge_slave_0) entered forwarding state
[  590.410903][T24064] 8021q: adding VLAN 0 to HW filter on device team0
[  590.431171][T24065] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  590.442400][T24065] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  590.456547][T24244] netlink: 28 bytes leftover after parsing attributes in process `syz.2.20524'.
[  590.466060][T24244] netlink: 196 bytes leftover after parsing attributes in process `syz.2.20524'.
[  590.477922][T24244] netlink: 28 bytes leftover after parsing attributes in process `syz.2.20524'.
[  590.488548][T24244] netlink: 196 bytes leftover after parsing attributes in process `syz.2.20524'.
[  590.506752][T24072] veth0_macvtap: entered promiscuous mode
[  590.522888][T20168] bridge0: port 2(bridge_slave_1) entered blocking state
[  590.530611][T20168] bridge0: port 2(bridge_slave_1) entered forwarding state
[  590.568611][T20168] bridge0: port 1(bridge_slave_0) entered blocking state
[  590.575753][T20168] bridge0: port 1(bridge_slave_0) entered forwarding state
[  590.585468][T20168] bridge0: port 2(bridge_slave_1) entered blocking state
[  590.592864][T20168] bridge0: port 2(bridge_slave_1) entered forwarding state
[  590.612434][T24072] veth1_macvtap: entered promiscuous mode
[  590.651812][T24072] batman_adv: batadv0: Interface activated: batadv_slave_0
[  590.674750][T24072] batman_adv: batadv0: Interface activated: batadv_slave_1
[  590.697995][T17854] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  590.711969][T17854] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  590.732245][T24064] 8021q: adding VLAN 0 to HW filter on device batadv0
[  590.745346][T17854] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  590.760584][T18814] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  590.793213][T24065] 8021q: adding VLAN 0 to HW filter on device batadv0
[  590.823326][T24274] loop5: detected capacity change from 0 to 128
[  590.833773][T24274] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  590.902280][T24064] veth0_vlan: entered promiscuous mode
[  590.910891][T24064] veth1_vlan: entered promiscuous mode
[  590.912228][T24072] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  590.924388][T24064] veth0_macvtap: entered promiscuous mode
[  590.936381][T24064] veth1_macvtap: entered promiscuous mode
[  590.957917][T24064] batman_adv: batadv0: Interface activated: batadv_slave_0
[  590.969176][T24064] batman_adv: batadv0: Interface activated: batadv_slave_1
[  590.989075][T18944] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  591.005674][T18944] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  591.043514][T24065] veth0_vlan: entered promiscuous mode
[  591.056639][T18944] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  591.076106][T24065] veth1_vlan: entered promiscuous mode
[  591.084797][T18944] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  591.098138][T24300] netlink: 5 bytes leftover after parsing attributes in process `syz.5.20539'.
[  591.105552][T24065] veth0_macvtap: entered promiscuous mode
[  591.119687][T24065] veth1_macvtap: entered promiscuous mode
[  591.134879][T24065] batman_adv: batadv0: Interface activated: batadv_slave_0
[  591.161461][T24065] batman_adv: batadv0: Interface activated: batadv_slave_1
[  591.174412][T24300] 0��{X��: renamed from gretap0 (while UP)
[  591.201121][T24300] 0��{X��: entered allmulticast mode
[  591.238532][T24300] A link change request failed with some changes committed already. Interface 
30��{X�� may have been left with an inconsistent configuration, please check.
[  591.256681][T17854] dummy0: left promiscuous mode
[  591.291496][T18300] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  591.324404][T18300] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  591.347454][T18300] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  591.370524][T18300] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  591.456725][T24332] netlink: 2036 bytes leftover after parsing attributes in process `syz.3.20547'.
[  591.466959][T24332] netlink: 24 bytes leftover after parsing attributes in process `syz.3.20547'.
[  591.487772][T24328] netlink: 4 bytes leftover after parsing attributes in process `syz.5.20548'.
[  591.502898][T24328] bridge_slave_1: left allmulticast mode
[  591.508869][T24328] bridge_slave_1: left promiscuous mode
[  591.515877][T24328] bridge0: port 2(bridge_slave_1) entered disabled state
[  591.529384][T24328] bridge_slave_0: left allmulticast mode
[  591.535217][T24328] bridge_slave_0: left promiscuous mode
[  591.541665][T24328] bridge0: port 1(bridge_slave_0) entered disabled state
[  591.670764][T24350] loop8: detected capacity change from 0 to 1024
[  591.684568][T24350] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  591.714311][T24350] EXT4-fs error (device loop8): ext4_map_blocks:814: inode #15: block 3: comm syz.8.20557: lblock 3 mapped to illegal pblock 3 (length 3)
[  591.730309][T24350] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  591.743329][T24350] EXT4-fs (loop8): This should not happen!! Data will be lost
[  591.743329][T24350] 
[  591.769580][T18300] EXT4-fs error (device loop8): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:137: lblock 8 mapped to illegal pblock 8 (length 8)
[  591.797286][T18300] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  591.810088][T18300] EXT4-fs (loop8): This should not happen!! Data will be lost
[  591.810088][T18300] 
[  591.828262][T12841] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  592.258150][T24407] netlink: 4 bytes leftover after parsing attributes in process `syz.1.20580'.
[  592.273863][T24407] netlink: 32 bytes leftover after parsing attributes in process `syz.1.20580'.
[  592.314879][T24412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.20582'.
[  592.385005][T24416] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  592.587687][T24444] netlink: 2036 bytes leftover after parsing attributes in process `syz.1.20588'.
[  592.597095][T24444] netlink: 24 bytes leftover after parsing attributes in process `syz.1.20588'.
[  593.819093][T24499] blktrace: Concurrent blktraces are not allowed on loop6
[  594.112517][T24523] netlink: 4 bytes leftover after parsing attributes in process `syz.3.20626'.
[  594.212123][   T29] kauditd_printk_skb: 48 callbacks suppressed
[  594.212141][   T29] audit: type=1400 audit(2153.677:30038): avc:  denied  { watch } for  pid=24529 comm="syz.5.20629" path="/13/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  594.348713][T24532] lo speed is unknown, defaulting to 1000
[  594.376361][T24539] SELinux: failed to load policy
[  594.542634][T24555] sch_tbf: burst 511 is lower than device batadv_slave_0 mtu (1514) !
[  594.584130][T24557] loop1: detected capacity change from 0 to 512
[  594.628318][T24557] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  594.679247][T24557] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.20638: bg 0: block 4: invalid block bitmap
[  594.794031][T24557] EXT4-fs (loop1): Remounting filesystem read-only
[  594.811634][   T29] audit: type=1326 audit(2154.307:30039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24573 comm="syz.3.20644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ae99ebe9 code=0x7ffc0000
[  594.814386][T24557] EXT4-fs (loop1): 1 truncate cleaned up
[  594.866985][T24557] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  594.873730][   T29] audit: type=1326 audit(2154.307:30040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24573 comm="syz.3.20644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ae99ebe9 code=0x7ffc0000
[  594.904435][   T29] audit: type=1326 audit(2154.349:30041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24573 comm="syz.3.20644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f71ae99ebe9 code=0x7ffc0000
[  594.927908][   T29] audit: type=1326 audit(2154.349:30042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24573 comm="syz.3.20644" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f71ae99ebe9 code=0x0
[  594.995499][T24065] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  595.023652][   T29] audit: type=1326 audit(2154.528:30043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24584 comm="syz.2.20648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  595.047933][   T29] audit: type=1326 audit(2154.528:30044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24584 comm="syz.2.20648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  595.077278][   T29] audit: type=1326 audit(2154.528:30045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24584 comm="syz.2.20648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  595.102470][   T29] audit: type=1326 audit(2154.528:30046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24584 comm="syz.2.20648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  595.127501][   T29] audit: type=1326 audit(2154.528:30047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24584 comm="syz.2.20648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  595.885100][T24644] random: crng reseeded on system resumption
[  595.900434][T24636] vhci_hcd: invalid port number 96
[  595.905776][T24636] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  595.952109][T24644] Restarting kernel threads ...
[  595.958951][T24644] Done restarting kernel threads.
[  596.202475][T24690] __nla_validate_parse: 8 callbacks suppressed
[  596.202494][T24690] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20693'.
[  596.220607][T24690] netem: change failed
[  596.234923][T24692] geneve2: entered promiscuous mode
[  596.240517][T24692] geneve2: entered allmulticast mode
[  596.390442][T24721] netlink: 24 bytes leftover after parsing attributes in process `syz.1.20708'.
[  596.556358][T24738] netlink: 24 bytes leftover after parsing attributes in process `syz.3.20716'.
[  596.572641][T24738] netlink: 'syz.3.20716': attribute type 2 has an invalid length.
[  596.685215][T24750] netlink: 4 bytes leftover after parsing attributes in process `syz.1.20721'.
[  596.718374][T24755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.20724'.
[  596.728542][T24755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.20724'.
[  596.840503][T24765] loop8: detected capacity change from 0 to 512
[  596.856772][T24765] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  596.889957][T12841] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  597.056332][T24788] netlink: 'syz.5.20738': attribute type 30 has an invalid length.
[  597.159701][T24434] IPVS: starting estimator thread 0...
[  597.254738][T24800] IPVS: using max 2784 ests per chain, 139200 per kthread
[  597.565448][T24831] netlink: 'syz.3.20758': attribute type 39 has an invalid length.
[  597.579319][T24833] netlink: 4 bytes leftover after parsing attributes in process `syz.5.20759'.
[  597.589375][T24833] netlink: 4 bytes leftover after parsing attributes in process `syz.5.20759'.
[  597.614109][T24835] pim6reg1: entered promiscuous mode
[  597.619675][T24835] pim6reg1: entered allmulticast mode
[  597.875060][T24434] hid-generic 0000:0006:0007.0019: unknown main item tag 0x0
[  597.883287][T24434] hid-generic 0000:0006:0007.0019: unknown main item tag 0x0
[  597.890911][T24434] hid-generic 0000:0006:0007.0019: unknown main item tag 0x0
[  597.898417][T24434] hid-generic 0000:0006:0007.0019: unknown main item tag 0x0
[  597.906497][T24434] hid-generic 0000:0006:0007.0019: unknown main item tag 0x0
[  597.914200][T24434] hid-generic 0000:0006:0007.0019: unknown main item tag 0x0
[  597.921721][T24434] hid-generic 0000:0006:0007.0019: unknown main item tag 0x0
[  597.929111][T24434] hid-generic 0000:0006:0007.0019: unknown main item tag 0x0
[  597.937019][T24434] hid-generic 0000:0006:0007.0019: unknown main item tag 0x0
[  597.944590][T24434] hid-generic 0000:0006:0007.0019: unknown main item tag 0x0
[  597.970176][T24857] netlink: 5 bytes leftover after parsing attributes in process `syz.1.20769'.
[  597.970253][T24858] wg2: entered promiscuous mode
[  597.986173][T24858] wg2: entered allmulticast mode
[  597.993473][T24434] hid-generic 0000:0006:0007.0019: hidraw0: <UNKNOWN> HID v0.0b Device [syz1] on syz1
[  598.004123][T24857] 0��{X��: renamed from gretap0 (while UP)
[  598.013523][T24857] 0��{X��: entered allmulticast mode
[  598.019928][T24857] A link change request failed with some changes committed already. Interface 
30��{X�� may have been left with an inconsistent configuration, please check.
[  598.069286][T24865] loop5: detected capacity change from 0 to 512
[  598.093424][T24865] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  598.102605][T24869] loop1: detected capacity change from 0 to 512
[  598.121362][T24869] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  598.134026][T24865] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  598.134084][T24871] netlink: 8 bytes leftover after parsing attributes in process `syz.8.20776'.
[  598.158863][T24865] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #11: comm syz.5.20772: corrupted inode contents
[  598.160363][T24869] EXT4-fs (loop1): 1 truncate cleaned up
[  598.178247][T24865] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #11: comm syz.5.20772: mark_inode_dirty error
[  598.200886][T24865] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.20772: invalid indirect mapped block 1 (level 1)
[  598.215497][T24865] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #11: comm syz.5.20772: corrupted inode contents
[  598.226108][T24869] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  598.229323][T24865] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  598.250470][T24865] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #11: comm syz.5.20772: corrupted inode contents
[  598.265005][T24865] EXT4-fs error (device loop5): ext4_truncate:4666: inode #11: comm syz.5.20772: mark_inode_dirty error
[  598.277368][T24865] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  598.312930][T24865] EXT4-fs (loop5): 1 truncate cleaned up
[  598.319346][T24865] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  598.321520][T24869] loop1: detected capacity change from 512 to 0
[  598.339988][    C1] I/O error, dev loop1, sector 70 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  598.377283][    C1] I/O error, dev loop1, sector 26 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[  598.410772][T24065] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  598.423614][T24072] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  598.793530][T24917] lo speed is unknown, defaulting to 1000
[  598.994662][   T29] kauditd_printk_skb: 118 callbacks suppressed
[  598.994675][   T29] audit: type=1326 audit(2158.696:30166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24935 comm="syz.2.20802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  599.072546][T24917] chnl_net:caif_netlink_parms(): no params data found
[  599.089278][   T29] audit: type=1326 audit(2158.738:30167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24935 comm="syz.2.20802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f2bae88d457 code=0x7ffc0000
[  599.114663][   T29] audit: type=1326 audit(2158.738:30168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24935 comm="syz.2.20802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  599.138766][   T29] audit: type=1326 audit(2158.738:30169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24935 comm="syz.2.20802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  599.162322][   T29] audit: type=1326 audit(2158.738:30170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24935 comm="syz.2.20802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  599.186323][   T29] audit: type=1326 audit(2158.738:30171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24935 comm="syz.2.20802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  599.210976][   T29] audit: type=1326 audit(2158.749:30172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24935 comm="syz.2.20802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  599.236981][   T29] audit: type=1326 audit(2158.749:30173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24935 comm="syz.2.20802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  599.262055][   T29] audit: type=1326 audit(2158.749:30174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24935 comm="syz.2.20802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  599.286331][   T29] audit: type=1326 audit(2158.749:30175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24935 comm="syz.2.20802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  599.423362][T24917] bridge0: port 1(bridge_slave_0) entered blocking state
[  599.430762][T24917] bridge0: port 1(bridge_slave_0) entered disabled state
[  599.464276][T24917] bridge_slave_0: entered allmulticast mode
[  599.471181][T24917] bridge_slave_0: entered promiscuous mode
[  599.497842][T24961] SELinux:  Context system_u:object_r:auth_cache_t:s0 is not valid (left unmapped).
[  599.503197][T24917] bridge0: port 2(bridge_slave_1) entered blocking state
[  599.515384][T24917] bridge0: port 2(bridge_slave_1) entered disabled state
[  599.526108][T24917] bridge_slave_1: entered allmulticast mode
[  599.535370][T24917] bridge_slave_1: entered promiscuous mode
[  599.559010][T24917] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  599.570097][T24917] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  599.617297][T24917] team0: Port device team_slave_0 added
[  599.624914][T24917] team0: Port device team_slave_1 added
[  599.635137][T14612] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  599.695855][T24917] batman_adv: batadv0: Adding interface: batadv_slave_0
[  599.702934][T24917] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  599.729578][T24917] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  599.761590][T24917] batman_adv: batadv0: Adding interface: batadv_slave_1
[  599.768806][T24917] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  599.795490][T24917] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  599.843080][T14612] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  599.888723][T24917] hsr_slave_0: entered promiscuous mode
[  599.895442][T24917] hsr_slave_1: entered promiscuous mode
[  599.901620][T24917] debugfs: 'hsr0' already exists in 'hsr'
[  599.907417][T24917] Cannot create hsr debugfs directory
[  599.927117][T14612] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  599.967337][T24994] wg2: entered promiscuous mode
[  599.972504][T24994] wg2: entered allmulticast mode
[  600.038650][T14612] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  600.085700][T25009] netlink: 'syz.2.20832': attribute type 39 has an invalid length.
[  600.209771][T14612] bridge_slave_1: left allmulticast mode
[  600.215981][T14612] bridge_slave_1: left promiscuous mode
[  600.222014][T14612] bridge0: port 2(bridge_slave_1) entered disabled state
[  600.245139][T14612] bridge_slave_0: left allmulticast mode
[  600.250997][T14612] bridge_slave_0: left promiscuous mode
[  600.257020][T14612] bridge0: port 1(bridge_slave_0) entered disabled state
[  600.362047][T14612] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  600.373049][T14612] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  600.385777][T14612] bond0 (unregistering): Released all slaves
[  600.484014][T14612] hsr_slave_0: left promiscuous mode
[  600.490284][T14612] hsr_slave_1: left promiscuous mode
[  600.502532][T14612] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  600.510552][T14612] batman_adv: batadv0: Removing interface: batadv_slave_0
[  600.529201][T14612] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  600.536950][T14612] batman_adv: batadv0: Removing interface: batadv_slave_1
[  600.552326][T25039] loop5: detected capacity change from 0 to 512
[  600.555732][T25041] sctp: [Deprecated]: syz.3.20852 (pid 25041) Use of struct sctp_assoc_value in delayed_ack socket option.
[  600.555732][T25041] Use struct sctp_sack_info instead
[  600.576764][T25039] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  600.602491][T14612] veth1_macvtap: left promiscuous mode
[  600.608715][T14612] veth0_macvtap: left promiscuous mode
[  600.614841][T14612] veth1_vlan: left promiscuous mode
[  600.621435][T14612] veth0_vlan: left promiscuous mode
[  600.629389][T25039] EXT4-fs (loop5): 1 orphan inode deleted
[  600.636155][T25039] EXT4-fs (loop5): 1 truncate cleaned up
[  600.653554][T25039] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  600.684520][T24072] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  600.790109][T14612] team0 (unregistering): Port device team_slave_1 removed
[  600.801170][T14612] team0 (unregistering): Port device team_slave_0 removed
[  600.832651][T25059] 9p: Unknown Cache mode or invalid value f
[  600.905713][T24917] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  600.929777][T24917] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  600.942551][T25069] netlink: 'syz.3.20856': attribute type 30 has an invalid length.
[  600.953202][T24917] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  600.977058][T24917] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  601.040968][T24917] 8021q: adding VLAN 0 to HW filter on device bond0
[  601.055463][T24917] 8021q: adding VLAN 0 to HW filter on device team0
[  601.067844][T17854] bridge0: port 1(bridge_slave_0) entered blocking state
[  601.075229][T17854] bridge0: port 1(bridge_slave_0) entered forwarding state
[  601.133109][T18814] bridge0: port 2(bridge_slave_1) entered blocking state
[  601.140251][T18814] bridge0: port 2(bridge_slave_1) entered forwarding state
[  601.156714][T25087] 9pnet: Could not find request transport: fd@
[  601.160578][T24917] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  601.174359][T24917] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  601.308703][T25105] __nla_validate_parse: 4 callbacks suppressed
[  601.308722][T25105] netlink: 12 bytes leftover after parsing attributes in process `syz.5.20865'.
[  601.324929][T25105] netlink: 28 bytes leftover after parsing attributes in process `syz.5.20865'.
[  601.334113][T25105] netlink: 12 bytes leftover after parsing attributes in process `syz.5.20865'.
[  601.350911][T25105] netlink: 28 bytes leftover after parsing attributes in process `syz.5.20865'.
[  601.360111][T25105] netlink: 'syz.5.20865': attribute type 6 has an invalid length.
[  601.393309][T24917] 8021q: adding VLAN 0 to HW filter on device batadv0
[  601.670947][T25145] syzkaller0: entered allmulticast mode
[  601.692898][T25145] syzkaller0 (unregistering): left allmulticast mode
[  601.744916][T24917] veth0_vlan: entered promiscuous mode
[  601.755587][T24917] veth1_vlan: entered promiscuous mode
[  601.776195][T24917] veth0_macvtap: entered promiscuous mode
[  601.785826][T24917] veth1_macvtap: entered promiscuous mode
[  601.917905][T24917] batman_adv: batadv0: Interface activated: batadv_slave_0
[  601.939263][T24917] batman_adv: batadv0: Interface activated: batadv_slave_1
[  601.973489][T14612] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  601.983476][T14612] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  601.994550][T14612] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  602.020932][T14612] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  602.088982][T25181] lo speed is unknown, defaulting to 1000
[  602.176133][T25192] netlink: 12 bytes leftover after parsing attributes in process `syz.3.20896'.
[  602.213354][T25189] lo speed is unknown, defaulting to 1000
[  602.245578][T25192] netlink: 'syz.3.20896': attribute type 1 has an invalid length.
[  602.531042][T25219] pim6reg: entered allmulticast mode
[  602.547404][T25219] pim6reg: left allmulticast mode
[  602.626902][T25240] netlink: 4 bytes leftover after parsing attributes in process `syz.2.20920'.
[  602.956351][T25275] loop9: detected capacity change from 0 to 1024
[  602.967935][T25275] EXT4-fs: Ignoring removed orlov option
[  602.981592][T25275] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[  602.997849][T25275] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  603.030518][T25275] EXT4-fs (loop9): invalid journal inode
[  603.044567][T25275] EXT4-fs (loop9): can't get journal size
[  603.060298][T25275] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  603.178991][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  603.841965][   T29] kauditd_printk_skb: 577 callbacks suppressed
[  603.841983][   T29] audit: type=1400 audit(2163.788:30753): avc:  denied  { relabelfrom } for  pid=25310 comm="syz.3.20950" name="NETLINK" dev="sockfs" ino=174836 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  603.876710][   T29] audit: type=1400 audit(2163.799:30754): avc:  denied  { relabelto } for  pid=25310 comm="syz.3.20950" name="NETLINK" dev="sockfs" ino=174836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_audit_socket permissive=1
[  603.916609][   T29] audit: type=1326 audit(2163.862:30755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25314 comm="syz.8.20952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7ffc0000
[  603.950754][   T29] audit: type=1326 audit(2163.883:30756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25314 comm="syz.8.20952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7ffc0000
[  603.976381][   T29] audit: type=1326 audit(2163.883:30757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25314 comm="syz.8.20952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fc3ccebe9 code=0x7ffc0000
[  603.977903][T25315] loop8: detected capacity change from 0 to 1024
[  604.002886][   T29] audit: type=1326 audit(2163.883:30758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25314 comm="syz.8.20952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7ffc0000
[  604.034359][   T29] audit: type=1326 audit(2163.883:30759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25314 comm="syz.8.20952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7ffc0000
[  604.050413][T25315] EXT4-fs: Ignoring removed nobh option
[  604.058460][   T29] audit: type=1326 audit(2163.893:30760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25314 comm="syz.8.20952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fc3ccebe9 code=0x7ffc0000
[  604.064374][T25315] EXT4-fs: Ignoring removed bh option
[  604.088087][   T29] audit: type=1326 audit(2163.893:30761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25314 comm="syz.8.20952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7ffc0000
[  604.104393][T25315] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  604.117843][   T29] audit: type=1326 audit(2163.893:30762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25314 comm="syz.8.20952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9fc3ccebe9 code=0x7ffc0000
[  604.212100][T25329] netlink: 'syz.5.20957': attribute type 12 has an invalid length.
[  604.527810][T12841] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  604.852781][T25418] netlink: 24 bytes leftover after parsing attributes in process `syz.2.21000'.
[  604.904399][T18944] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  604.964399][T25423] bridge0: port 1(macsec1) entered blocking state
[  604.971111][T25423] bridge0: port 1(macsec1) entered disabled state
[  604.978356][T25423] macsec1: entered allmulticast mode
[  604.983897][T25423] bridge0: entered allmulticast mode
[  604.991605][T25423] macsec1: left allmulticast mode
[  604.996692][T25423] bridge0: left allmulticast mode
[  605.024522][T18944] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.119633][T18944] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.134321][T25427] lo speed is unknown, defaulting to 1000
[  605.191565][T18944] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.276050][T25427] chnl_net:caif_netlink_parms(): no params data found
[  605.322541][T25453] netlink: 16 bytes leftover after parsing attributes in process `syz.8.21013'.
[  605.353423][T25455] netlink: 8 bytes leftover after parsing attributes in process `syz.8.21014'.
[  605.454909][T18944] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  605.477893][T18944] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  605.494088][T18944] bond0 (unregistering): Released all slaves
[  605.569543][T25455] vlan0: entered allmulticast mode
[  605.574791][T25455] dummy0: entered allmulticast mode
[  605.596279][T25472] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=25472 comm=syz.9.21020
[  605.609322][T25472] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=25472 comm=syz.9.21020
[  605.649347][T25427] bridge0: port 1(bridge_slave_0) entered blocking state
[  605.656586][T25427] bridge0: port 1(bridge_slave_0) entered disabled state
[  605.671400][T25427] bridge_slave_0: entered allmulticast mode
[  605.679096][T25427] bridge_slave_0: entered promiscuous mode
[  605.698290][T18944] hsr_slave_0: left promiscuous mode
[  605.705548][T18944] hsr_slave_1: left promiscuous mode
[  605.711410][T18944] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  605.719593][T18944] batman_adv: batadv0: Removing interface: batadv_slave_0
[  605.735574][T25477] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21024'.
[  605.745802][T18944] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  605.753475][T18944] batman_adv: batadv0: Removing interface: batadv_slave_1
[  605.784796][T18944] veth1_macvtap: left promiscuous mode
[  605.818948][T18944] veth0_macvtap: left promiscuous mode
[  605.824921][T18944] veth1_vlan: left promiscuous mode
[  605.831995][T18944] veth0_vlan: left promiscuous mode
[  605.928247][T18944] team0 (unregistering): Port device team_slave_1 removed
[  605.941065][T18944] team0 (unregistering): Port device team_slave_0 removed
[  605.979057][T25427] bridge0: port 2(bridge_slave_1) entered blocking state
[  605.986308][T25427] bridge0: port 2(bridge_slave_1) entered disabled state
[  605.999014][T25427] bridge_slave_1: entered allmulticast mode
[  606.005848][T25427] bridge_slave_1: entered promiscuous mode
[  606.045322][T25427] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  606.056976][T25427] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  606.076771][T25427] team0: Port device team_slave_0 added
[  606.084833][T25427] team0: Port device team_slave_1 added
[  606.117298][T25427] batman_adv: batadv0: Adding interface: batadv_slave_0
[  606.124512][T25427] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  606.151059][T25427] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  606.163621][T25427] batman_adv: batadv0: Adding interface: batadv_slave_1
[  606.171043][T25427] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  606.197908][T25427] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  606.209909][T25502] netlink: 8 bytes leftover after parsing attributes in process `syz.2.21031'.
[  606.225928][T25502] netlink: 8 bytes leftover after parsing attributes in process `syz.2.21031'.
[  606.257115][T25427] hsr_slave_0: entered promiscuous mode
[  606.263758][T25427] hsr_slave_1: entered promiscuous mode
[  606.270416][T25427] debugfs: 'hsr0' already exists in 'hsr'
[  606.276302][T25427] Cannot create hsr debugfs directory
[  606.282295][T25502] netlink: 8 bytes leftover after parsing attributes in process `syz.2.21031'.
[  606.292984][T25502] netlink: 8 bytes leftover after parsing attributes in process `syz.2.21031'.
[  606.312619][T25502] netlink: 8 bytes leftover after parsing attributes in process `syz.2.21031'.
[  606.372418][T18944] IPVS: stop unused estimator thread 0...
[  606.418921][T25515] netlink: 'syz.2.21035': attribute type 4 has an invalid length.
[  606.427720][T25515] netlink: 'syz.2.21035': attribute type 4 has an invalid length.
[  606.442355][T25517] veth1_to_bond: entered allmulticast mode
[  606.452633][T25517] veth1_to_bond: left allmulticast mode
[  606.605642][T25427] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  606.623987][T25427] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  606.648936][T25427] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  606.666643][T25427] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  606.683176][T25529] netlink: 12 bytes leftover after parsing attributes in process `syz.9.21042'.
[  606.693601][T25529] netlink: 'syz.9.21042': attribute type 11 has an invalid length.
[  606.706909][T25529] netlink: 12 bytes leftover after parsing attributes in process `syz.9.21042'.
[  606.716663][T25529] netlink: 'syz.9.21042': attribute type 11 has an invalid length.
[  606.746844][T25427] 8021q: adding VLAN 0 to HW filter on device bond0
[  606.766370][T25427] 8021q: adding VLAN 0 to HW filter on device team0
[  606.779460][T18814] bridge0: port 1(bridge_slave_0) entered blocking state
[  606.786810][T18814] bridge0: port 1(bridge_slave_0) entered forwarding state
[  606.819308][T18814] bridge0: port 2(bridge_slave_1) entered blocking state
[  606.826559][T18814] bridge0: port 2(bridge_slave_1) entered forwarding state
[  606.843388][T25541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21045'.
[  606.873463][T25545] loop9: detected capacity change from 0 to 1024
[  606.925589][T25545] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  606.950894][T25559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.21039'.
[  606.969798][T25545] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  606.992492][T25427] 8021q: adding VLAN 0 to HW filter on device batadv0
[  607.001253][T25545] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  607.014566][T25545] EXT4-fs (loop9): This should not happen!! Data will be lost
[  607.014566][T25545] 
[  607.024643][T25545] EXT4-fs (loop9): Total free blocks count 0
[  607.030911][T25545] EXT4-fs (loop9): Free/Dirty block details
[  607.037028][T25545] EXT4-fs (loop9): free_blocks=20480
[  607.042324][T25545] EXT4-fs (loop9): dirty_blocks=96
[  607.047704][T25545] EXT4-fs (loop9): Block reservation details
[  607.053875][T25545] EXT4-fs (loop9): i_reserved_data_blocks=6
[  607.102251][T18300] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  607.122247][T25565] bridge0: entered promiscuous mode
[  607.139414][T25565] bridge0: port 3(macsec1) entered blocking state
[  607.146206][T25565] bridge0: port 3(macsec1) entered disabled state
[  607.155258][T25565] macsec1: entered allmulticast mode
[  607.160830][T25565] bridge0: entered allmulticast mode
[  607.168073][T25565] macsec1: left allmulticast mode
[  607.173419][T25565] bridge0: left allmulticast mode
[  607.180226][T25565] bridge0: left promiscuous mode
[  607.283083][T25427] veth0_vlan: entered promiscuous mode
[  607.295503][T25595] loop9: detected capacity change from 0 to 2048
[  607.306174][T25427] veth1_vlan: entered promiscuous mode
[  607.324446][T25427] veth0_macvtap: entered promiscuous mode
[  607.333150][T25427] veth1_macvtap: entered promiscuous mode
[  607.343630][T25595] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  607.358938][T25427] batman_adv: batadv0: Interface activated: batadv_slave_0
[  607.370129][T25427] batman_adv: batadv0: Interface activated: batadv_slave_1
[  607.390818][T18814] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  607.411007][T18814] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  607.423400][T18814] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  607.423603][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  607.432995][T18814] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  607.501938][T25617] netlink: 8 bytes leftover after parsing attributes in process `syz.7.21002'.
[  607.548855][T25625] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.601087][T25633] netlink: 'syz.3.21075': attribute type 83 has an invalid length.
[  607.612214][T25625] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.653471][T25635] loop9: detected capacity change from 0 to 8192
[  607.677885][T25625] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.745115][T25625] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.900181][T25658] loop9: detected capacity change from 0 to 1764
[  608.071689][T25675] netlink: 'syz.9.21095': attribute type 4 has an invalid length.
[  608.086239][T25675] netlink: 'syz.9.21095': attribute type 4 has an invalid length.
[  608.212967][T25683] ref_ctr increment failed for inode: 0x114 offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff88811781bf40
[  608.225759][T25682] uprobe: syz.9.21100:25682 failed to unregister, leaking uprobe
[  608.311005][T25700] bridge: RTM_NEWNEIGH with invalid ether address
[  608.445186][T25719] loop8: detected capacity change from 0 to 128
[  608.500501][T25719] syz.8.21112: attempt to access beyond end of device
[  608.500501][T25719] loop8: rw=0, sector=121, nr_sectors = 920 limit=128
[  608.684496][T25744] loop8: detected capacity change from 0 to 8192
[  608.927986][T17854] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  608.945836][T17854] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  608.964629][T17854] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  608.984173][T17854] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  609.197274][T25773] atomic_op ffff88811a539528 conn xmit_atomic 0000000000000000
[  609.265751][T25782] lo speed is unknown, defaulting to 1000
[  609.593840][T25819] netlink: 'syz.2.21158': attribute type 4 has an invalid length.
[  609.616928][T25819] netlink: 'syz.2.21158': attribute type 4 has an invalid length.
[  609.708410][T25821] loop8: detected capacity change from 0 to 512
[  609.770382][T25821] EXT4-fs error (device loop8): __ext4_iget:5464: inode #17: block 1803188595: comm syz.8.21159: invalid block
[  609.848401][T25821] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.21159: couldn't read orphan inode 17 (err -117)
[  609.900485][T25821] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  609.930503][T12841] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  610.210762][   T29] kauditd_printk_skb: 193 callbacks suppressed
[  610.210776][   T29] audit: type=1326 audit(2170.476:30956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25855 comm="syz.7.21174" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5fe331ebe9 code=0x0
[  610.609801][   T29] audit: type=1326 audit(2170.896:30957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25888 comm="syz.8.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7fc00000
[  610.640891][   T29] audit: type=1326 audit(2170.896:30958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25888 comm="syz.8.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9fc3ccebe9 code=0x7fc00000
[  610.664567][   T29] audit: type=1326 audit(2170.917:30959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25888 comm="syz.8.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7fc00000
[  610.688637][   T29] audit: type=1326 audit(2170.917:30960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25888 comm="syz.8.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7fc00000
[  610.713598][   T29] audit: type=1326 audit(2170.917:30961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25888 comm="syz.8.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7fc00000
[  610.737647][   T29] audit: type=1326 audit(2170.917:30962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25888 comm="syz.8.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7fc00000
[  610.761540][   T29] audit: type=1326 audit(2170.917:30963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25888 comm="syz.8.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7fc00000
[  610.786025][   T29] audit: type=1326 audit(2170.917:30964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25888 comm="syz.8.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7fc00000
[  610.809854][   T29] audit: type=1326 audit(2170.917:30965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25888 comm="syz.8.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc3ccebe9 code=0x7fc00000
[  610.897449][T25903] syzkaller0: entered promiscuous mode
[  610.903125][T25903] syzkaller0: entered allmulticast mode
[  611.025476][T25916] loop7: detected capacity change from 0 to 512
[  611.034134][T25916] EXT4-fs: Ignoring removed mblk_io_submit option
[  611.043304][T25916] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  611.055370][T25916] EXT4-fs (loop7): 1 truncate cleaned up
[  611.061561][T25916] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  611.193328][T25427] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  611.203658][T25929] netlink: 'syz.3.21206': attribute type 1 has an invalid length.
[  611.228732][T25929] 8021q: adding VLAN 0 to HW filter on device bond1
[  611.255665][T25929] __nla_validate_parse: 7 callbacks suppressed
[  611.255686][T25929] netlink: 4 bytes leftover after parsing attributes in process `syz.3.21206'.
[  611.301607][T25947] loop7: detected capacity change from 0 to 512
[  611.311648][T25947] EXT4-fs error (device loop7): ext4_get_branch:178: inode #11: block 4294967295: comm syz.7.21213: invalid block
[  611.312093][T25929] bond1 (unregistering): Released all slaves
[  611.331013][T25947] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.21213: invalid indirect mapped block 4294967295 (level 1)
[  611.350584][T25947] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.21213: invalid indirect mapped block 4294967295 (level 1)
[  611.371137][T25947] EXT4-fs (loop7): 2 truncates cleaned up
[  611.377770][T25947] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  611.401129][T25956] loop9: detected capacity change from 0 to 512
[  611.409863][T25427] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  611.422310][T25954] netlink: 36 bytes leftover after parsing attributes in process `syz.2.21217'.
[  611.434403][T25956] EXT4-fs: Ignoring removed mblk_io_submit option
[  611.476809][T25956] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  611.506705][T25956] EXT4-fs (loop9): 1 truncate cleaned up
[  611.518104][T25956] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  611.707466][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  612.252436][T26022] openvswitch: netlink: Message has 6 unknown bytes.
[  612.282074][T26024] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26024 comm=syz.2.21247
[  612.797590][T26078] netlink: 12 bytes leftover after parsing attributes in process `syz.9.21270'.
[  612.833767][T26082] smc: net device bond0 erased user defined pnetid SYZ0
[  612.906321][T26088] sd 0:0:1:0: device reset
[  612.951185][T26095] hub 8-0:1.0: USB hub found
[  612.968983][T26095] hub 8-0:1.0: 8 ports detected
[  613.303410][T24429] page_pool_release_retry() stalled pool shutdown: id 422, 1 inflight 60 sec
[  613.350924][T24429] hid_parser_main: 43 callbacks suppressed
[  613.351018][T24429] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[  613.368864][T24429] hid-generic 0000:0000:0000.001A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  613.488411][T26149] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  613.522878][T26152] loop7: detected capacity change from 0 to 1024
[  613.544993][T26149] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  613.569819][T26152] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  613.599605][T26164] netlink: 'syz.2.21308': attribute type 1 has an invalid length.
[  613.619613][T25427] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  613.638146][T26164] 8021q: adding VLAN 0 to HW filter on device bond7
[  613.654224][T26149] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  613.656940][T26164] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21308'.
[  613.677643][T26164] bond7 (unregistering): Released all slaves
[  613.707822][T26149] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  613.726769][T26167] loop7: detected capacity change from 0 to 2048
[  613.744248][T26167] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  613.780073][T17137] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  613.806576][T17137] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  613.824714][T17137] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  613.833331][T17137] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  613.887077][T26183] netlink: 332 bytes leftover after parsing attributes in process `syz.3.21317'.
[  614.157995][T26213] IPv6: Can't replace route, no match found
[  614.215057][T14658] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm kworker/u8:52: bg 0: block 345: padding at end of block bitmap is not set
[  614.236312][T14658] EXT4-fs (loop7): Remounting filesystem read-only
[  614.243156][T14651] EXT4-fs warning (device loop7): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  614.315354][T25427] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  614.339735][T26226] netlink: 104 bytes leftover after parsing attributes in process `syz.7.21332'.
[  614.512048][T26242] loop7: detected capacity change from 0 to 512
[  614.520359][T26242] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  614.532574][T26242] EXT4-fs (loop7): 1 truncate cleaned up
[  614.539034][T26242] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  614.565267][T25427] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  614.656228][T26261] loop7: detected capacity change from 0 to 512
[  614.663376][T26261] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  614.676972][T26261] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  614.692674][T26261] EXT4-fs (loop7): 1 truncate cleaned up
[  614.700599][T26261] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  614.726844][T25427] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  614.830643][T26272] loop7: detected capacity change from 0 to 512
[  614.847684][T26272] EXT4-fs: Ignoring removed i_version option
[  614.854098][T26272] EXT4-fs: Ignoring removed nobh option
[  614.864395][T26272] EXT4-fs: inline encryption not supported
[  614.873487][T26272] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  614.885416][T26272] EXT4-fs (loop7): 1 truncate cleaned up
[  614.891750][T26272] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  614.918166][T25427] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  614.974717][T26291] netlink: 24 bytes leftover after parsing attributes in process `syz.7.21361'.
[  614.997664][   T29] kauditd_printk_skb: 567 callbacks suppressed
[  614.997680][   T29] audit: type=1326 audit(2175.495:31533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26292 comm="syz.2.21363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  615.031808][   T29] audit: type=1326 audit(2175.495:31534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26292 comm="syz.2.21363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  615.056808][   T29] audit: type=1326 audit(2175.505:31535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26292 comm="syz.2.21363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  615.081538][   T29] audit: type=1326 audit(2175.505:31536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26292 comm="syz.2.21363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  615.107892][   T29] audit: type=1326 audit(2175.505:31537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26292 comm="syz.2.21363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  615.133483][   T29] audit: type=1326 audit(2175.505:31538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26292 comm="syz.2.21363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  615.160136][   T29] audit: type=1326 audit(2175.505:31539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26292 comm="syz.2.21363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  615.185510][   T29] audit: type=1326 audit(2175.505:31540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26292 comm="syz.2.21363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  615.209571][   T29] audit: type=1326 audit(2175.505:31541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26292 comm="syz.2.21363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  615.234265][   T29] audit: type=1326 audit(2175.505:31542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26292 comm="syz.2.21363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  615.316984][T26307] lo speed is unknown, defaulting to 1000
[  615.339909][T26310] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.419037][T26310] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.445277][T26325] loop7: detected capacity change from 0 to 256
[  615.507180][T26310] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.574045][T26310] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.697965][   T41] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  615.742535][   T41] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  615.761139][   T41] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  615.780865][   T41] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  615.950350][T26397] netlink: 'syz.9.21409': attribute type 5 has an invalid length.
[  615.975169][T26402] loop9: detected capacity change from 0 to 512
[  615.982562][T26404] netlink: 2048 bytes leftover after parsing attributes in process `syz.3.21406'.
[  615.992771][T26404] netlink: 4 bytes leftover after parsing attributes in process `syz.3.21406'.
[  616.003521][T26402] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  616.022799][T26407] loop8: detected capacity change from 0 to 128
[  616.032734][T26407] syz.8.21412: attempt to access beyond end of device
[  616.032734][T26407] loop8: rw=2049, sector=138, nr_sectors = 8 limit=128
[  616.047892][T26407] syz.8.21412: attempt to access beyond end of device
[  616.047892][T26407] loop8: rw=2049, sector=146, nr_sectors = 8 limit=128
[  616.062590][T26407] syz.8.21412: attempt to access beyond end of device
[  616.062590][T26407] loop8: rw=2049, sector=152, nr_sectors = 2 limit=128
[  616.076675][T26407] buffer_io_error: 15566 callbacks suppressed
[  616.076694][T26407] Buffer I/O error on dev loop8, logical block 76, lost async page write
[  616.091985][T26407] syz.8.21412: attempt to access beyond end of device
[  616.091985][T26407] loop8: rw=2049, sector=170, nr_sectors = 8 limit=128
[  616.107986][T26407] syz.8.21412: attempt to access beyond end of device
[  616.107986][T26407] loop8: rw=2049, sector=176, nr_sectors = 2 limit=128
[  616.111166][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  616.121564][T26407] Buffer I/O error on dev loop8, logical block 88, lost async page write
[  616.121933][T26407] syz.8.21412: attempt to access beyond end of device
[  616.121933][T26407] loop8: rw=2049, sector=178, nr_sectors = 8 limit=128
[  616.155695][T26407] syz.8.21412: attempt to access beyond end of device
[  616.155695][T26407] loop8: rw=2049, sector=184, nr_sectors = 2 limit=128
[  616.169676][T26407] Buffer I/O error on dev loop8, logical block 92, lost async page write
[  616.179830][T26407] syz.8.21412: attempt to access beyond end of device
[  616.179830][T26407] loop8: rw=2049, sector=202, nr_sectors = 8 limit=128
[  616.194793][T26407] syz.8.21412: attempt to access beyond end of device
[  616.194793][T26407] loop8: rw=2049, sector=208, nr_sectors = 2 limit=128
[  616.208725][T26407] Buffer I/O error on dev loop8, logical block 104, lost async page write
[  616.218546][T26407] syz.8.21412: attempt to access beyond end of device
[  616.218546][T26407] loop8: rw=2049, sector=210, nr_sectors = 8 limit=128
[  616.233131][T26407] Buffer I/O error on dev loop8, logical block 108, lost async page write
[  616.243152][T26407] Buffer I/O error on dev loop8, logical block 120, lost async page write
[  616.252553][T26407] Buffer I/O error on dev loop8, logical block 124, lost async page write
[  616.262122][T26407] Buffer I/O error on dev loop8, logical block 80, lost async page write
[  616.271118][T26407] Buffer I/O error on dev loop8, logical block 84, lost async page write
[  616.280909][T26407] Buffer I/O error on dev loop8, logical block 112, lost async page write
[  616.558204][T26425] netlink: 12 bytes leftover after parsing attributes in process `syz.8.21420'.
[  616.611314][T26433] netlink: 'syz.8.21424': attribute type 4 has an invalid length.
[  616.626443][T24426] lo speed is unknown, defaulting to 1000
[  616.632799][T24426] syz2: Port: 1 Link DOWN
[  616.639707][T26433] netlink: 'syz.8.21424': attribute type 4 has an invalid length.
[  616.650021][T24429] lo speed is unknown, defaulting to 1000
[  616.786366][T26447] loop7: detected capacity change from 0 to 512
[  616.800650][T26447] EXT4-fs (loop7): too many log groups per flexible block group
[  616.808821][T26447] EXT4-fs (loop7): failed to initialize mballoc (-12)
[  616.815773][T26447] EXT4-fs (loop7): mount failed
[  616.883606][T24426] lo speed is unknown, defaulting to 1000
[  616.906403][T26457] netlink: 'syz.3.21433': attribute type 6 has an invalid length.
[  616.983179][T26463] loop7: detected capacity change from 0 to 512
[  617.009283][T26463] EXT4-fs (loop7): 1 orphan inode deleted
[  617.015788][T26463] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  617.043960][T25427] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  617.076890][T26476] loop8: detected capacity change from 0 to 128
[  617.088705][T26476] FAT-fs (loop8): Directory bread(block 32) failed
[  617.096365][T26476] FAT-fs (loop8): Directory bread(block 33) failed
[  617.104412][T26476] FAT-fs (loop8): Directory bread(block 34) failed
[  617.111247][T26476] FAT-fs (loop8): Directory bread(block 35) failed
[  617.116268][T26480] netlink: 'syz.7.21443': attribute type 10 has an invalid length.
[  617.127315][T26480] syz_tun: entered promiscuous mode
[  617.136263][T26480] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  617.160808][T26476] FAT-fs (loop8): Directory bread(block 36) failed
[  617.167909][T26476] FAT-fs (loop8): Directory bread(block 37) failed
[  617.175102][T26476] FAT-fs (loop8): Directory bread(block 38) failed
[  617.176528][T26486] netlink: 'syz.3.21446': attribute type 4 has an invalid length.
[  617.191031][T26488] loop7: detected capacity change from 0 to 2048
[  617.200098][T26476] FAT-fs (loop8): Directory bread(block 39) failed
[  617.203527][T26486] netlink: 'syz.3.21446': attribute type 4 has an invalid length.
[  617.206677][T26476] FAT-fs (loop8): Directory bread(block 40) failed
[  617.206699][T26476] FAT-fs (loop8): Directory bread(block 41) failed
[  617.245028][T26488] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  617.274320][T26486] bridge0: port 2(bridge_slave_1) entered disabled state
[  617.282133][T26486] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.368691][T26486] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  617.380804][T26486] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  617.496518][T14606] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  617.508161][T14606] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  617.527922][T14606] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  617.549161][T25427] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  617.579090][T14606] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  617.596844][T26521] loop7: detected capacity change from 0 to 512
[  617.609413][T26521] EXT4-fs: Ignoring removed i_version option
[  617.637359][T26521] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  617.657527][T26521] EXT4-fs (loop7): can't mount with journal_checksum, fs mounted w/o journal
[  617.680823][T26534] lo speed is unknown, defaulting to 1000
[  617.850121][T26557] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21467'.
[  617.864865][T26557] netlink: 12 bytes leftover after parsing attributes in process `syz.2.21467'.
[  618.029729][T26584] serio: Serial port ptm0
[  618.177217][T26607] hub 8-0:1.0: USB hub found
[  618.183249][T26607] hub 8-0:1.0: 8 ports detected
[  618.206511][T24422] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  618.214449][T24422] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  618.222205][T24422] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  618.230456][T24422] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  618.238044][T24422] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  618.246100][T24422] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  618.254079][T24422] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  618.262156][T24422] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  618.269748][T24422] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  618.277437][T24422] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  618.285995][T24422] hid-generic 0000:0000:0000.001B: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[  618.316867][T26622] netlink: 12 bytes leftover after parsing attributes in process `syz.3.21496'.
[  618.318757][   T10] hid-generic 0000:0000:0000.001C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  618.508137][T26631] netlink: 'syz.7.21500': attribute type 4 has an invalid length.
[  618.521895][T26631] netlink: 'syz.7.21500': attribute type 4 has an invalid length.
[  618.554099][T26636] netlink: 'syz.3.21502': attribute type 10 has an invalid length.
[  618.575379][T26631] bridge0: port 2(bridge_slave_1) entered disabled state
[  618.582731][T26631] bridge0: port 1(bridge_slave_0) entered disabled state
[  618.596011][T26638] loop8: detected capacity change from 0 to 164
[  618.622322][T26641] netlink: 'syz.8.21504': attribute type 1 has an invalid length.
[  618.632268][T26631] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  618.642458][T26631] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  618.669491][T26636] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  618.736185][T26641] 8021q: adding VLAN 0 to HW filter on device bond7
[  618.747683][T26642] bond7: (slave batadv0): Opening slave failed
[  618.755723][T14606] netdevsim netdevsim7 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  618.764624][T14606] netdevsim netdevsim7 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  618.774238][T14606] netdevsim netdevsim7 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  618.783817][T14606] netdevsim netdevsim7 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  618.833956][T26654] SELinux: ebitmap: truncated map
[  618.840515][T26654] SELinux: failed to load policy
[  618.870698][T26659] loop8: detected capacity change from 0 to 128
[  618.930593][T26665] loop7: detected capacity change from 0 to 2048
[  618.974177][T26665] Alternate GPT is invalid, using primary GPT.
[  618.980974][T26665]  loop7: p2 p3 p7
[  619.062944][T26677] tipc: Started in network mode
[  619.067956][T26677] tipc: Node identity 3235c9845913, cluster identity 4711
[  619.075495][T26677] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  619.109604][T26677] tipc: Disabling bearer <eth:syzkaller0>
[  619.264149][T26695] lo speed is unknown, defaulting to 1000
[  619.820654][T26739] lo speed is unknown, defaulting to 1000
[  620.030979][T26755] netlink: 12 bytes leftover after parsing attributes in process `syz.7.21548'.
[  620.040897][T26755] netlink: 12 bytes leftover after parsing attributes in process `syz.7.21548'.
[  620.049744][T26753] tipc: Started in network mode
[  620.055437][T26753] tipc: Node identity ac14140f, cluster identity 4711
[  620.073754][T26753] tipc: New replicast peer: 255.255.255.83
[  620.080386][T26753] tipc: Enabled bearer <udp:� >, priority 10
[  620.125729][T26764] netlink: 24 bytes leftover after parsing attributes in process `syz.9.21553'.
[  620.244146][T26775] program syz.9.21558 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  620.381231][   T29] kauditd_printk_skb: 85 callbacks suppressed
[  620.381249][   T29] audit: type=1326 audit(2181.154:31628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26784 comm="syz.9.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  620.411526][   T29] audit: type=1326 audit(2181.164:31629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26784 comm="syz.9.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  620.435601][   T29] audit: type=1326 audit(2181.164:31630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26784 comm="syz.9.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  620.459562][   T29] audit: type=1326 audit(2181.164:31631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26784 comm="syz.9.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  620.460081][T26785] loop9: detected capacity change from 0 to 764
[  620.483718][   T29] audit: type=1326 audit(2181.164:31632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26784 comm="syz.9.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  620.492980][T26785] iso9660: Unknown parameter '���'
[  620.513464][   T29] audit: type=1326 audit(2181.164:31633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26784 comm="syz.9.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  620.513646][   T29] audit: type=1326 audit(2181.206:31634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26784 comm="syz.9.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  620.566997][   T29] audit: type=1326 audit(2181.217:31635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26784 comm="syz.9.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  620.591012][   T29] audit: type=1326 audit(2181.217:31636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26784 comm="syz.9.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  620.616543][   T29] audit: type=1326 audit(2181.217:31637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26784 comm="syz.9.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  620.703051][T26802] loop9: detected capacity change from 0 to 128
[  620.716465][T26804] netlink: 96 bytes leftover after parsing attributes in process `syz.3.21571'.
[  620.764240][T26812] netlink: 16 bytes leftover after parsing attributes in process `syz.9.21574'.
[  620.817003][T26818] netlink: 96 bytes leftover after parsing attributes in process `syz.9.21577'.
[  620.884696][T26820] Falling back ldisc for ttyS3.
[  621.059582][T26857] x_tables: ip_tables: udp match: only valid for protocol 17
[  621.108981][T26866] syzkaller1: entered promiscuous mode
[  621.114878][T26866] syzkaller1: entered allmulticast mode
[  621.141727][   T10] tipc: Node number set to 2886997007
[  621.668635][T26893] Set syz1 is full, maxelem 65536 reached
[  621.699986][T24422] hid-generic 0000:0000:0000.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  621.856826][T26912] loop8: detected capacity change from 0 to 2048
[  621.876690][T26912] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  621.898806][T12841] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.006205][T26929] validate_nla: 4 callbacks suppressed
[  622.006286][T26929] netlink: 'syz.8.21623': attribute type 21 has an invalid length.
[  622.020203][T26929] __nla_validate_parse: 4 callbacks suppressed
[  622.020221][T26929] netlink: 128 bytes leftover after parsing attributes in process `syz.8.21623'.
[  622.054581][T26929] netlink: 'syz.8.21623': attribute type 5 has an invalid length.
[  622.062681][T26929] netlink: 'syz.8.21623': attribute type 6 has an invalid length.
[  622.070842][T26929] netlink: 3 bytes leftover after parsing attributes in process `syz.8.21623'.
[  622.100473][T26940] netlink: 2028 bytes leftover after parsing attributes in process `syz.2.21625'.
[  622.109868][T26940] netlink: 24 bytes leftover after parsing attributes in process `syz.2.21625'.
[  622.166062][T26946] netlink: 'syz.3.21629': attribute type 1 has an invalid length.
[  622.197758][T26953] loop9: detected capacity change from 0 to 512
[  622.199103][T26946] 8021q: adding VLAN 0 to HW filter on device bond1
[  622.205257][T26953] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  622.235493][T26953] EXT4-fs (loop9): 1 truncate cleaned up
[  622.237006][T26946] bond1: (slave veth5): Enslaving as an active interface with a down link
[  622.242141][T26953] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  622.282786][T26946] 8021q: adding VLAN 0 to HW filter on device batadv1
[  622.306317][T26946] bond1: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[  622.345180][T26960] loop8: detected capacity change from 0 to 164
[  622.353465][T26960] bio_check_eod: 20 callbacks suppressed
[  622.353481][T26960] syz.8.21635: attempt to access beyond end of device
[  622.353481][T26960] loop8: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  622.375179][T26960] syz.8.21635: attempt to access beyond end of device
[  622.375179][T26960] loop8: rw=0, sector=263328, nr_sectors = 4 limit=164
[  622.397547][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.429823][T26966] bond6: (slave dummy0): Releasing active interface
[  622.439382][T26966] bond6: (slave veth19): Releasing active interface
[  622.449667][T26966] netlink: 'syz.8.21638': attribute type 10 has an invalid length.
[  622.458114][T26966] netlink: 40 bytes leftover after parsing attributes in process `syz.8.21638'.
[  622.557415][T26987] syzkaller0: entered allmulticast mode
[  622.567236][T26987] syzkaller0 (unregistering): left allmulticast mode
[  622.615782][T26997] atomic_op ffff88811b712528 conn xmit_atomic 0000000000000000
[  622.927719][T27034] 9pnet_fd: Insufficient options for proto=fd
[  622.936513][T27036] netlink: 24 bytes leftover after parsing attributes in process `syz.3.21671'.
[  623.132970][T27056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  623.153953][T27056] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  623.191671][T27048] Set syz1 is full, maxelem 65536 reached
[  623.198305][T27056] Set syz1 is full, maxelem 65536 reached
[  623.459851][T27070] loop8: detected capacity change from 0 to 512
[  623.503185][T27070] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  623.578163][T12841] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  623.790024][T13051] hid_parser_main: 21 callbacks suppressed
[  623.790092][T13051] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  623.804189][T13051] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  623.811879][T13051] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  623.819853][T13051] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  623.827616][T13051] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  623.836090][T13051] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  623.843871][T13051] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  623.852011][T13051] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  623.859709][T13051] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  623.867388][T13051] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  623.895578][T13051] hid-generic 0000:0000:0000.001E: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  623.908989][T27131] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21705'.
[  623.920391][T27131] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21705'.
[  624.043835][T27148] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  624.362826][T27194] syz.3.21734: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  624.378040][T27194] CPU: 1 UID: 0 PID: 27194 Comm: syz.3.21734 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  624.378075][T27194] Tainted: [W]=WARN
[  624.378154][T27194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  624.378166][T27194] Call Trace:
[  624.378173][T27194]  <TASK>
[  624.378227][T27194]  __dump_stack+0x1d/0x30
[  624.378301][T27194]  dump_stack_lvl+0xe8/0x140
[  624.378338][T27194]  dump_stack+0x15/0x1b
[  624.378355][T27194]  warn_alloc+0x12b/0x1a0
[  624.378435][T27194]  __vmalloc_node_range_noprof+0x9c/0xe00
[  624.378468][T27194]  ? __futex_wait+0x1ff/0x260
[  624.378551][T27194]  ? __pfx_futex_wake_mark+0x10/0x10
[  624.378652][T27194]  ? __rcu_read_unlock+0x4f/0x70
[  624.378687][T27194]  ? avc_has_perm_noaudit+0x1b1/0x200
[  624.378783][T27194]  vmalloc_user_noprof+0x7d/0xb0
[  624.378812][T27194]  ? xskq_create+0x80/0xe0
[  624.378866][T27194]  xskq_create+0x80/0xe0
[  624.378894][T27194]  xsk_init_queue+0x95/0xf0
[  624.378948][T27194]  xsk_setsockopt+0x477/0x640
[  624.378980][T27194]  ? __pfx_xsk_setsockopt+0x10/0x10
[  624.379037][T27194]  __sys_setsockopt+0x184/0x200
[  624.379064][T27194]  __x64_sys_setsockopt+0x64/0x80
[  624.379088][T27194]  x64_sys_call+0x20ec/0x2ff0
[  624.379108][T27194]  do_syscall_64+0xd2/0x200
[  624.379213][T27194]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  624.379271][T27194]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  624.379301][T27194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.379326][T27194] RIP: 0033:0x7f71ae99ebe9
[  624.379343][T27194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  624.379360][T27194] RSP: 002b:00007f71ad3ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  624.379378][T27194] RAX: ffffffffffffffda RBX: 00007f71aebd5fa0 RCX: 00007f71ae99ebe9
[  624.379390][T27194] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000006
[  624.379402][T27194] RBP: 00007f71aea21e19 R08: 0000000000000004 R09: 0000000000000000
[  624.379416][T27194] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  624.379430][T27194] R13: 00007f71aebd6038 R14: 00007f71aebd5fa0 R15: 00007fff78484e88
[  624.379490][T27194]  </TASK>
[  624.379497][T27194] Mem-Info:
[  624.606312][T27194] active_anon:20640 inactive_anon:22918 isolated_anon:0
[  624.606312][T27194]  active_file:20519 inactive_file:3216 isolated_file:0
[  624.606312][T27194]  unevictable:16871 dirty:322 writeback:0
[  624.606312][T27194]  slab_reclaimable:4233 slab_unreclaimable:114884
[  624.606312][T27194]  mapped:31665 shmem:33989 pagetables:1789
[  624.606312][T27194]  sec_pagetables:0 bounce:0
[  624.606312][T27194]  kernel_misc_reclaimable:0
[  624.606312][T27194]  free:1693125 free_pcp:26975 free_cma:0
[  624.653745][T27194] Node 0 active_anon:82560kB inactive_anon:91672kB active_file:82076kB inactive_file:12864kB unevictable:67484kB isolated(anon):0kB isolated(file):0kB mapped:126660kB dirty:1288kB writeback:0kB shmem:135956kB kernel_stack:5664kB pagetables:7156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  624.683218][T27194] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  624.713444][T27194] lowmem_reserve[]: 0 2883 7862 7862
[  624.718971][T27194] Node 0 DMA32 free:2949196kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952828kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB
[  624.751968][T27194] lowmem_reserve[]: 0 0 4978 4978
[  624.757362][T27194] Node 0 Normal free:3807944kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:82560kB inactive_anon:91672kB active_file:82076kB inactive_file:12864kB unevictable:67484kB writepending:1288kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:104472kB local_pcp:24852kB free_cma:0kB
[  624.791965][T27194] lowmem_reserve[]: 0 0 0 0
[  624.796884][T27194] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  624.810146][T27194] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 3*16kB (M) 2*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949196kB
[  624.826782][T27194] Node 0 Normal: 1326*4kB (UME) 131*8kB (UE) 2014*16kB (UME) 1779*32kB (UME) 916*64kB (UME) 600*128kB (UME) 326*256kB (UME) 141*512kB (UME) 135*1024kB (UME) 69*2048kB (UM) 767*4096kB (UM) = 3807760kB
[  624.847367][T27194] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  624.857630][T27194] 74626 total pagecache pages
[  624.862962][T27194] 31 pages in swap cache
[  624.867641][T27194] Free swap  = 7640kB
[  624.871758][T27194] Total swap = 124996kB
[  624.875929][T27194] 2097051 pages RAM
[  624.879826][T27194] 0 pages HighMem/MovableOnly
[  624.884903][T27194] 80444 pages reserved
[  624.971227][T27209] loop7: detected capacity change from 0 to 1024
[  625.008359][T27209] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  625.165352][T27209] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.21742: Allocating blocks 449-513 which overlap fs metadata
[  625.166667][T27223] netlink: 24 bytes leftover after parsing attributes in process `syz.8.21747'.
[  625.197294][T27208] EXT4-fs (loop7): pa ffff88810964fe70: logic 48, phys. 177, len 21
[  625.205784][T27208] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  625.246499][T25427] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  625.273095][   T29] kauditd_printk_skb: 59 callbacks suppressed
[  625.273109][   T29] audit: type=1326 audit(2186.288:31697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27228 comm="syz.2.21750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  625.305758][   T29] audit: type=1326 audit(2186.288:31698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27228 comm="syz.2.21750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  625.330551][   T29] audit: type=1326 audit(2186.288:31699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27228 comm="syz.2.21750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  625.356911][   T29] audit: type=1326 audit(2186.288:31700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27228 comm="syz.2.21750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  625.381753][   T29] audit: type=1326 audit(2186.288:31701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27228 comm="syz.2.21750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  625.405468][   T29] audit: type=1326 audit(2186.288:31702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27228 comm="syz.2.21750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  625.437618][T27229] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=27229 comm=syz.2.21750
[  625.484897][   T29] audit: type=1326 audit(2186.456:31703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27228 comm="syz.2.21750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  625.509828][   T29] audit: type=1326 audit(2186.456:31704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27228 comm="syz.2.21750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  625.534951][   T29] audit: type=1326 audit(2186.456:31705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27228 comm="syz.2.21750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  625.558851][   T29] audit: type=1326 audit(2186.456:31706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27228 comm="syz.2.21750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  625.836128][T27269] netlink: 12 bytes leftover after parsing attributes in process `syz.2.21766'.
[  626.126019][T27284] netlink: zone id is out of range
[  626.143050][T27284] netlink: zone id is out of range
[  626.148639][T27284] netlink: del zone limit has 8 unknown bytes
[  626.386332][T27310] ALSA: seq fatal error: cannot create timer (-22)
[  626.505347][T27326] syzkaller0: entered allmulticast mode
[  626.516116][T27326] syzkaller0 (unregistering): left allmulticast mode
[  626.700633][T27334] netlink: 'syz.2.21796': attribute type 10 has an invalid length.
[  626.728575][T27334] netlink: 'syz.2.21796': attribute type 10 has an invalid length.
[  627.082702][T27347] loop9: detected capacity change from 0 to 8192
[  627.100788][T27347] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  627.196726][T27363] loop9: detected capacity change from 0 to 512
[  627.225402][T27363] EXT4-fs: Ignoring removed nobh option
[  627.237688][T27363] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  627.304292][T27363] EXT4-fs error (device loop9): ext4_orphan_get:1392: inode #15: comm syz.9.21808: iget: bad i_size value: 38620345925642
[  627.326980][T27363] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.21808: couldn't read orphan inode 15 (err -117)
[  627.340217][T27363] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  627.368302][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  627.426031][T27380] __nla_validate_parse: 3 callbacks suppressed
[  627.426051][T27380] netlink: 92 bytes leftover after parsing attributes in process `syz.3.21815'.
[  627.469012][T27385] netlink: 12 bytes leftover after parsing attributes in process `syz.7.21816'.
[  627.849194][T27410] SELinux: failed to load policy
[  627.957012][T27421] loop9: detected capacity change from 0 to 164
[  627.966917][T27421] syz.9.21834: attempt to access beyond end of device
[  627.966917][T27421] loop9: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  627.990182][T27421] syz.9.21834: attempt to access beyond end of device
[  627.990182][T27421] loop9: rw=0, sector=263328, nr_sectors = 4 limit=164
[  628.059446][T27427] bridge_slave_0: left allmulticast mode
[  628.065307][T27427] bridge_slave_0: left promiscuous mode
[  628.071388][T27427] bridge0: port 1(bridge_slave_0) entered disabled state
[  628.087110][T27427] bridge_slave_1: left allmulticast mode
[  628.087628][T27431] netlink: 24 bytes leftover after parsing attributes in process `syz.2.21833'.
[  628.093332][T27427] bridge_slave_1: left promiscuous mode
[  628.104524][T27432] netlink: 'syz.9.21837': attribute type 10 has an invalid length.
[  628.109092][T27427] bridge0: port 2(bridge_slave_1) entered disabled state
[  628.117790][T27432] netlink: 40 bytes leftover after parsing attributes in process `syz.9.21837'.
[  628.147365][T27427] bond0: (slave bond_slave_0): Releasing backup interface
[  628.159517][T27427] bond0: (slave bond_slave_1): Releasing backup interface
[  628.192823][T27427] team0: Port device team_slave_0 removed
[  628.207152][T27427] team0: Port device team_slave_1 removed
[  628.224339][T27427] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  628.232091][T27427] batman_adv: batadv0: Removing interface: batadv_slave_0
[  628.247031][T27427] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  628.254821][T27427] batman_adv: batadv0: Removing interface: batadv_slave_1
[  628.311224][T27432] batman_adv: batadv0: Adding interface: veth1_vlan
[  628.317982][T27432] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  628.366410][T27432] batman_adv: batadv0: Interface activated: veth1_vlan
[  628.457065][T27448] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=27448 comm=syz.7.21844
[  628.541820][T27460] loop7: detected capacity change from 0 to 2048
[  628.582846][T27460] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  628.649761][T25427] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  628.667158][T27474] netlink: 12 bytes leftover after parsing attributes in process `syz.9.21855'.
[  628.682285][T27474] netlink: 12 bytes leftover after parsing attributes in process `syz.9.21855'.
[  628.892357][T27495] loop9: detected capacity change from 0 to 2048
[  628.907237][T27495] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  629.179921][T27505] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.21863: bg 0: block 234: padding at end of block bitmap is not set
[  629.200278][T27505] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 117
[  629.213109][T27505] EXT4-fs (loop9): This should not happen!! Data will be lost
[  629.213109][T27505] 
[  629.265684][T25752] bond0: (slave syz_tun): Releasing backup interface
[  629.279751][T17137] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  629.293185][T17137] EXT4-fs (loop9): This should not happen!! Data will be lost
[  629.293185][T17137] 
[  629.303352][T17137] EXT4-fs (loop9): Total free blocks count 0
[  629.309934][T17137] EXT4-fs (loop9): Free/Dirty block details
[  629.316192][T17137] EXT4-fs (loop9): free_blocks=0
[  629.321146][T17137] EXT4-fs (loop9): dirty_blocks=6160
[  629.326526][T17137] EXT4-fs (loop9): Block reservation details
[  629.754105][T27570] IPv4: Oversized IP packet from 127.202.26.0
[  629.772947][T27550] lo speed is unknown, defaulting to 1000
[  629.899991][T27550] chnl_net:caif_netlink_parms(): no params data found
[  629.941823][T27550] bridge0: port 1(bridge_slave_0) entered blocking state
[  629.949136][T27550] bridge0: port 1(bridge_slave_0) entered disabled state
[  629.982823][T27605] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=27605 comm=syz.8.21906
[  630.004242][T27550] bridge_slave_0: entered allmulticast mode
[  630.020436][T27550] bridge_slave_0: entered promiscuous mode
[  630.043319][T27550] bridge0: port 2(bridge_slave_1) entered blocking state
[  630.050537][T27550] bridge0: port 2(bridge_slave_1) entered disabled state
[  630.076135][T27550] bridge_slave_1: entered allmulticast mode
[  630.082713][T27550] bridge_slave_1: entered promiscuous mode
[  630.120253][T27550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  630.141583][T27550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  630.167447][T27620] netlink: 8 bytes leftover after parsing attributes in process `syz.3.21915'.
[  630.215628][T27550] team0: Port device team_slave_0 added
[  630.233715][T27550] team0: Port device team_slave_1 added
[  630.276623][T27550] batman_adv: batadv0: Adding interface: batadv_slave_0
[  630.283795][T27550] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  630.310642][T27550] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  630.322523][T27550] batman_adv: batadv0: Adding interface: batadv_slave_1
[  630.330237][T27550] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  630.356857][T27550] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  630.420828][T27550] hsr_slave_0: entered promiscuous mode
[  630.427288][T27550] hsr_slave_1: entered promiscuous mode
[  630.433691][T27550] debugfs: 'hsr0' already exists in 'hsr'
[  630.439917][T27550] Cannot create hsr debugfs directory
[  630.504195][T27637] loop9: detected capacity change from 0 to 128
[  630.516418][T27637] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  630.571266][T24917] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  630.630302][T27644] loop8: detected capacity change from 0 to 2048
[  630.637236][   T29] kauditd_printk_skb: 151 callbacks suppressed
[  630.637251][   T29] audit: type=1400 audit(2191.915:31858): avc:  denied  { unmount } for  pid=24064 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  630.687046][T27650] serio: Serial port ptm0
[  630.689099][T27652] loop9: detected capacity change from 0 to 512
[  630.702134][T27652] EXT4-fs warning (device loop9): dx_probe:861: inode #2: comm syz.9.21929: dx entry: limit 0 != root limit 125
[  630.714846][T27652] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.21929: Corrupt directory, running e2fsck is recommended
[  630.728467][T27652] EXT4-fs (loop9): Cannot turn on journaled quota: type 1: error -117
[  630.732470][T27644]  loop8: p2 p3 p7
[  630.737169][T27652] EXT4-fs error (device loop9): ext4_iget_extra_inode:5104: inode #15: comm syz.9.21929: corrupted in-inode xattr: invalid ea_ino
[  630.758962][T27652] EXT4-fs (loop9): Remounting filesystem read-only
[  630.766251][T27652] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  630.799160][T27550] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  630.817926][T27652] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000.
[  630.819940][T27550] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  630.836357][T27550] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  630.859999][T27550] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  630.870173][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  630.870770][T27663] netlink: 36 bytes leftover after parsing attributes in process `syz.8.21926'.
[  630.931791][T27671] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27671 comm=syz.2.21936
[  630.960899][T27550] 8021q: adding VLAN 0 to HW filter on device bond0
[  630.976890][T27550] 8021q: adding VLAN 0 to HW filter on device team0
[  630.988965][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  630.996319][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  631.016509][T27550] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  631.027228][T27550] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  631.044079][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  631.051483][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  631.116183][T27550] 8021q: adding VLAN 0 to HW filter on device batadv0
[  631.313092][T27550] veth0_vlan: entered promiscuous mode
[  631.326065][   T29] audit: type=1326 audit(2192.640:31859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27717 comm="syz.9.21950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  631.326468][T27550] veth1_vlan: entered promiscuous mode
[  631.354348][   T29] audit: type=1326 audit(2192.640:31860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27717 comm="syz.9.21950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  631.379406][T27550] veth0_macvtap: entered promiscuous mode
[  631.477255][   T29] audit: type=1326 audit(2192.808:31861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27717 comm="syz.9.21950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  631.502834][   T29] audit: type=1326 audit(2192.808:31862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27717 comm="syz.9.21950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  631.528096][   T29] audit: type=1326 audit(2192.808:31863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27717 comm="syz.9.21950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8405ebe9 code=0x7ffc0000
[  631.555488][T27550] veth1_macvtap: entered promiscuous mode
[  631.567434][T27550] batman_adv: batadv0: Interface activated: batadv_slave_0
[  631.578874][T27550] batman_adv: batadv0: Interface activated: batadv_slave_1
[  631.591623][   T41] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  631.602790][   T41] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  631.614019][   T41] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  631.644274][   T41] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  631.664378][   T29] audit: type=1400 audit(2192.997:31864): avc:  denied  { write } for  pid=27550 comm="syz-executor" name="cgroup.procs" dev="cgroup" ino=494 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object"
[  631.690721][   T29] audit: type=1400 audit(2192.997:31865): avc:  denied  { open } for  pid=27550 comm="syz-executor" path="/syzcgroup/cpu/syz6/cgroup.procs" dev="cgroup" ino=494 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object"
[  631.746284][T27737] netlink: 4 bytes leftover after parsing attributes in process `syz.9.21957'.
[  631.759989][T27737] netlink: 12 bytes leftover after parsing attributes in process `syz.9.21957'.
[  631.887634][   T29] audit: type=1400 audit(2193.238:31866): avc:  denied  { mounton } for  pid=27762 comm="syz.6.21967" path="/3/file0" dev="tmpfs" ino=33 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  631.965476][T27776] lo speed is unknown, defaulting to 1000
[  632.018467][   T29] audit: type=1326 audit(2193.364:31867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27781 comm="syz.6.21975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd85deebe9 code=0x7ffc0000
[  632.146088][T27795] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  632.157386][T27795] FAT-fs (loop7): unable to read boot sector
[  632.293501][T27814] loop6: detected capacity change from 0 to 512
[  632.309616][T27814] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  632.374011][T27550] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.540589][T27823] loop6: detected capacity change from 0 to 512
[  632.548237][T27823] EXT4-fs: Ignoring removed oldalloc option
[  632.598856][T27823] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.21991: Parent and EA inode have the same ino 15
[  632.612343][T27829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  632.621427][T27829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  632.634042][T27823] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.21991: Parent and EA inode have the same ino 15
[  632.648524][T27823] EXT4-fs (loop6): 1 orphan inode deleted
[  632.654721][T27823] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  632.673945][T27823] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  632.724987][T27550] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.836657][T27838] loop9: detected capacity change from 0 to 7
[  632.844684][T27838] buffer_io_error: 3 callbacks suppressed
[  632.844699][T27838] Buffer I/O error on dev loop9, logical block 0, async page read
[  632.860537][T27838] Buffer I/O error on dev loop9, logical block 0, async page read
[  632.868625][T27838]  loop9: unable to read partition table
[  632.874557][T27838] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  632.874557][T27838] 
) failed (rc=-5)
[  632.913732][T27826] Set syz1 is full, maxelem 65536 reached
[  632.920062][T27829] Set syz1 is full, maxelem 65536 reached
[  633.024762][T27851] loop6: detected capacity change from 0 to 128
[  633.036662][T27851] syz.6.22003: attempt to access beyond end of device
[  633.036662][T27851] loop6: rw=2049, sector=138, nr_sectors = 8 limit=128
[  633.052219][T27851] syz.6.22003: attempt to access beyond end of device
[  633.052219][T27851] loop6: rw=2049, sector=146, nr_sectors = 8 limit=128
[  633.068439][T27851] syz.6.22003: attempt to access beyond end of device
[  633.068439][T27851] loop6: rw=2049, sector=152, nr_sectors = 2 limit=128
[  633.082553][T27851] Buffer I/O error on dev loop6, logical block 76, lost async page write
[  633.095153][T27851] syz.6.22003: attempt to access beyond end of device
[  633.095153][T27851] loop6: rw=2049, sector=170, nr_sectors = 8 limit=128
[  633.098567][T27854] pim6reg: entered allmulticast mode
[  633.109210][T27851] syz.6.22003: attempt to access beyond end of device
[  633.109210][T27851] loop6: rw=2049, sector=176, nr_sectors = 2 limit=128
[  633.128264][T27851] Buffer I/O error on dev loop6, logical block 88, lost async page write
[  633.137672][T27851] syz.6.22003: attempt to access beyond end of device
[  633.137672][T27851] loop6: rw=2049, sector=178, nr_sectors = 8 limit=128
[  633.153571][T27851] syz.6.22003: attempt to access beyond end of device
[  633.153571][T27851] loop6: rw=2049, sector=184, nr_sectors = 2 limit=128
[  633.167192][T27851] Buffer I/O error on dev loop6, logical block 92, lost async page write
[  633.178424][T20204] kworker/u8:231: attempt to access beyond end of device
[  633.178424][T20204] loop6: rw=1, sector=138, nr_sectors = 8 limit=128
[  633.193427][T27851] syz.6.22003: attempt to access beyond end of device
[  633.193427][T27851] loop6: rw=2049, sector=202, nr_sectors = 8 limit=128
[  633.199874][T27858] pimreg: entered allmulticast mode
[  633.213771][T27851] syz.6.22003: attempt to access beyond end of device
[  633.213771][T27851] loop6: rw=2049, sector=208, nr_sectors = 2 limit=128
[  633.216753][T20204] Buffer I/O error on dev loop6, logical block 73, lost async page write
[  633.228117][T27851] Buffer I/O error on dev loop6, logical block 104, lost async page write
[  633.229857][T27851] Buffer I/O error on dev loop6, logical block 108, lost async page write
[  633.245573][T20204] Buffer I/O error on dev loop6, logical block 74, lost async page write
[  633.245671][T20204] Buffer I/O error on dev loop6, logical block 75, lost async page write
[  633.256475][T27854] pim6reg: left allmulticast mode
[  633.280853][T27860] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  633.289545][T27858] pimreg: left allmulticast mode
[  633.389847][T27868] 9pnet: p9_errstr2errno: server reported unknown error 
[  633.439055][T27880] __nla_validate_parse: 1 callbacks suppressed
[  633.439076][T27880] netlink: 3 bytes leftover after parsing attributes in process `syz.2.22017'.
[  633.458464][T27880] batadv0: entered promiscuous mode
[  633.464241][T27880] batadv0: entered allmulticast mode
[  633.560034][T27891] netlink: 'syz.9.22022': attribute type 30 has an invalid length.
[  633.590154][T27893] netlink: 96 bytes leftover after parsing attributes in process `syz.6.22023'.
[  633.683345][T27902] bridge: RTM_NEWNEIGH with invalid ether address
[  633.752537][T27910] netlink: 20 bytes leftover after parsing attributes in process `syz.9.22032'.
[  633.764075][T27915] loop8: detected capacity change from 0 to 128
[  633.872702][T27928] lo speed is unknown, defaulting to 1000
[  633.899574][T27931] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  633.915744][T27931] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  633.925176][T27932] bridge_slave_0: left allmulticast mode
[  633.931017][T27932] bridge_slave_0: left promiscuous mode
[  633.936976][T27932] bridge0: port 1(bridge_slave_0) entered disabled state
[  633.999822][T27932] bridge_slave_1: left allmulticast mode
[  634.005621][T27932] bridge_slave_1: left promiscuous mode
[  634.011549][T27932] bridge0: port 2(bridge_slave_1) entered disabled state
[  634.083461][T27944] loop9: detected capacity change from 0 to 256
[  634.096071][T27944] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  634.104987][T27944] FAT-fs (loop9): Filesystem has been set read-only
[  634.122004][T27932] bond0: (slave bond_slave_0): Releasing backup interface
[  634.147855][T27925] Set syz1 is full, maxelem 65536 reached
[  634.153896][T27931] Set syz1 is full, maxelem 65536 reached
[  634.160479][T27932] bond0: (slave bond_slave_1): Releasing backup interface
[  634.182432][T27932] team0: Port device team_slave_0 removed
[  634.195330][T27950] loop9: detected capacity change from 0 to 1024
[  634.195561][T27932] team0: Port device team_slave_1 removed
[  634.210081][T27932] batman_adv: batadv0: Removing interface: batadv_slave_0
[  634.219159][T27950] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  634.233532][T27932] batman_adv: batadv0: Removing interface: batadv_slave_1
[  634.253229][T27950] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  634.269955][T27932] bond1: (slave veth5): Releasing active interface
[  634.290287][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.375477][T27960] lo speed is unknown, defaulting to 1000
[  634.544848][T27980] blktrace: Concurrent blktraces are not allowed on loop6
[  634.759950][T28004] IPVS: Error connecting to the multicast addr
[  634.793043][T28011] loop9: detected capacity change from 0 to 164
[  634.817185][T28014] netlink: 204 bytes leftover after parsing attributes in process `syz.6.22077'.
[  634.826677][T28014] netlink: 72 bytes leftover after parsing attributes in process `syz.6.22077'.
[  634.838270][T28014] netlink: 24 bytes leftover after parsing attributes in process `syz.6.22077'.
[  634.911815][T28021] loop9: detected capacity change from 0 to 512
[  634.926545][T28021] EXT4-fs: Ignoring removed oldalloc option
[  634.951333][T28021] EXT4-fs error (device loop9): ext4_xattr_inode_iget:433: comm syz.9.22079: Parent and EA inode have the same ino 15
[  634.968759][T28021] EXT4-fs error (device loop9): ext4_xattr_inode_iget:433: comm syz.9.22079: Parent and EA inode have the same ino 15
[  634.985623][T28021] EXT4-fs (loop9): 1 orphan inode deleted
[  634.993831][T28021] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  635.014036][T28021] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  635.039544][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.057208][T28026] netlink: 96 bytes leftover after parsing attributes in process `syz.6.22082'.
[  635.275022][T28015] Set syz1 is full, maxelem 65536 reached
[  635.427158][   T29] kauditd_printk_skb: 365 callbacks suppressed
[  635.427176][   T29] audit: type=1326 audit(2196.945:32233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28044 comm="syz.6.22089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd85deebe9 code=0x7ffc0000
[  635.494578][   T29] audit: type=1326 audit(2196.987:32234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28044 comm="syz.6.22089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd85deebe9 code=0x7ffc0000
[  635.651421][T28060] loop6: detected capacity change from 0 to 8192
[  635.659474][T28064] atomic_op ffff888145a60d28 conn xmit_atomic 0000000000000000
[  635.698202][   T29] audit: type=1326 audit(2197.228:32235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.3.22098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ae99ebe9 code=0x7ffc0000
[  635.722428][   T29] audit: type=1326 audit(2197.228:32236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.3.22098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ae99ebe9 code=0x7ffc0000
[  635.747164][   T29] audit: type=1326 audit(2197.228:32237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.3.22098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f71ae99ebe9 code=0x7ffc0000
[  635.771565][   T29] audit: type=1326 audit(2197.228:32238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.3.22098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ae99ebe9 code=0x7ffc0000
[  635.796385][   T29] audit: type=1326 audit(2197.228:32239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.3.22098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f71ae99ebe9 code=0x7ffc0000
[  635.821476][   T29] audit: type=1326 audit(2197.228:32240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.3.22098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ae99ebe9 code=0x7ffc0000
[  635.828236][T28071] cgroup: Unknown subsys name 'cpuset'
[  635.845699][   T29] audit: type=1326 audit(2197.228:32241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.3.22098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f71ae99ebe9 code=0x7ffc0000
[  635.875741][   T29] audit: type=1326 audit(2197.228:32242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.3.22098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ae99ebe9 code=0x7ffc0000
[  635.990315][T28086] netlink: 4 bytes leftover after parsing attributes in process `syz.2.22106'.
[  636.036786][T28097] netlink: 16 bytes leftover after parsing attributes in process `syz.9.22110'.
[  636.057812][T14606] tipc: Subscription rejected, illegal request
[  636.187594][T28121] lo speed is unknown, defaulting to 1000
[  636.274487][T28131] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  636.282100][T28131] batman_adv: batadv0: Removing interface: veth1_vlan
[  636.479863][T28165] netlink: 12 bytes leftover after parsing attributes in process `syz.9.22142'.
[  636.987162][T28187] loop9: detected capacity change from 0 to 128
[  637.184459][T28197] lo speed is unknown, defaulting to 1000
[  637.801677][T28187] bio_check_eod: 19485 callbacks suppressed
[  637.801700][T28187] syz.9.22151: attempt to access beyond end of device
[  637.801700][T28187] loop9: rw=0, sector=153, nr_sectors = 8 limit=128
[  637.825121][T28187] syz.9.22151: attempt to access beyond end of device
[  637.825121][T28187] loop9: rw=0, sector=153, nr_sectors = 8 limit=128
[  637.876481][T28230] loop9: detected capacity change from 0 to 1024
[  637.907022][T28230] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  637.960028][T28230] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4183: comm syz.9.22169: Allocating blocks 385-513 which overlap fs metadata
[  637.980432][T28244] loop8: detected capacity change from 0 to 164
[  637.993310][T28244] syz.8.22175: attempt to access beyond end of device
[  637.993310][T28244] loop8: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  638.008471][T28244] syz.8.22175: attempt to access beyond end of device
[  638.008471][T28244] loop8: rw=0, sector=263328, nr_sectors = 4 limit=164
[  638.012632][T28230] EXT4-fs (loop9): pa ffff888106dfad90: logic 16, phys. 129, len 24
[  638.030563][T28230] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  638.106684][T28253] netlink: 'syz.6.22180': attribute type 7 has an invalid length.
[  638.115299][T28253] netlink: 'syz.6.22180': attribute type 8 has an invalid length.
[  638.146225][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  638.308043][T28274] __nla_validate_parse: 3 callbacks suppressed
[  638.308068][T28274] netlink: 4 bytes leftover after parsing attributes in process `syz.2.22190'.
[  638.379495][T28281] loop6: detected capacity change from 0 to 128
[  638.439413][T28284] syz.6.22192: attempt to access beyond end of device
[  638.439413][T28284] loop6: rw=2049, sector=153, nr_sectors = 8 limit=128
[  638.456016][T28284] syz.6.22192: attempt to access beyond end of device
[  638.456016][T28284] loop6: rw=2049, sector=169, nr_sectors = 8 limit=128
[  638.471728][T28284] syz.6.22192: attempt to access beyond end of device
[  638.471728][T28284] loop6: rw=2049, sector=185, nr_sectors = 8 limit=128
[  638.486942][T28284] syz.6.22192: attempt to access beyond end of device
[  638.486942][T28284] loop6: rw=2049, sector=201, nr_sectors = 8 limit=128
[  638.525899][T28284] syz.6.22192: attempt to access beyond end of device
[  638.525899][T28284] loop6: rw=2049, sector=217, nr_sectors = 8 limit=128
[  638.541805][T28284] syz.6.22192: attempt to access beyond end of device
[  638.541805][T28284] loop6: rw=2049, sector=233, nr_sectors = 8 limit=128
[  638.577300][T28286] loop8: detected capacity change from 0 to 164
[  638.602250][T28293] sd 0:0:1:0: device reset
[  638.705696][T28300] loop6: detected capacity change from 0 to 512
[  638.747571][T28300] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  639.053266][T28300] EXT4-fs (loop6): orphan cleanup on readonly fs
[  639.107375][T28300] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.22201: corrupted inode contents
[  639.144421][T28300] EXT4-fs (loop6): Remounting filesystem read-only
[  639.154023][T28300] EXT4-fs (loop6): 1 truncate cleaned up
[  639.163202][   T41] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  639.174487][   T41] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  639.215058][   T41] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  639.239076][T28300] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  639.321097][T27550] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  639.707215][T28320] netlink: 32 bytes leftover after parsing attributes in process `syz.8.22207'.
[  639.749833][T28324] lo speed is unknown, defaulting to 1000
[  639.802562][T28330] bridge_slave_0: left allmulticast mode
[  639.808510][T28330] bridge_slave_0: left promiscuous mode
[  639.814382][T28330] bridge0: port 1(bridge_slave_0) entered disabled state
[  639.844659][T28330] bridge_slave_1: left allmulticast mode
[  639.850814][T28330] bridge_slave_1: left promiscuous mode
[  639.856697][T28330] bridge0: port 2(bridge_slave_1) entered disabled state
[  639.885540][T28330] bond0: (slave bond_slave_0): Releasing backup interface
[  639.899233][T28330] bond0: (slave bond_slave_1): Releasing backup interface
[  639.925089][T28330] team0: Port device team_slave_0 removed
[  639.934964][T28330] team0: Port device team_slave_1 removed
[  639.942640][T28330] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  639.950643][T28330] batman_adv: batadv0: Removing interface: batadv_slave_0
[  639.960305][T28330] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  639.967762][T28330] batman_adv: batadv0: Removing interface: batadv_slave_1
[  640.159797][T28356] lo speed is unknown, defaulting to 1000
[  640.179341][T28367] loop9: detected capacity change from 0 to 512
[  640.191015][   T29] kauditd_printk_skb: 210 callbacks suppressed
[  640.191046][   T29] audit: type=1326 audit(2201.953:32447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28364 comm="syz.2.22228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  640.221770][   T29] audit: type=1326 audit(2201.953:32448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28364 comm="syz.2.22228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  640.226575][T28367] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  640.245029][   T29] audit: type=1326 audit(2201.953:32449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28364 comm="syz.2.22228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  640.245060][   T29] audit: type=1326 audit(2201.953:32450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28364 comm="syz.2.22228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  640.245083][   T29] audit: type=1326 audit(2201.953:32451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28364 comm="syz.2.22228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  640.259451][T28367] EXT4-fs (loop9): orphan cleanup on readonly fs
[  640.276964][   T29] audit: type=1326 audit(2201.953:32452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28364 comm="syz.2.22228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  640.323772][T28367] Quota error (device loop9): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  640.346651][   T29] audit: type=1326 audit(2201.953:32453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28364 comm="syz.2.22228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  640.355250][T28367] EXT4-fs warning (device loop9): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  640.376639][   T29] audit: type=1326 audit(2201.953:32454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28364 comm="syz.2.22228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  640.387356][T28367] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  640.410338][   T29] audit: type=1326 audit(2201.953:32455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28364 comm="syz.2.22228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2bae88ebe9 code=0x7ffc0000
[  640.426150][T28367] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.22226: bg 0: block 40: padding at end of block bitmap is not set
[  640.505117][T28367] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  640.515310][T28367] EXT4-fs (loop9): 1 truncate cleaned up
[  640.534276][T28367] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  640.549880][T28377] Invalid ELF header magic: != ELF
[  640.550096][T28368] vlan1: entered allmulticast mode
[  640.560333][T28368] bridge_slave_0: entered allmulticast mode
[  640.597108][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  640.663466][T28387] delete_channel: no stack
[  640.716878][T28392] loop8: detected capacity change from 0 to 128
[  640.767458][T28399] loop6: detected capacity change from 0 to 512
[  640.804994][T28399] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  640.973903][T27550] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  641.007496][T28413] netlink: 20 bytes leftover after parsing attributes in process `syz.3.22243'.
[  641.059836][T28417] syzkaller0: entered promiscuous mode
[  641.065603][T28417] syzkaller0: entered allmulticast mode
[  641.233148][T28438] loop9: detected capacity change from 0 to 128
[  641.340882][T28445] netlink: 'syz.9.22259': attribute type 15 has an invalid length.
[  641.424511][T28456] SELinux: security policydb version 17 (MLS) not backwards compatible
[  641.436556][T28456] SELinux: failed to load policy
[  641.683750][T13051] hid_parser_main: 22 callbacks suppressed
[  641.683763][T13051] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  641.697975][T13051] hid-generic 0000:0000:0000.001F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  641.935966][T28500] netlink: 2036 bytes leftover after parsing attributes in process `syz.2.22278'.
[  641.945409][T28500] netlink: 24 bytes leftover after parsing attributes in process `syz.2.22278'.
[  641.994476][T28504] SELinux: ebitmap: truncated map
[  642.000161][T28504] SELinux: failed to load policy
[  642.154049][T28525] wireguard0: entered promiscuous mode
[  642.159736][T28525] wireguard0: entered allmulticast mode
[  642.216630][T28527] loop9: detected capacity change from 0 to 512
[  642.231022][T28527] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  642.321121][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  642.481898][T28549] loop6: detected capacity change from 0 to 2048
[  642.498410][T28549] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  642.531311][T27550] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  642.547339][T27550] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  642.566789][T27550] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  642.649161][T28570] loop6: detected capacity change from 0 to 128
[  642.662906][T28570] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  642.765482][T27550] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  642.892938][T28590] sch_tbf: burst 19869 is lower than device lo mtu (11337746) !
[  642.911767][T28592] hub 9-0:1.0: USB hub found
[  642.926523][T28592] hub 9-0:1.0: 8 ports detected
[  642.952608][T28596] netlink: 12 bytes leftover after parsing attributes in process `syz.3.22321'.
[  642.962070][T28596] netlink: 28 bytes leftover after parsing attributes in process `syz.3.22321'.
[  642.971532][T28596] netlink: 12 bytes leftover after parsing attributes in process `syz.3.22321'.
[  642.986079][T28596] netlink: 28 bytes leftover after parsing attributes in process `syz.3.22321'.
[  642.995561][T28596] netlink: 'syz.3.22321': attribute type 6 has an invalid length.
[  643.050915][T28602] netlink: 8 bytes leftover after parsing attributes in process `syz.6.22324'.
[  643.250369][T28621] lo speed is unknown, defaulting to 1000
[  643.283982][T28627] sch_fq: defrate 4294967295 ignored.
[  643.304904][T28628] loop6: detected capacity change from 0 to 2048
[  643.343803][T28628] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #2: comm syz.6.22332: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  643.397732][T28628] EXT4-fs (loop6): get root inode failed
[  643.403653][T28628] EXT4-fs (loop6): mount failed
[  643.462549][T28645] loop9: detected capacity change from 0 to 2048
[  643.479011][T28645] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  643.658014][   T41] nci: nci_rsp_packet: unknown rsp opcode 0x211
[  643.739740][T24917] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  643.764810][T28669] netlink: 20 bytes leftover after parsing attributes in process `syz.9.22348'.
[  643.883656][T28677] netlink: 12 bytes leftover after parsing attributes in process `syz.9.22351'.
[  643.883753][T28656] ==================================================================
[  643.883783][T28656] BUG: KCSAN: data-race in _prb_read_valid / data_alloc
[  643.883824][T28656] 
[  643.883830][T28656] write to 0xffffffff86883018 of 8 bytes by task 28677 on cpu 1:
[  643.883845][T28656]  data_alloc+0x271/0x2b0
[  643.883872][T28656]  prb_reserve+0x808/0xaf0
[  643.883896][T28656]  vprintk_store+0x56d/0x860
[  643.883930][T28656]  vprintk_emit+0x178/0x650
[  643.883945][T28656]  vprintk_default+0x26/0x30
[  643.883961][T28656]  vprintk+0x1d/0x30
[  643.883980][T28656]  _printk+0x79/0xa0
[  643.884004][T28656]  __nla_validate_parse+0x1738/0x1d00
[  643.884026][T28656]  __nla_parse+0x40/0x60
[  643.884045][T28656]  rtnl_newlink+0x285/0x12d0
[  643.884069][T28656]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  643.884092][T28656]  netlink_rcv_skb+0x123/0x220
[  643.884119][T28656]  rtnetlink_rcv+0x1c/0x30
[  643.884142][T28656]  netlink_unicast+0x5bd/0x690
[  643.884156][T28656]  netlink_sendmsg+0x58b/0x6b0
[  643.884172][T28656]  __sock_sendmsg+0x145/0x180
[  643.884195][T28656]  ____sys_sendmsg+0x31e/0x4e0
[  643.884211][T28656]  ___sys_sendmsg+0x17b/0x1d0
[  643.884227][T28656]  __x64_sys_sendmsg+0xd4/0x160
[  643.884243][T28656]  x64_sys_call+0x191e/0x2ff0
[  643.884260][T28656]  do_syscall_64+0xd2/0x200
[  643.884283][T28656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.884301][T28656] 
[  643.884305][T28656] read to 0xffffffff86883018 of 16 bytes by task 28656 on cpu 0:
[  643.884318][T28656]  _prb_read_valid+0x1bc/0x920
[  643.884342][T28656]  prb_read_valid+0x3c/0x60
[  643.884368][T28656]  printk_get_next_message+0xc8/0x510
[  643.884387][T28656]  console_flush_all+0x290/0x730
[  643.884404][T28656]  console_unlock+0xa1/0x330
[  643.884420][T28656]  con_flush_chars+0xb2/0x1b0
[  643.884440][T28656]  con_write+0x2e/0x40
[  643.884457][T28656]  n_tty_write+0x7d0/0xb50
[  643.884479][T28656]  file_tty_write+0x370/0x690
[  643.884508][T28656]  tty_write+0x25/0x30
[  643.884532][T28656]  vfs_write+0x52a/0x960
[  643.884551][T28656]  ksys_write+0xda/0x1a0
[  643.884571][T28656]  __x64_sys_write+0x40/0x50
[  643.884594][T28656]  x64_sys_call+0x27fe/0x2ff0
[  643.884616][T28656]  do_syscall_64+0xd2/0x200
[  643.884645][T28656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.884667][T28656] 
[  643.884672][T28656] Reported by Kernel Concurrency Sanitizer on:
[  643.884688][T28656] CPU: 0 UID: 0 PID: 28656 Comm: syz.6.22345 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  643.884716][T28656] Tainted: [W]=WARN
[  643.884722][T28656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  643.884734][T28656] ==================================================================
[  643.904458][T28677] netlink: 'syz.9.22351': attribute type 1 has an invalid length.