last executing test programs:

2m49.068194345s ago: executing program 32 (id=396):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}, @printk={@lx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x88)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m47.903880515s ago: executing program 33 (id=421):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)

2m43.594558669s ago: executing program 34 (id=507):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x8, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x2)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
r2 = dup(r1)
sendfile(r2, r0, 0x0, 0x8000fffffffc)

2m34.049466723s ago: executing program 35 (id=787):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$selinux_load(r2, &(0x7f0000000280)={0xf97cff8c, 0x8}, 0x10)

2m34.035687933s ago: executing program 36 (id=789):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffd40}, 0x90)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x200000a, 0x4c831, 0xffffffffffffffff, 0x0)

2m33.443035583s ago: executing program 37 (id=792):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x62)
listen(r0, 0x3)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r1, &(0x7f0000000000)={0x27}, 0x74)

2m32.521688689s ago: executing program 38 (id=800):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800028008000200080000003e127a51080002"], 0x44}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[], 0xa0}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0xfff0)

2m16.834030249s ago: executing program 39 (id=1292):
tkill(0x0, 0x12)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000001240)='kmem_cache_free\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$inet6(0xa, 0x3, 0xff)
sendmsg$inet6(r2, &(0x7f0000000080)={&(0x7f00000000c0)={0xa, 0x0, 0x8, @dev={0xfe, 0x80, '\x00', 0x25}, 0x3}, 0x1c, &(0x7f0000000100)=[{&(0x7f0000000000)="daffc3fa80002cd21721a4af36a4a2ab00000000000000025a91f64b007f0c6a680f6c787f", 0x25}, {&(0x7f0000001480)="1c7b53", 0x3}], 0x2}, 0x4b00)

1m59.190161692s ago: executing program 9 (id=1819):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f0000000180), 0x1}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000009c0)='.', 0xc400}], 0x7}}], 0x44, 0x0)

1m59.127905993s ago: executing program 9 (id=1820):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x86)
fchdir(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x181940, 0x9a)
fcntl$setlease(r2, 0x400, 0x0)
unlink(&(0x7f0000000000)='./file1\x00')

1m59.058090134s ago: executing program 9 (id=1826):
r0 = add_key$keyring(&(0x7f0000000300), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xd85}, 0x94)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000380)='asymmetric\x00', &(0x7f00000002c0)=@keyring)

1m59.006242325s ago: executing program 9 (id=1827):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@quota}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[], 0x48)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4800000, 0x8005, 0x0, 0x0, 0x9, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf335263bd9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b00", "f2fdffffffffffffff810000000000d300e6d602000000000000000000000001", [0xca4e]})
write$binfmt_misc(r0, &(0x7f00000003c0)='(', 0x1)

1m58.73566056s ago: executing program 9 (id=1833):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r2}, 0x10)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

1m57.447547352s ago: executing program 9 (id=1884):
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x78bd, 0x0, 0x0, 0x800000c0}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000640)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x20, 0x0, 0x0, 0x0)

1m57.438918942s ago: executing program 40 (id=1884):
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x78bd, 0x0, 0x0, 0x800000c0}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000640)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x20, 0x0, 0x0, 0x0)

1m55.25758907s ago: executing program 4 (id=1940):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa6}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
msgsnd(0x0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)

1m55.195990251s ago: executing program 4 (id=1941):
r0 = syz_io_uring_setup(0x24ff, &(0x7f0000000300)={0x0, 0xf36b, 0x10100, 0x0, 0x155}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x2d, 0x0, @fd, 0x40, 0x0, 0x6, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x2936, 0x0, 0x0, 0x0)

1m55.193149741s ago: executing program 4 (id=1943):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setgroups(0x0, 0x0)

1m55.043514343s ago: executing program 4 (id=1944):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@quota}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[], 0x48)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4800000, 0x8005, 0x0, 0x0, 0x9, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf335263bd9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b00", "f2fdffffffffffffff810000000000d300e6d602000000000000000000000001", [0xca4e]})
write$binfmt_misc(r0, &(0x7f00000003c0)='(', 0x1)

1m53.896651323s ago: executing program 4 (id=1960):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1000000)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f0000000080)={[{@nogrpid}, {@min_batch_time={'min_batch_time', 0x3d, 0x5bf01be}}, {@bh}, {@errors_remount}, {@noinit_itable}, {@quota}]}, 0x3, 0x438, &(0x7f0000000d80)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
capget(0x0, 0x0)
open(0x0, 0x0, 0x28)
process_vm_writev(r0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

1m53.866488234s ago: executing program 8 (id=1961):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
listen(0xffffffffffffffff, 0xa)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000040000000000000000000000850000004100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000180000850000008200000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

1m53.735677116s ago: executing program 8 (id=1966):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x80000}, 0x18)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r1, 0x5421, &(0x7f0000000100)=0x100000001)
setsockopt$inet_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)
close(r1)

1m53.657649837s ago: executing program 8 (id=1967):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)

1m53.556049769s ago: executing program 4 (id=1969):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x3, 0x4, 0x1, 0x9, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xf, 0x4, 0x4, 0x12}, 0x50)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r3, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

1m53.55342838s ago: executing program 41 (id=1969):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x3, 0x4, 0x1, 0x9, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xf, 0x4, 0x4, 0x12}, 0x50)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r3, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

1m53.534254229s ago: executing program 8 (id=1971):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@quota}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[], 0x48)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4800000, 0x8005, 0x0, 0x0, 0x9, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf335263bd9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b00", "f2fdffffffffffffff810000000000d300e6d602000000000000000000000001", [0xca4e]})
write$binfmt_misc(r0, &(0x7f00000003c0)='(', 0x1)

1m52.94540599s ago: executing program 8 (id=1981):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)={0x28, r2, 0x10ada85e65c25359, 0xfffffffd, 0x25dfdbfc, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x72}}}}}, 0x28}}, 0x0)

1m52.556071396s ago: executing program 8 (id=1986):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x7fff}, 0x18)
socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$kcm(0x29, 0x5, 0x0)
sendmsg(r1, &(0x7f0000002ec0)={0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f0000002b80)="b2", 0x1}], 0x1}, 0x4000)
close(r1)

1m52.555920226s ago: executing program 42 (id=1986):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x7fff}, 0x18)
socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$kcm(0x29, 0x5, 0x0)
sendmsg(r1, &(0x7f0000002ec0)={0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f0000002b80)="b2", 0x1}], 0x1}, 0x4000)
close(r1)

1m46.565989439s ago: executing program 1 (id=2143):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0)

1m46.54497829s ago: executing program 1 (id=2144):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b40)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2e, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x1, 0xfffffffd, 0x7fff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004081}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x121, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x9, 0xa}, {0xfff3, 0xfff1}, {0xb, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000090}, 0x4041080)

1m46.460015431s ago: executing program 1 (id=2151):
r0 = socket(0x1e, 0x4, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r0, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)=""/41, 0x29}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x1}], 0x1}}], 0x1, 0x9200000000000000)

1m46.387068442s ago: executing program 1 (id=2155):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x2bc3c1f, 0xffffffffffffffff, 0x7, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000500)='./file0/../file0\x00', 0x89901)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

1m46.360280583s ago: executing program 1 (id=2158):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

1m46.099743047s ago: executing program 1 (id=2169):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003500)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xa, 0x4}, {}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffc}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x40, 0x1, 0xfd}, {0x5, 0x5, 0x7, 0x1, 0x5, 0x2}}}]}]}]}}]}, 0x70}}, 0x20040054)

1m46.099587057s ago: executing program 43 (id=2169):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003500)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xa, 0x4}, {}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffc}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x40, 0x1, 0xfd}, {0x5, 0x5, 0x7, 0x1, 0x5, 0x2}}}]}]}]}}]}, 0x70}}, 0x20040054)

5.496513516s ago: executing program 2 (id=5554):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
syz_usb_connect$printer(0x3, 0x36, &(0x7f0000000080)=ANY=[], 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

4.885558086s ago: executing program 2 (id=5568):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000600)={@ifindex, 0xffffffffffffffff, 0x2f, 0x2006}, 0x20)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$tun(r0, &(0x7f0000000600)=ANY=[], 0x32)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

4.826894557s ago: executing program 2 (id=5569):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x4e, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10, 0x7, 0x0, 0x4}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000680)={'syztnl1\x00', 0x0})

4.65325823s ago: executing program 2 (id=5570):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000140)={[{@nouid32}]}, 0x1, 0x461, &(0x7f0000000540)="$eJzs3U9sFGUfB/DvbrslAd638OZVEf9VUCmi1LYmSIKJRDnJxWDiuaGFEAs1tCZCiNHEgzcvJp49KDePHDwZD3jUBC/e1JMxEkMkntSa2e7Qbdkt3dB2q/v5JLP7zM6wz2/m4ffM7MOTIUDPGipeKsn2JN8mGVxYXbrD0MLbzRuXTv5+49LJSubnT/xaqe/3241LJ8tdyz+3rXipJsPVpPpeJQ+0qHf2wsXXJ6anp8431kfmzr4xMnvh4tNnzk6cnjo9dW700OHnxkcPjY2Pr9mxvnz57RPbXnnh2AeT136ZufzD50W82xvbmo9jrQxlaOm5bPLEWlfWZfc0lSv9XQyEjvQlKZqrVs//wfRlsfEG89X3XQ0OWFfzhS1tN78zD/yLVdLtCIDuKC/0xe/fcll6C3BsXe8/6K7rRxd+ABbtfrOxLGzpT7WxT23Z7/u1NJTkyJVjnxVL1mkcBgAAAKCXfXE0yVOtxv+qubdpv6J8X5JdSe5Psjupz+t5MMlDSR5O8kg5n6gDy/dfPv5TaTeBhjVx/WhypDG3a+n4Xzn6lx19jbX/FCupVU6dmZ56Jsl/kwyntqVYH12hjqtf//VNu23N43/FUtRfjgU24vi5f9m/T09OzE3czTGz6Pq7ye7+Vu1fuTUTqEjBR5Ps6eSLa4vFH/fsP91utzu3P+tp/uNkX8v8b3S81w7X31aYnzlS7w9Gyl7hdu+Pjr3Urv4W7V9UrP03SJH/W1dq/2RHpXm+7mzndVzddeX5dts67/+/+6To/wcqr9YDHGh8+tbE3Nz50WSgcvz2z8c6j/mfrf1NU3k+yvNVtP/w3tbX//81fdveJI8lebwxd3lf/dqf7E/yZJIDK0Tz54uHXkvzHUUT/X93Fe0/2TL/b00NWJb/nReO7PzoeLv6V5f/z9b/Qg83PnH/d2erbaBuxwkAAAAAAADA2qjWn4FXqR68Va5WDx5ceIbf/7O1Oj0zO3fg1Myb5yYXnpW3I7VqOdNrsGk+6Gi9vLg+tmx9PMnOJB/2/dF48sDM9GS3Dx563LY2+V/4qa/b0QHrzvNaoXetIv9rGxEHsPFc/6F3yX/oXfIfepf8h94l/6F3yX/oXavP/4F1jQPYeK7/0JPu5rl+m63Qn00RRstCOX+qS2GU/yX/Jjkbm7Pw6ZfJBtTVl2SzHPIKhW72SgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACbx98BAAD//5IX2eo=")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r1, &(0x7f0000000000)='2', 0x1, 0x4fed0)

4.327648666s ago: executing program 2 (id=5579):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES64, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bc00551a000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)

4.10395105s ago: executing program 2 (id=5583):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x33f}, 0x1, 0x0, 0x0, 0xc0d0}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0xfffffffd, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$pppl2tp(r1, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x1, @remote}, 0xa}}, 0x26)
sendmmsg$inet(r1, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

4.09410764s ago: executing program 44 (id=5583):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x33f}, 0x1, 0x0, 0x0, 0xc0d0}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0xfffffffd, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$pppl2tp(r1, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x1, @remote}, 0xa}}, 0x26)
sendmmsg$inet(r1, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

1.141198911s ago: executing program 0 (id=5658):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r2, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac14140dffffffff0000000038000000000000000000000007"], 0x58}, 0x0)

1.138680851s ago: executing program 0 (id=5660):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

1.085319381s ago: executing program 3 (id=5662):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f00000016c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x2, @private1, 0xf}, 0x1c, 0x0}}], 0x1, 0x0)
shutdown(r0, 0x1)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x84, &(0x7f0000000080)={r3, @in6={{0xa, 0x4e21, 0xff, @empty, 0x9}}, 0x6, 0x400}, &(0x7f0000000480)=0x90)

1.073215272s ago: executing program 3 (id=5663):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = timerfd_create(0x0, 0x0)
timerfd_settime(r2, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)

998.975963ms ago: executing program 3 (id=5664):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r2 = socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0)

796.396716ms ago: executing program 3 (id=5665):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = memfd_create(&(0x7f0000000a80)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x5)
fsetxattr$security_selinux(r3, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)

730.100838ms ago: executing program 3 (id=5666):
r0 = socket$tipc(0x1e, 0x5, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r1, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0xe3}], 0x1)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000040)={0x0, 'syzkaller1\x00', {0x4}, 0x1})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

596.7925ms ago: executing program 5 (id=5674):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000001c0)='kfree\x00', r1, 0x0, 0x4}, 0x18)
sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x1c8, 0x0, 0x1acc02, 0x148, 0x0, 0x10, 0x3b8, 0x2a8, 0x2a8, 0x3b8, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x40000, 0x70, 0x98, 0x0, {0x0, 0x5803}}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x228)

563.285251ms ago: executing program 5 (id=5675):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
recvmsg(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)

562.621801ms ago: executing program 3 (id=5677):
r0 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r3, 0x1, 0x70bd26, 0x23c, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}]}, 0x1c}}, 0x0)
recvmmsg(r0, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x12003, 0x0)

514.117172ms ago: executing program 5 (id=5681):
r0 = socket(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', <r3=>0x0, 0x0, 0x0, 0x1, 0x2, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private1={0xfc, 0x1, '\x00', 0x4}, 0x0, 0x8000}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f0000000640)={'ip6_vti0\x00', r3, 0x0, 0x0, 0x3, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x24}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x6}})

399.280274ms ago: executing program 6 (id=5683):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000012c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

398.643083ms ago: executing program 5 (id=5693):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x682040)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
close_range(r0, 0xffffffffffffffff, 0x400000000000000)

372.350814ms ago: executing program 5 (id=5685):
r0 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0xc82, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000480), 0x0)

371.665074ms ago: executing program 6 (id=5686):
mount$tmpfs(0x0, &(0x7f0000001880)='.\x00', &(0x7f00000018c0), 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, 0x0, r2, 0x0, 0x46)

344.391214ms ago: executing program 7 (id=5687):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000001c0)='kfree\x00', r1, 0x0, 0x4}, 0x18)
sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x1c8, 0x0, 0x1acc02, 0x148, 0x0, 0x10, 0x3b8, 0x2a8, 0x2a8, 0x3b8, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x40000, 0x70, 0x98, 0x0, {0x0, 0x5803}}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x228)

344.207034ms ago: executing program 5 (id=5688):
unshare(0x2000400)
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r3=>0x0})
r4 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010c25bd7000ffdbdf251400000008001d00", @ANYRES32=r4, @ANYBLOB="08000300", @ANYRES32=r3], 0x24}}, 0x20000004)

320.058905ms ago: executing program 7 (id=5689):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000100)=@req3={0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x861}, 0x1c)

319.817115ms ago: executing program 6 (id=5690):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
munlockall()

298.355515ms ago: executing program 6 (id=5691):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x2000}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000580)={0x2, 0x3, 0x0, 0x3, 0x3, 0x0, 0x700, 0x0, [@sadb_key={0x1, 0x9}]}, 0x18}, 0x1, 0x7}, 0x40)

272.070206ms ago: executing program 6 (id=5692):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x8004587d, &(0x7f0000000080))

270.373345ms ago: executing program 0 (id=5694):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/vlan/vlan1\x00')
r0 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r0, 0x8983, &(0x7f0000000000)={0x1, 'vlan1\x00', {}, 0xc2c})
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x2002, 0x3b9}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)

245.743566ms ago: executing program 7 (id=5695):
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4a22, 0x0, @local, 0xb}, 0x1c)
writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000000)="65f2", 0x2}], 0x1)
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000540))
ptrace$cont(0x20, r0, 0x0, 0x0)

242.292736ms ago: executing program 6 (id=5696):
unshare(0x6a040000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
chdir(0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

163.653847ms ago: executing program 7 (id=5697):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
shutdown(r0, 0x1)

156.857047ms ago: executing program 7 (id=5698):
mount$tmpfs(0x0, &(0x7f0000001880)='.\x00', &(0x7f00000018c0), 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, 0x0, r2, 0x0, 0x46)

139.063198ms ago: executing program 0 (id=5699):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getuid()

124.322588ms ago: executing program 7 (id=5700):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
openat(0xffffffffffffff9c, 0x0, 0x1c5902, 0x2d)
fallocate(r0, 0x0, 0x0, 0x1001f0)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r1, 0x2007ffc)

74.616059ms ago: executing program 0 (id=5701):
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="05000000050000000004000009"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r2, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')

0s ago: executing program 0 (id=5702):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
write$cgroup_int(r0, &(0x7f0000000000)=0xfe8e, 0x12)

kernel console output (not intermixed with test programs):

butes in process `syz.6.3799'.
[  151.816304][T13485] loop2: detected capacity change from 0 to 512
[  151.844579][T13485] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e042c118, mo2=0002]
[  151.854787][T13485] System zones: 1-12
[  151.859291][T13485] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3800: corrupted in-inode xattr: e_value size too large
[  151.886938][T13485] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3800: couldn't read orphan inode 15 (err -117)
[  152.128021][T13514] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  152.158854][T13516] loop3: detected capacity change from 0 to 512
[  152.167066][T13511] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3812'.
[  152.176286][T13511] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3812'.
[  152.217622][T13516] EXT4-fs (loop3): 1 orphan inode deleted
[  152.234852][   T51] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  152.377179][T13534] batadv_slave_0: entered promiscuous mode
[  152.383459][T13534] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3822'.
[  152.407321][T13534] batadv_slave_0 (unregistering): left promiscuous mode
[  152.414333][T13534] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.628838][T13544] netlink: 3 bytes leftover after parsing attributes in process `syz.6.3827'.
[  152.644716][T13544] 0ªX¹¦À: renamed from caif0
[  152.661133][T13544] 0ªX¹¦À: entered allmulticast mode
[  152.666468][T13544] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  152.767387][T13552] netlink: 'syz.3.3831': attribute type 83 has an invalid length.
[  153.074381][T13560] loop3: detected capacity change from 0 to 8192
[  153.114264][T13560] bio_check_eod: 59 callbacks suppressed
[  153.114282][T13560] syz.3.3835: attempt to access beyond end of device
[  153.114282][T13560] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  153.156941][T13560] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  153.165389][T13560] FAT-fs (loop3): Filesystem has been set read-only
[  153.197058][T13560] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  153.227856][T13560] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  153.370736][T13572] loop0: detected capacity change from 0 to 128
[  153.439450][T13579] loop0: detected capacity change from 0 to 1024
[  153.448792][T13579] EXT4-fs: Ignoring removed nobh option
[  153.454486][T13579] EXT4-fs: Ignoring removed bh option
[  153.477822][T13579] EXT4-fs (loop0): shut down requested (0)
[  153.493959][T13585] loop3: detected capacity change from 0 to 512
[  154.336871][T13660] loop3: detected capacity change from 0 to 164
[  154.344141][T13660] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  154.422790][T13666] loop3: detected capacity change from 0 to 512
[  154.431402][T13666] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e042c118, mo2=0002]
[  154.440771][T13666] System zones: 1-12
[  154.445387][T13666] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.3881: corrupted in-inode xattr: e_value size too large
[  154.461476][T13666] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3881: couldn't read orphan inode 15 (err -117)
[  154.754166][T13683] loop3: detected capacity change from 0 to 8192
[  154.811514][T13347] netdevsim netdevsim7 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  154.819942][T13347] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.835175][T13347] netdevsim netdevsim7 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  154.843665][T13347] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.862965][T13347] netdevsim netdevsim7 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  154.871305][T13347] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.913123][T13347] netdevsim netdevsim7 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  154.921513][T13347] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.015745][T13700] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.086869][T13700] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.211779][T13700] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.307562][T13700] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.379619][T13700] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.409738][T13700] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.440288][T13700] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.460290][T13700] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.478934][T13715] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2051 sclass=netlink_route_socket pid=13715 comm=syz.7.3900
[  155.599266][ T9896] IPVS: starting estimator thread 0...
[  155.704788][T13720] IPVS: using max 2928 ests per chain, 146400 per kthread
[  155.801437][T13734] loop0: detected capacity change from 0 to 128
[  155.826529][   T29] kauditd_printk_skb: 209 callbacks suppressed
[  155.826546][   T29] audit: type=1400 audit(668.802:4544): avc:  denied  { write } for  pid=13736 comm="syz.3.3910" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  155.878861][   T29] audit: type=1400 audit(668.832:4545): avc:  denied  { ioctl } for  pid=13736 comm="syz.3.3910" path="/dev/ptp0" dev="devtmpfs" ino=246 ioctlcmd=0x3d10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  156.471341][   T29] audit: type=1326 audit(669.442:4546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  156.495034][   T29] audit: type=1326 audit(669.442:4547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  156.601030][   T29] audit: type=1326 audit(669.492:4548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  156.624650][   T29] audit: type=1326 audit(669.492:4549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  156.648331][   T29] audit: type=1326 audit(669.492:4550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  156.671399][   T29] audit: type=1326 audit(669.492:4551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff8c60808c7 code=0x7ffc0000
[  156.694798][   T29] audit: type=1326 audit(669.492:4552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7ff8c608083c code=0x7ffc0000
[  156.717759][   T29] audit: type=1326 audit(669.492:4553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7ff8c6080774 code=0x7ffc0000
[  156.985695][T13827] __nla_validate_parse: 1 callbacks suppressed
[  156.985714][T13827] netlink: 372 bytes leftover after parsing attributes in process `syz.3.3953'.
[  157.279459][T13836] loop2: detected capacity change from 0 to 164
[  157.300893][T13836] syz.2.3957: attempt to access beyond end of device
[  157.300893][T13836] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  157.337076][T13836] syz.2.3957: attempt to access beyond end of device
[  157.337076][T13836] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  157.659930][T13850] pimreg: entered allmulticast mode
[  157.699279][T13850] pimreg: left allmulticast mode
[  158.285834][T13877] netlink: 'syz.0.3973': attribute type 10 has an invalid length.
[  158.318371][T13877] netlink: 'syz.0.3973': attribute type 10 has an invalid length.
[  158.363872][T13877] team0: Port device dummy0 removed
[  158.376014][T13877] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  158.497962][T13886] pim6reg: entered allmulticast mode
[  158.544858][T13886] pim6reg: left allmulticast mode
[  158.746242][    C1] sd 0:0:1:0: [sda] tag#3445 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  158.756672][    C1] sd 0:0:1:0: [sda] tag#3445 CDB: Read(6) 08 00 00 00 00 00
[  158.769101][T13829] syz.3.3954 (13829) used greatest stack depth: 5880 bytes left
[  158.793743][T13906] netlink: 128 bytes leftover after parsing attributes in process `syz.7.3987'.
[  158.866878][T13913] netlink: 'syz.7.3990': attribute type 13 has an invalid length.
[  159.033747][T13913] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.040996][T13913] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.176289][T13913] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  159.198438][T13913] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  159.307052][T13913] netdevsim netdevsim7 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  159.315595][T13913] netdevsim netdevsim7 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  159.324002][T13913] netdevsim netdevsim7 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  159.332428][T13913] netdevsim netdevsim7 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  159.385863][T13913] netdevsim netdevsim7 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  159.394370][T13913] netdevsim netdevsim7 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  159.402797][T13913] netdevsim netdevsim7 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  159.411259][T13913] netdevsim netdevsim7 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  159.454136][T13935] loop0: detected capacity change from 0 to 512
[  159.532817][T13935] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.4000: casefold flag without casefold feature
[  159.597362][T13935] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4000: couldn't read orphan inode 15 (err -117)
[  159.623593][T13935] EXT4-fs mount: 18 callbacks suppressed
[  159.623612][T13935] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.704459][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.745909][T13950] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4008'.
[  159.762857][T13950] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4008'.
[  159.767887][T13952] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=13952 comm=syz.6.4005
[  159.862084][T13957] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  160.769971][T13999] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4025'.
[  160.805227][T13999] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4025'.
[  160.963541][T14016] loop7: detected capacity change from 0 to 128
[  161.012067][T14016] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  161.041477][T14020] IPVS: Error connecting to the multicast addr
[  161.051555][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  161.051630][   T29] audit: type=1400 audit(688.023:4631): avc:  denied  { setattr } for  pid=14015 comm="syz.7.4033" path="/381/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop7" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  161.231371][   T29] audit: type=1400 audit(688.153:4632): avc:  denied  { bind } for  pid=14023 comm="syz.0.4035" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  161.264824][ T8647] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  161.279224][T14026] macvtap0: entered promiscuous mode
[  161.318086][T14026] macvtap0: left promiscuous mode
[  161.381089][T14040] loop0: detected capacity change from 0 to 128
[  161.396008][T14040] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  161.641484][T14056] ref_ctr_offset mismatch. inode: 0x7cf offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1004000
[  161.705406][ T8293] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  161.754921][   T29] audit: type=1326 audit(688.733:4633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14060 comm="syz.6.4050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  161.755237][   T29] audit: type=1326 audit(688.733:4634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14060 comm="syz.6.4050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  161.755269][   T29] audit: type=1326 audit(688.733:4635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14060 comm="syz.6.4050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  161.755434][   T29] audit: type=1326 audit(688.733:4636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14060 comm="syz.6.4050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  161.755535][   T29] audit: type=1326 audit(688.733:4637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14060 comm="syz.6.4050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  161.765085][T14059] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4049'.
[  161.991243][T14070] netlink: 'syz.0.4053': attribute type 13 has an invalid length.
[  162.322245][T14069] SET target dimension over the limit!
[  162.428640][T14070] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.435883][T14070] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.471479][   T29] audit: type=1326 audit(689.443:4638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14073 comm="syz.2.4056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b0dde9a9 code=0x7ffc0000
[  162.471527][   T29] audit: type=1326 audit(689.443:4639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14073 comm="syz.2.4056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b0dde9a9 code=0x7ffc0000
[  162.471572][   T29] audit: type=1326 audit(689.443:4640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14073 comm="syz.2.4056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f87b0dde9a9 code=0x7ffc0000
[  162.481162][T14075] loop2: detected capacity change from 0 to 1024
[  162.510662][T14075] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  162.549960][T14075] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.609831][T14070] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  162.612288][T14070] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  162.688660][T14070] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  162.688952][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.697093][T14070] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  162.697131][T14070] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  162.723056][T14070] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  162.755218][T14070] batman_adv: batadv0: Interface deactivated: ipvlan2
[  162.791981][T14084] loop7: detected capacity change from 0 to 128
[  162.799352][T14084] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  162.813916][T14084] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  163.559793][T14144] loop3: detected capacity change from 0 to 1024
[  163.592625][T14148] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4087'.
[  163.625835][T14144] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.665407][T14144] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.4085: Allocating blocks 449-513 which overlap fs metadata
[  163.758993][T14143] EXT4-fs (loop3): pa ffff888106987cb0: logic 48, phys. 177, len 21
[  163.767113][T14143] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  163.826082][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.872212][T14167] netlink: 'syz.3.4093': attribute type 1 has an invalid length.
[  163.887277][T14170] atomic_op ffff8881576fe128 conn xmit_atomic 0000000000000000
[  163.968132][T14186] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  163.977379][T14186] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.985634][T14186] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.993865][T14186] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.004087][T14186] geneve2: entered promiscuous mode
[  164.066161][T14192] netlink: 'syz.7.4105': attribute type 4 has an invalid length.
[  164.073972][T14192] netlink: 152 bytes leftover after parsing attributes in process `syz.7.4105'.
[  164.091535][T14192] : renamed from bond0
[  164.304037][T14225] ref_ctr_offset mismatch. inode: 0xe3f offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1004000
[  164.470884][T14245] loop3: detected capacity change from 0 to 512
[  164.490964][T14246] loop2: detected capacity change from 0 to 256
[  164.498795][T14245] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.511604][T14246] FAT-fs (loop2): bogus number of FAT sectors
[  164.517839][T14246] FAT-fs (loop2): Can't find a valid FAT filesystem
[  164.589950][T14245] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.4129: corrupted inode contents
[  164.606106][T14245] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.4129: mark_inode_dirty error
[  164.619698][T14245] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.4129: corrupted inode contents
[  164.662572][T14245] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.4129: mark_inode_dirty error
[  164.676000][ T9895] kernel write not supported for file /929/attr/exec (pid: 9895 comm: kworker/0:11)
[  164.731293][T14270] ref_ctr_offset mismatch. inode: 0x8a0 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1004000
[  164.750423][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.599612][T14310] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4158'.
[  165.617611][T14310] netlink: 'syz.2.4158': attribute type 1 has an invalid length.
[  165.649268][T14312] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14312 comm=syz.3.4159
[  165.768077][T14330] loop2: detected capacity change from 0 to 7
[  165.829122][T14335] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4171'.
[  165.838870][T14335] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4171'.
[  165.906529][T14344] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4173'.
[  165.997941][T14321] loop3: detected capacity change from 0 to 512
[  166.026571][T14321] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  166.058936][T14321] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.098572][T14321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.203099][T14362] loop2: detected capacity change from 0 to 128
[  166.225381][T14364] netlink: 'syz.0.4182': attribute type 1 has an invalid length.
[  166.272383][T12166] kworker/u8:67: attempt to access beyond end of device
[  166.272383][T12166] loop2: rw=1, sector=145, nr_sectors = 16 limit=128
[  166.305789][T12166] kworker/u8:67: attempt to access beyond end of device
[  166.305789][T12166] loop2: rw=1, sector=169, nr_sectors = 8 limit=128
[  166.329665][T12166] kworker/u8:67: attempt to access beyond end of device
[  166.329665][T12166] loop2: rw=1, sector=185, nr_sectors = 8 limit=128
[  166.347710][T12166] kworker/u8:67: attempt to access beyond end of device
[  166.347710][T12166] loop2: rw=1, sector=201, nr_sectors = 8 limit=128
[  166.363351][T12166] kworker/u8:67: attempt to access beyond end of device
[  166.363351][T12166] loop2: rw=1, sector=217, nr_sectors = 8 limit=128
[  166.379879][T12166] kworker/u8:67: attempt to access beyond end of device
[  166.379879][T12166] loop2: rw=1, sector=233, nr_sectors = 8 limit=128
[  166.394697][T14362] syz.2.4181: attempt to access beyond end of device
[  166.394697][T14362] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[  166.417553][T14362] syz.2.4181: attempt to access beyond end of device
[  166.417553][T14362] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[  166.443739][T14362] syz.2.4181: attempt to access beyond end of device
[  166.443739][T14362] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128
[  166.471715][T12166] kworker/u8:67: attempt to access beyond end of device
[  166.471715][T12166] loop2: rw=1, sector=249, nr_sectors = 8 limit=128
[  166.517598][   T29] kauditd_printk_skb: 93 callbacks suppressed
[  166.517616][   T29] audit: type=1326 audit(693.493:4734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14383 comm="syz.7.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  166.557090][   T29] audit: type=1326 audit(693.523:4735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14383 comm="syz.7.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  166.580119][   T29] audit: type=1326 audit(693.523:4736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14383 comm="syz.7.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  166.603234][   T29] audit: type=1326 audit(693.523:4737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14383 comm="syz.7.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  166.626145][   T29] audit: type=1326 audit(693.523:4738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14383 comm="syz.7.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  166.649165][   T29] audit: type=1326 audit(693.523:4739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14383 comm="syz.7.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  166.672229][   T29] audit: type=1326 audit(693.523:4740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14383 comm="syz.7.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  166.695285][   T29] audit: type=1326 audit(693.523:4741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14383 comm="syz.7.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  166.718173][   T29] audit: type=1326 audit(693.523:4742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14383 comm="syz.7.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  166.764523][T14392] loop2: detected capacity change from 0 to 1024
[  166.775769][T14392] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  166.786765][T14392] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  166.806579][T14392] JBD2: no valid journal superblock found
[  166.812590][T14392] EXT4-fs (loop2): Could not load journal inode
[  166.860655][   T29] audit: type=1326 audit(693.833:4743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14404 comm="syz.7.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  167.015172][T14424] ref_ctr_offset mismatch. inode: 0x869 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1004000
[  167.375761][T14459] loop0: detected capacity change from 0 to 1024
[  167.432728][T14459] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.542991][T14459] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.4223: Allocating blocks 449-513 which overlap fs metadata
[  167.688973][T14456] EXT4-fs (loop0): pa ffff888106987cb0: logic 48, phys. 177, len 21
[  167.697115][T14456] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  167.895444][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.995540][T14483] loop2: detected capacity change from 0 to 512
[  168.038699][T14483] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.190278][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.393369][T14511] netlink: 'syz.6.4244': attribute type 4 has an invalid length.
[  168.488180][T14519] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4249'.
[  168.574077][T14528] loop3: detected capacity change from 0 to 128
[  168.592408][T14528] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  168.666484][T14528] FAT-fs (loop3): error, invalid access to FAT (entry 0x0affffff)
[  168.674430][T14528] FAT-fs (loop3): Filesystem has been set read-only
[  168.692144][T14539] ref_ctr_offset mismatch. inode: 0x893 offset: 0x0 ref_ctr_offset(old): 0x200000000100 ref_ctr_offset(new): 0x0
[  168.693792][T14528] FAT-fs (loop3): error, invalid access to FAT (entry 0x0affffff)
[  168.777225][T14542] wireguard0: entered promiscuous mode
[  168.782900][T14542] wireguard0: entered allmulticast mode
[  168.799773][ T5603] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  169.062768][T14581] loop7: detected capacity change from 0 to 1024
[  169.096078][T14587] loop0: detected capacity change from 0 to 1024
[  169.102927][T14587] EXT4-fs: Ignoring removed nomblk_io_submit option
[  169.113565][T14581] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.148868][T14581] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  169.173042][T14587] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.188137][T14581] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 28
[  169.200739][T14581] EXT4-fs (loop7): This should not happen!! Data will be lost
[  169.200739][T14581] 
[  169.210439][T14581] EXT4-fs (loop7): Total free blocks count 0
[  169.217110][T14581] EXT4-fs (loop7): Free/Dirty block details
[  169.223025][T14581] EXT4-fs (loop7): free_blocks=4293918720
[  169.228875][T14581] EXT4-fs (loop7): dirty_blocks=48
[  169.234011][T14581] EXT4-fs (loop7): Block reservation details
[  169.240109][T14581] EXT4-fs (loop7): i_reserved_data_blocks=3
[  169.254651][T14587] EXT4-fs error (device loop0): __ext4_remount:6736: comm syz.0.4276: Abort forced by user
[  169.278065][ T8647] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.289192][T14587] EXT4-fs (loop0): Remounting filesystem read-only
[  169.295807][T14587] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  169.321887][T14611] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4284'.
[  169.333322][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.356169][T14614] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4288'.
[  169.401885][T14619] loop0: detected capacity change from 0 to 4096
[  169.418789][T14619] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.468803][T14630] netlink: 'syz.7.4292': attribute type 4 has an invalid length.
[  169.602093][T14638] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.4296'.
[  169.623733][T14637] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.4296'.
[  169.687320][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.857086][T14659] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[  170.034540][T14686] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4318'.
[  170.088315][T14686] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4318'.
[  170.672523][T14732] bridge: RTM_NEWNEIGH with invalid ether address
[  170.773442][T14749] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4343'.
[  171.090507][T14789] netlink: 4436 bytes leftover after parsing attributes in process `syz.0.4362'.
[  171.090683][T14777] loop3: detected capacity change from 0 to 512
[  171.108044][T14789] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  171.159944][T14777] FAT-fs (loop3): codepage cp874 not found
[  171.378522][T14834] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4379'.
[  171.429134][T14839] loop2: detected capacity change from 0 to 512
[  171.436390][T14839] EXT4-fs: Ignoring removed mblk_io_submit option
[  171.447287][T14839] EXT4-fs: Ignoring removed mblk_io_submit option
[  171.457173][T14839] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  171.477771][T14839] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  171.491783][T14839] System zones: 1-12
[  171.515140][T14839] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4381: corrupted in-inode xattr: e_value size too large
[  171.532416][T14839] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4381: couldn't read orphan inode 15 (err -117)
[  171.545177][T14839] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.703885][   T29] kauditd_printk_skb: 102 callbacks suppressed
[  171.703902][   T29] audit: type=1326 audit(698.673:4846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14853 comm="syz.6.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  171.763900][   T29] audit: type=1326 audit(698.713:4847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14853 comm="syz.6.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  171.787125][   T29] audit: type=1326 audit(698.713:4848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14853 comm="syz.6.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  171.810214][   T29] audit: type=1326 audit(698.713:4849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14853 comm="syz.6.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  171.833176][   T29] audit: type=1326 audit(698.723:4850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14853 comm="syz.6.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  171.856379][   T29] audit: type=1326 audit(698.723:4851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14853 comm="syz.6.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  171.879320][   T29] audit: type=1326 audit(698.723:4852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14853 comm="syz.6.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  171.902364][   T29] audit: type=1326 audit(698.733:4853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14853 comm="syz.6.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  171.925249][   T29] audit: type=1326 audit(698.733:4854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14853 comm="syz.6.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  171.948254][   T29] audit: type=1326 audit(698.733:4855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14853 comm="syz.6.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  171.972708][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.027631][T14868] bridge: RTM_NEWNEIGH with invalid ether address
[  172.067581][T14871] bridge0: port 4(batadv2) entered blocking state
[  172.074134][T14871] bridge0: port 4(batadv2) entered disabled state
[  172.084516][T14871] batadv2: entered allmulticast mode
[  172.105225][T14871] batadv2: entered promiscuous mode
[  172.143802][T14881] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4399'.
[  172.174985][T14883] pim6reg: entered allmulticast mode
[  172.187915][T14883] pim6reg: left allmulticast mode
[  172.418368][T14926] random: crng reseeded on system resumption
[  172.447791][T14926] Restarting kernel threads ...
[  172.452937][T14926] Done restarting kernel threads.
[  172.533610][T14937] loop7: detected capacity change from 0 to 512
[  172.546893][T14937] EXT4-fs: Ignoring removed mblk_io_submit option
[  172.553540][T14937] EXT4-fs: Ignoring removed mblk_io_submit option
[  172.556507][T14941] tipc: Started in network mode
[  172.565331][T14941] tipc: Node identity 4, cluster identity 4711
[  172.571498][T14941] tipc: Node number set to 4
[  172.578780][ T8645] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[  172.586705][T14937] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  172.588061][ T8645] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[  172.615124][T14937] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  172.637194][T14937] System zones: 1-12
[  172.653854][T14937] EXT4-fs error (device loop7): ext4_iget_extra_inode:5035: inode #15: comm syz.7.4422: corrupted in-inode xattr: e_value size too large
[  172.681853][T14937] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.4422: couldn't read orphan inode 15 (err -117)
[  172.695127][T14937] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.839078][T14965] pim6reg: entered allmulticast mode
[  172.861306][T14965] pim6reg: left allmulticast mode
[  172.867913][T14967] loop2: detected capacity change from 0 to 764
[  172.967271][ T8647] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.012206][T14986] pim6reg: entered allmulticast mode
[  173.021366][T14986] pim6reg: left allmulticast mode
[  173.035044][T14980] loop2: detected capacity change from 0 to 512
[  173.061051][T14980] FAT-fs (loop2): codepage cp874 not found
[  173.164134][T15000] loop3: detected capacity change from 0 to 2048
[  173.207997][T15000] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.224406][T15000] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4447: bg 0: block 120: padding at end of block bitmap is not set
[  173.273941][T15012] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  173.314158][ T5603] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  173.358327][T15015] netlink: 'syz.7.4466': attribute type 13 has an invalid length.
[  173.402866][T15015] netdevsim netdevsim7 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.411597][T15015] netdevsim netdevsim7 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.420161][T15015] netdevsim netdevsim7 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.429077][T15015] netdevsim netdevsim7 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.571863][T15024] loop0: detected capacity change from 0 to 512
[  173.591856][T15024] FAT-fs (loop0): codepage cp874 not found
[  173.606772][T15032] pim6reg: entered allmulticast mode
[  173.625733][T15032] pim6reg: left allmulticast mode
[  173.649783][T15036] random: crng reseeded on system resumption
[  173.660980][T15036] Restarting kernel threads ...
[  173.666565][T15036] Done restarting kernel threads.
[  173.821242][T15053] netlink: 'syz.2.4471': attribute type 13 has an invalid length.
[  173.857703][T15053] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  173.897230][T15053] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  173.906254][T15053] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  173.915291][T15053] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  173.924275][T15053] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  173.940314][T15053] batman_adv: batadv0: Interface deactivated: ipvlan2
[  174.114391][T15065] loop0: detected capacity change from 0 to 128
[  174.122718][T15065] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  174.202219][ T8293] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  174.221863][T15074] random: crng reseeded on system resumption
[  174.235681][T15074] Restarting kernel threads ...
[  174.242723][T15074] Done restarting kernel threads.
[  174.361870][T15088] loop2: detected capacity change from 0 to 512
[  174.370429][T15088] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  174.383563][T15088] EXT4-fs (loop2): 1 truncate cleaned up
[  174.390208][T15088] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.542398][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.803162][T15132] bridge0: port 5(batadv2) entered blocking state
[  174.809866][T15132] bridge0: port 5(batadv2) entered disabled state
[  174.840244][T15132] batadv2: entered allmulticast mode
[  174.855184][T15132] batadv2: entered promiscuous mode
[  174.907760][T15140] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.916166][T15140] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.924465][T15140] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.932799][T15140] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.945293][T15140] geneve2: entered promiscuous mode
[  175.224036][T15158] lo: entered allmulticast mode
[  175.231101][T15158] lo: left allmulticast mode
[  175.304750][ T8645] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[  175.314252][ T8645] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[  175.332353][T15173] netlink: 'syz.3.4524': attribute type 1 has an invalid length.
[  175.383761][T15179] loop3: detected capacity change from 0 to 512
[  175.390966][T15179] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  175.405722][T15179] EXT4-fs (loop3): 1 truncate cleaned up
[  175.413659][T15179] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.485223][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.507126][T15189] 9pnet_fd: Insufficient options for proto=fd
[  175.524355][T15195] random: crng reseeded on system resumption
[  175.663816][T15212] loop3: detected capacity change from 0 to 512
[  175.679562][T15213] __nla_validate_parse: 20 callbacks suppressed
[  175.679580][T15213] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4539'.
[  175.686692][T15212] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  175.738281][T15212] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.818036][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.839061][T15229] loop2: detected capacity change from 0 to 128
[  175.849424][T15229] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  175.863752][ T3387] kernel write not supported for file /1029/attr/exec (pid: 3387 comm: kworker/1:3)
[  175.959384][T15249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4557'.
[  176.020421][ T8530] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  176.033583][T15256] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4560'.
[  176.043698][T15256] netlink: 'syz.7.4560': attribute type 1 has an invalid length.
[  176.105967][T15261] netlink: 4 bytes leftover after parsing attributes in process `gtp'.
[  176.193846][T15261] netlink: 4 bytes leftover after parsing attributes in process `gtp'.
[  176.215237][T15275] bridge0: port 4(batadv2) entered blocking state
[  176.221915][T15275] bridge0: port 4(batadv2) entered disabled state
[  176.241523][T15275] batadv2: entered allmulticast mode
[  176.248572][T15275] batadv2: entered promiscuous mode
[  176.403040][T15293] loop7: detected capacity change from 0 to 512
[  176.410806][T15293] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  176.455471][T15293] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.486922][ T8647] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.520992][T15310] bridge0: port 6(batadv3) entered blocking state
[  176.527775][T15310] bridge0: port 6(batadv3) entered disabled state
[  176.535147][T15310] batadv3: entered allmulticast mode
[  176.541057][T15310] batadv3: entered promiscuous mode
[  176.633649][T15326] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4590'.
[  176.714824][T12105] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[  176.724380][T12105] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[  176.793601][   T29] kauditd_printk_skb: 148 callbacks suppressed
[  176.793685][   T29] audit: type=1326 audit(703.763:5004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz.2.4603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b0dde9a9 code=0x7ffc0000
[  176.797072][T15351] loop2: detected capacity change from 0 to 512
[  176.800030][   T29] audit: type=1326 audit(703.763:5005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz.2.4603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b0dde9a9 code=0x7ffc0000
[  176.829319][T15351] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  176.832876][T15351] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.4603: invalid indirect mapped block 2683928664 (level 1)
[  176.852474][   T29] audit: type=1326 audit(703.763:5006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz.2.4603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f87b0dde9a9 code=0x7ffc0000
[  176.852543][   T29] audit: type=1326 audit(703.763:5007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz.2.4603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f87b0dde9e3 code=0x7ffc0000
[  176.852570][   T29] audit: type=1326 audit(703.763:5008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz.2.4603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f87b0ddd45f code=0x7ffc0000
[  176.852627][   T29] audit: type=1326 audit(703.763:5009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz.2.4603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f87b0ddea37 code=0x7ffc0000
[  176.852661][   T29] audit: type=1326 audit(703.763:5010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz.2.4603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f87b0ddd310 code=0x7ffc0000
[  176.852688][   T29] audit: type=1326 audit(703.763:5011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz.2.4603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f87b0dde5ab code=0x7ffc0000
[  176.938328][   T29] audit: type=1326 audit(703.803:5012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz.2.4603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f87b0ddd60a code=0x7ffc0000
[  177.037340][   T29] audit: type=1326 audit(703.803:5013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz.2.4603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f87b0ddd60a code=0x7ffc0000
[  177.063297][ T8645] batman_adv: batadv3: No IGMP Querier present - multicast optimizations disabled
[  177.073411][ T8645] batman_adv: batadv3: No MLD Querier present - multicast optimizations disabled
[  177.084741][T15351] EXT4-fs (loop2): Remounting filesystem read-only
[  177.091549][T15351] EXT4-fs (loop2): 1 truncate cleaned up
[  177.098449][T15351] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.137978][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.177857][T15359] loop7: detected capacity change from 0 to 128
[  177.266949][T15369] bio_check_eod: 50 callbacks suppressed
[  177.266966][T15369] syz.7.4614: attempt to access beyond end of device
[  177.266966][T15369] loop7: rw=2049, sector=145, nr_sectors = 16 limit=128
[  177.304798][T15369] syz.7.4614: attempt to access beyond end of device
[  177.304798][T15369] loop7: rw=2049, sector=169, nr_sectors = 8 limit=128
[  177.342789][T15369] syz.7.4614: attempt to access beyond end of device
[  177.342789][T15369] loop7: rw=2049, sector=185, nr_sectors = 8 limit=128
[  177.401748][T15369] syz.7.4614: attempt to access beyond end of device
[  177.401748][T15369] loop7: rw=2049, sector=201, nr_sectors = 8 limit=128
[  177.418240][T15369] syz.7.4614: attempt to access beyond end of device
[  177.418240][T15369] loop7: rw=2049, sector=217, nr_sectors = 8 limit=128
[  177.454165][T15369] syz.7.4614: attempt to access beyond end of device
[  177.454165][T15369] loop7: rw=2049, sector=233, nr_sectors = 8 limit=128
[  177.478836][T15369] syz.7.4614: attempt to access beyond end of device
[  177.478836][T15369] loop7: rw=2049, sector=249, nr_sectors = 8 limit=128
[  177.492786][T15369] syz.7.4614: attempt to access beyond end of device
[  177.492786][T15369] loop7: rw=2049, sector=265, nr_sectors = 8 limit=128
[  177.509890][T15369] syz.7.4614: attempt to access beyond end of device
[  177.509890][T15369] loop7: rw=2049, sector=281, nr_sectors = 8 limit=128
[  177.537491][T15369] syz.7.4614: attempt to access beyond end of device
[  177.537491][T15369] loop7: rw=2049, sector=297, nr_sectors = 8 limit=128
[  178.169334][T15430] loop7: detected capacity change from 0 to 128
[  178.180989][T15430] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  178.204742][T15433] netlink: 'syz.0.4637': attribute type 4 has an invalid length.
[  178.210228][T15430] FAT-fs (loop7): error, invalid access to FAT (entry 0x0affffff)
[  178.220463][T15430] FAT-fs (loop7): Filesystem has been set read-only
[  178.232124][T15430] FAT-fs (loop7): error, invalid access to FAT (entry 0x0affffff)
[  178.258789][ T8647] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  178.279432][T15436] wireguard0: entered promiscuous mode
[  178.285801][T15436] wireguard0: entered allmulticast mode
[  178.316936][T15439] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4640'.
[  178.412932][T15448] loop7: detected capacity change from 0 to 1024
[  178.431277][T15448] EXT4-fs: Ignoring removed nomblk_io_submit option
[  178.461100][T15448] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.487924][T15448] EXT4-fs error (device loop7): __ext4_remount:6736: comm syz.7.4643: Abort forced by user
[  178.500401][T15448] EXT4-fs (loop7): Remounting filesystem read-only
[  178.507085][T15448] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000.
[  178.534327][ T8647] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.556174][T15461] wireguard0: entered promiscuous mode
[  178.561782][T15461] wireguard0: entered allmulticast mode
[  178.743185][T15496] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.4670'.
[  178.758853][T15488] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.4670'.
[  179.559621][T15533] hub 6-0:1.0: USB hub found
[  179.564363][T15533] hub 6-0:1.0: 8 ports detected
[  179.592336][T15536] loop7: detected capacity change from 0 to 128
[  179.652894][T15545] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[  179.760044][T15565] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4693'.
[  179.892778][T15584] hub 6-0:1.0: USB hub found
[  179.904878][T15584] hub 6-0:1.0: 8 ports detected
[  179.912366][T15592] pimreg: entered allmulticast mode
[  179.937067][T15592] pimreg: left allmulticast mode
[  180.114258][T15627] loop2: detected capacity change from 0 to 1024
[  180.126899][T15627] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  180.140473][T15627] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #15: comm syz.2.4721: lblock 0 mapped to illegal pblock 0 (length 5)
[  180.157497][T15627] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 117
[  180.169890][T15627] EXT4-fs (loop2): This should not happen!! Data will be lost
[  180.169890][T15627] 
[  180.198561][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  180.314839][T15655] loop2: detected capacity change from 0 to 1024
[  180.326426][T15656] loop0: detected capacity change from 0 to 1024
[  180.333303][T15655] EXT4-fs: Ignoring removed orlov option
[  180.349917][T15655] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  180.401621][T15656] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.420792][T15655] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.421926][T15656] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  180.476806][T15656] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 28
[  180.489835][T15656] EXT4-fs (loop0): This should not happen!! Data will be lost
[  180.489835][T15656] 
[  180.499502][T15656] EXT4-fs (loop0): Total free blocks count 0
[  180.505545][T15656] EXT4-fs (loop0): Free/Dirty block details
[  180.511521][T15656] EXT4-fs (loop0): free_blocks=4293918720
[  180.517844][T15656] EXT4-fs (loop0): dirty_blocks=48
[  180.522974][T15656] EXT4-fs (loop0): Block reservation details
[  180.528987][T15656] EXT4-fs (loop0): i_reserved_data_blocks=3
[  180.578815][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.612791][T15677] loop2: detected capacity change from 0 to 128
[  180.637067][T15678] pimreg: entered allmulticast mode
[  180.652327][T15678] pimreg: left allmulticast mode
[  180.666957][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.726758][T15694] __nla_validate_parse: 5 callbacks suppressed
[  180.726777][T15694] netlink: 44 bytes leftover after parsing attributes in process `syz.6.4747'.
[  180.781731][T15702] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4750'.
[  180.797073][T15704] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4751'.
[  180.860166][T15714] loop2: detected capacity change from 0 to 1024
[  180.882227][T15714] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.922267][T15714] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  180.938249][T15714] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 28
[  180.950958][T15714] EXT4-fs (loop2): This should not happen!! Data will be lost
[  180.950958][T15714] 
[  180.959301][T15726] loop7: detected capacity change from 0 to 128
[  180.960831][T15714] EXT4-fs (loop2): Total free blocks count 0
[  180.960847][T15714] EXT4-fs (loop2): Free/Dirty block details
[  180.960858][T15714] EXT4-fs (loop2): free_blocks=4293918720
[  180.960870][T15714] EXT4-fs (loop2): dirty_blocks=48
[  180.960883][T15714] EXT4-fs (loop2): Block reservation details
[  180.960893][T15714] EXT4-fs (loop2): i_reserved_data_blocks=3
[  181.005799][T15726] vfat: Unknown parameter 'ÿÿÿÿ'
[  181.017253][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.109061][T15737] loop7: detected capacity change from 0 to 1024
[  181.132280][T15737] EXT4-fs: Ignoring removed nobh option
[  181.138537][T15737] EXT4-fs: inline encryption not supported
[  181.183190][T15751] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  181.183190][T15751]    program syz.3.4771 not setting count and/or reply_len properly
[  181.202926][T15737] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.249869][T15737] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4113: comm syz.7.4766: Allocating blocks 385-513 which overlap fs metadata
[  181.286140][T15737] EXT4-fs (loop7): pa ffff888106987c40: logic 16, phys. 129, len 24
[  181.294229][T15737] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  181.308333][T15737] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  181.320645][T15737] EXT4-fs (loop7): This should not happen!! Data will be lost
[  181.320645][T15737] 
[  181.330399][T15737] EXT4-fs (loop7): Total free blocks count 0
[  181.336478][T15737] EXT4-fs (loop7): Free/Dirty block details
[  181.341468][T15760] loop3: detected capacity change from 0 to 1024
[  181.342490][T15737] EXT4-fs (loop7): free_blocks=128
[  181.354102][T15737] EXT4-fs (loop7): dirty_blocks=0
[  181.359248][T15737] EXT4-fs (loop7): Block reservation details
[  181.365287][T15737] EXT4-fs (loop7): i_reserved_data_blocks=0
[  181.388976][T15760] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.438910][T15760] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  181.468085][T15760] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 28
[  181.480584][T15760] EXT4-fs (loop3): This should not happen!! Data will be lost
[  181.480584][T15760] 
[  181.480749][T15770] loop7: detected capacity change from 0 to 1024
[  181.490295][T15760] EXT4-fs (loop3): Total free blocks count 0
[  181.490311][T15760] EXT4-fs (loop3): Free/Dirty block details
[  181.490321][T15760] EXT4-fs (loop3): free_blocks=4293918720
[  181.490334][T15760] EXT4-fs (loop3): dirty_blocks=48
[  181.520688][T15760] EXT4-fs (loop3): Block reservation details
[  181.526888][T15760] EXT4-fs (loop3): i_reserved_data_blocks=3
[  181.558915][T15770] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  181.577537][T15770] EXT4-fs error (device loop7): ext4_map_blocks:816: inode #15: comm syz.7.4786: lblock 0 mapped to illegal pblock 0 (length 5)
[  181.591250][T15770] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 117
[  181.604368][T15770] EXT4-fs (loop7): This should not happen!! Data will be lost
[  181.604368][T15770] 
[  181.633543][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.665690][ T8647] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  181.682148][T15779] loop3: detected capacity change from 0 to 764
[  181.705695][T15779] Symlink component flag not implemented
[  181.711533][T15779] Symlink component flag not implemented (7)
[  182.317537][T15786] ip6tnl0: entered promiscuous mode
[  182.326137][   T29] kauditd_printk_skb: 72 callbacks suppressed
[  182.326154][   T29] audit: type=1326 audit(709.293:5086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15780 comm="syz.7.4791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  182.355775][   T29] audit: type=1326 audit(709.293:5087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15780 comm="syz.7.4791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  182.383436][T15786] veth1_to_bond: entered allmulticast mode
[  182.390321][T15783] veth1_to_bond: left allmulticast mode
[  182.396044][T15783] ip6tnl0: left promiscuous mode
[  182.401161][   T29] audit: type=1326 audit(709.363:5088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15780 comm="syz.7.4791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  182.424813][   T29] audit: type=1326 audit(709.363:5089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15780 comm="syz.7.4791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  182.431589][T15789] loop3: detected capacity change from 0 to 1024
[  182.447739][   T29] audit: type=1326 audit(709.363:5090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15780 comm="syz.7.4791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd4ce9a9 code=0x7ffc0000
[  182.475201][T15789] EXT4-fs: Ignoring removed oldalloc option
[  182.483006][T15789] EXT4-fs: Ignoring removed bh option
[  182.483084][T15790] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.4778'.
[  182.498646][T15787] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.4778'.
[  182.558075][T15789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.570787][   T29] audit: type=1326 audit(709.503:5091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15797 comm="syz.2.4785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b0dde9a9 code=0x7ffc0000
[  182.593731][   T29] audit: type=1400 audit(709.513:5092): avc:  denied  { write } for  pid=15791 comm="syz.7.4782" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  182.613190][   T29] audit: type=1326 audit(709.523:5093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15797 comm="syz.2.4785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b0dde9a9 code=0x7ffc0000
[  182.636678][   T29] audit: type=1326 audit(709.533:5094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15797 comm="syz.2.4785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87b0dde9a9 code=0x7ffc0000
[  182.659672][   T29] audit: type=1326 audit(709.533:5095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15797 comm="syz.2.4785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b0dde9a9 code=0x7ffc0000
[  182.792035][T15815] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4790'.
[  182.972718][T15824] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4795'.
[  183.068030][T15802] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.4781: Allocating blocks 1-17 which overlap fs metadata
[  183.081906][T15827] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4796'.
[  183.091308][T15789] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.4781: Allocating blocks 1-17 which overlap fs metadata
[  183.208357][T15836] openvswitch: netlink: Message has 6 unknown bytes.
[  183.321269][T15840] loop2: detected capacity change from 0 to 128
[  183.343607][T15840] EXT4-fs (loop2): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  183.392492][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.534886][T15852] futex_wake_op: syz.2.4810 tries to shift op by -1; fix this program
[  183.590445][T15858] sit0: entered promiscuous mode
[  183.595544][T15858] netlink: 'syz.2.4813': attribute type 1 has an invalid length.
[  183.603281][T15858] netlink: 1 bytes leftover after parsing attributes in process `syz.2.4813'.
[  183.780598][T15879] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  183.837066][T15895] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4829'.
[  183.888335][ T3387] hid-generic 0000:0004:0000.0009: unknown main item tag 0x0
[  183.896050][ T3387] hid-generic 0000:0004:0000.0009: unknown main item tag 0x0
[  183.903637][ T3387] hid-generic 0000:0004:0000.0009: unknown main item tag 0x0
[  183.915061][ T3387] hid-generic 0000:0004:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  184.060444][T15920] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  184.658399][T15922] netlink: 'syz.3.4841': attribute type 13 has an invalid length.
[  184.675359][T15922] gretap0: refused to change device tx_queue_len
[  184.681776][T15922] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  184.756438][T15939] netlink: 'syz.6.4845': attribute type 5 has an invalid length.
[  185.422799][T15975] loop0: detected capacity change from 0 to 512
[  185.441651][T15975] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  185.460263][T15975] EXT4-fs (loop0): 1 truncate cleaned up
[  185.466812][T15975] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.493155][T15978] hub 2-0:1.0: USB hub found
[  185.501963][T15978] hub 2-0:1.0: 8 ports detected
[  185.709322][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.905202][   T78] I/O error, dev loop1, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[  185.922196][T16015] loop3: detected capacity change from 0 to 512
[  185.933185][T16015] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  185.964083][T16015] EXT4-fs (loop3): 1 truncate cleaned up
[  185.998416][T16029] netlink: 'syz.0.4885': attribute type 2 has an invalid length.
[  186.006345][T16029] netlink: 'syz.0.4885': attribute type 1 has an invalid length.
[  186.014123][T16029] netlink: 'syz.0.4885': attribute type 2 has an invalid length.
[  186.701172][T16073] netlink: 'syz.0.4906': attribute type 13 has an invalid length.
[  186.713038][T16073] gretap0: refused to change device tx_queue_len
[  186.719484][T16073] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  186.964564][T16101] loop7: detected capacity change from 0 to 1024
[  186.988813][T16101] EXT4-fs: Ignoring removed oldalloc option
[  186.994973][T16101] EXT4-fs: Ignoring removed bh option
[  187.048645][T16109] loop2: detected capacity change from 0 to 2048
[  187.098012][T16109] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.4924: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  187.218587][T16109] EXT4-fs (loop2): Remounting filesystem read-only
[  187.482694][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  187.482713][   T29] audit: type=1326 audit(714.453:5282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16133 comm="syz.6.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  187.512101][   T29] audit: type=1326 audit(714.453:5283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16133 comm="syz.6.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  187.535197][   T29] audit: type=1326 audit(714.453:5284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16133 comm="syz.6.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  187.564681][   T29] audit: type=1326 audit(714.453:5285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16133 comm="syz.6.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  187.570824][T16118] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4113: comm syz.7.4920: Allocating blocks 1-17 which overlap fs metadata
[  187.587656][   T29] audit: type=1326 audit(714.463:5286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16133 comm="syz.6.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  187.629658][T16101] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4113: comm syz.7.4920: Allocating blocks 1-17 which overlap fs metadata
[  187.681785][T16140] netlink: 'syz.6.4936': attribute type 2 has an invalid length.
[  187.690282][T16140] netlink: 'syz.6.4936': attribute type 1 has an invalid length.
[  187.698193][T16140] netlink: 'syz.6.4936': attribute type 2 has an invalid length.
[  187.798312][T16149] loop0: detected capacity change from 0 to 1024
[  187.841440][T16149] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 47 with max blocks 1 with error 28
[  187.853823][T16149] EXT4-fs (loop0): This should not happen!! Data will be lost
[  187.853823][T16149] 
[  187.863513][T16149] EXT4-fs (loop0): Total free blocks count 0
[  187.869551][T16149] EXT4-fs (loop0): Free/Dirty block details
[  187.875491][T16149] EXT4-fs (loop0): free_blocks=0
[  187.880458][T16149] EXT4-fs (loop0): dirty_blocks=0
[  187.885600][T16149] EXT4-fs (loop0): Block reservation details
[  187.891700][T16149] EXT4-fs (loop0): i_reserved_data_blocks=0
[  188.046092][   T29] audit: type=1326 audit(715.023:5287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16180 comm="syz.6.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  188.092596][   T29] audit: type=1326 audit(715.043:5288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16180 comm="syz.6.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  188.115797][   T29] audit: type=1326 audit(715.043:5289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16180 comm="syz.6.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  188.138957][   T29] audit: type=1326 audit(715.043:5290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16180 comm="syz.6.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  188.162044][   T29] audit: type=1326 audit(715.043:5291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16180 comm="syz.6.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc53367e9a9 code=0x7ffc0000
[  188.186503][T16184] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  188.224208][T16189] rdma_op ffff888122ac5d80 conn xmit_rdma 0000000000000000
[  188.251401][T16191] pim6reg: entered allmulticast mode
[  188.274091][T16196] loop3: detected capacity change from 0 to 256
[  188.277780][T16191] pim6reg: left allmulticast mode
[  188.305923][T16196] __nla_validate_parse: 4 callbacks suppressed
[  188.305941][T16196] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4961'.
[  188.419477][T16202] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4964'.
[  188.428474][T16202] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4964'.
[  188.437787][T16202] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4964'.
[  188.485964][T16204] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4965'.
[  188.570388][T16204] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4965'.
[  189.411840][T16254] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4996'.
[  189.421301][T16254] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4996'.
[  189.493685][T16261] loop2: detected capacity change from 0 to 1024
[  189.502395][T16261] EXT4-fs: Ignoring removed nomblk_io_submit option
[  189.503472][T16266] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  189.519852][T16268] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4991'.
[  189.528943][T16268] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4991'.
[  189.603726][T16281] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  189.938635][T16306] loop0: detected capacity change from 0 to 1024
[  189.945860][T16306] EXT4-fs: Ignoring removed nomblk_io_submit option
[  189.977181][T16306] EXT4-fs mount: 10 callbacks suppressed
[  189.977199][T16306] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.038640][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.165146][T16322] loop2: detected capacity change from 0 to 128
[  190.252801][T16334] loop3: detected capacity change from 0 to 1024
[  190.263484][T16334] EXT4-fs: Ignoring removed nomblk_io_submit option
[  190.271405][T16330] validate_nla: 1 callbacks suppressed
[  190.271421][T16330] netlink: 'syz.2.5017': attribute type 10 has an invalid length.
[  190.288972][T16334] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.347983][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.474237][T16358] macvtap0: entered promiscuous mode
[  190.489498][T16358] macvtap0: left promiscuous mode
[  190.512427][T16364] loop0: detected capacity change from 0 to 1024
[  190.528015][T16364] EXT4-fs: Ignoring removed orlov option
[  190.553657][T16364] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.616282][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.710436][T16387] pim6reg: entered allmulticast mode
[  190.738514][T16387] pim6reg: left allmulticast mode
[  190.798985][T16397] program syz.2.5049 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  190.855853][T16408] loop7: detected capacity change from 0 to 256
[  190.880315][T16409] loop0: detected capacity change from 0 to 164
[  190.888777][T16409] ISOFS: unable to read i-node block
[  190.894150][T16409] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  190.914970][T16408] netlink: 'syz.7.5053': attribute type 1 has an invalid length.
[  191.152377][T16431] pim6reg: entered allmulticast mode
[  191.168109][T16431] pim6reg: left allmulticast mode
[  191.267503][T16447] sg_write: data in/out 219/120 bytes for SCSI command 0x0-- guessing data in;
[  191.267503][T16447]    program syz.2.5069 not setting count and/or reply_len properly
[  191.387321][T16461] netlink: 'syz.7.5076': attribute type 1 has an invalid length.
[  192.115259][T16468] pim6reg: entered allmulticast mode
[  192.122766][T16468] pim6reg: left allmulticast mode
[  192.135370][T16471] vhci_hcd: invalid port number 96
[  192.140648][T16471] vhci_hcd: default hub control req: 0300 vfffc i0060 l0
[  192.213492][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.221139][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.228694][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.236192][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.243675][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.251145][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.258703][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.266142][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.273689][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.281151][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.288662][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.296170][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.303586][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.311077][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.318535][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.325986][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.333576][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.341058][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.348555][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.356013][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.363462][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.370957][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.378566][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.386045][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.393438][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.401061][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.408499][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.415903][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.423289][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.430773][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.438167][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.445648][ T3387] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  192.455442][ T3387] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  192.494003][   T29] kauditd_printk_skb: 282 callbacks suppressed
[  192.494020][   T29] audit: type=1400 audit(719.463:5574): avc:  denied  { ioctl } for  pid=16492 comm="syz.3.5090" path="socket:[47827]" dev="sockfs" ino=47827 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  192.539022][   T29] audit: type=1400 audit(719.473:5575): avc:  denied  { write } for  pid=16492 comm="syz.3.5090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  192.559060][   T29] audit: type=1400 audit(719.483:5576): avc:  denied  { read } for  pid=16492 comm="syz.3.5090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  192.593162][   T29] audit: type=1400 audit(719.563:5577): avc:  denied  { append } for  pid=16494 comm="syz.7.5091" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  192.625818][   T29] audit: type=1400 audit(719.593:5578): avc:  denied  { ioctl } for  pid=16498 comm="syz.2.5092" path="socket:[47844]" dev="sockfs" ino=47844 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  192.657268][T16500] loop3: detected capacity change from 0 to 1024
[  192.664540][T16500] EXT4-fs: Ignoring removed orlov option
[  192.670338][   T29] audit: type=1400 audit(719.633:5579): avc:  denied  { mounton } for  pid=16497 comm="syz.3.5093" path="/863/file1" dev="tmpfs" ino=4485 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  192.693610][   T29] audit: type=1400 audit(719.673:5580): avc:  denied  { write } for  pid=16486 comm="syz.0.5086" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  192.716269][   T29] audit: type=1400 audit(719.673:5581): avc:  denied  { ioctl } for  pid=16486 comm="syz.0.5086" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  192.763177][T16502] netlink: 'syz.6.5095': attribute type 1 has an invalid length.
[  192.776560][T16500] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.791422][T16511] netlink: 'syz.7.5098': attribute type 10 has an invalid length.
[  192.794063][T16510] loop2: detected capacity change from 0 to 1024
[  192.799416][T16511] dummy0: entered promiscuous mode
[  192.812801][   T29] audit: type=1400 audit(719.783:5582): avc:  denied  { mount } for  pid=16497 comm="syz.3.5093" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  192.834249][   T29] audit: type=1400 audit(719.783:5583): avc:  denied  { add_name } for  pid=16497 comm="syz.3.5093" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  192.856477][T16511] bridge0: port 5(dummy0) entered blocking state
[  192.862903][T16511] bridge0: port 5(dummy0) entered disabled state
[  192.869479][T16511] dummy0: entered allmulticast mode
[  192.878722][T16510] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.896844][T16510] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.5097: bg 0: block 393: padding at end of block bitmap is not set
[  192.916049][T16510] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117
[  192.929280][T16510] EXT4-fs (loop2): This should not happen!! Data will be lost
[  192.929280][T16510] 
[  192.942406][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.981309][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.991621][T16521] loop3: detected capacity change from 0 to 128
[  193.040395][T16525] loop2: detected capacity change from 0 to 128
[  193.061094][T16525] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8)
[  193.076946][T16525] FAT-fs (loop2): Filesystem has been set read-only
[  193.089991][T16525] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[  193.109675][T16525] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[  193.156092][T16532] sg_write: data in/out 219/120 bytes for SCSI command 0x0-- guessing data in;
[  193.156092][T16532]    program syz.3.5117 not setting count and/or reply_len properly
[  193.334977][T16546] loop2: detected capacity change from 0 to 1024
[  193.344549][T16546] EXT4-fs: Ignoring removed oldalloc option
[  193.350571][T16546] EXT4-fs: Ignoring removed bh option
[  193.387043][T16546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.874043][T16546] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.5110: Allocating blocks 1-17 which overlap fs metadata
[  193.891114][T16562] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.5110: Allocating blocks 1-17 which overlap fs metadata
[  194.089002][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.120380][T16588] loop2: detected capacity change from 0 to 164
[  194.130726][T16588] ISOFS: unable to read i-node block
[  194.136075][T16588] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  194.170911][T16590] netlink: 'syz.2.5131': attribute type 1 has an invalid length.
[  194.211008][T16586] netlink: 'syz.0.5130': attribute type 1 has an invalid length.
[  194.315813][T16595] vhci_hcd: invalid port number 96
[  194.320984][T16595] vhci_hcd: default hub control req: 0300 vfffc i0060 l0
[  194.454470][T16613] __nla_validate_parse: 15 callbacks suppressed
[  194.454487][T16613] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5143'.
[  194.479904][T16609] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5141'.
[  194.492864][T16615] loop0: detected capacity change from 0 to 128
[  194.499285][T16613] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5143'.
[  194.536340][T16615] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8)
[  194.541622][T16617] netlink: 'syz.2.5145': attribute type 1 has an invalid length.
[  194.545593][T16615] FAT-fs (loop0): Filesystem has been set read-only
[  194.574348][T16615] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522)
[  194.620643][T16615] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522)
[  194.694822][T16620] Falling back ldisc for ttyS3.
[  194.886465][T16644] vhci_hcd: invalid port number 96
[  194.891647][T16644] vhci_hcd: default hub control req: 0300 vfffc i0060 l0
[  195.053025][T16655] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5162'.
[  195.149075][T16660] netem: incorrect ge model size
[  195.154078][T16660] netem: change failed
[  195.453578][T16688] netem: incorrect ge model size
[  195.458782][T16688] netem: change failed
[  195.627470][T16695] netlink: 'syz.0.5181': attribute type 1 has an invalid length.
[  195.652507][T16699] loop2: detected capacity change from 0 to 2048
[  195.706252][T16699]  loop2: p1 < > p4
[  195.711146][T16699] loop2: p4 size 8388608 extends beyond EOD, truncated
[  195.931702][T16720] pim6reg: entered allmulticast mode
[  195.937684][T16720] pim6reg: left allmulticast mode
[  196.510852][T16758] netlink: 'syz.6.5207': attribute type 10 has an invalid length.
[  196.519783][T16758] bridge0: port 3(dummy0) entered blocking state
[  196.526281][T16758] bridge0: port 3(dummy0) entered forwarding state
[  196.538139][T16758] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  196.556480][T16758] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5207'.
[  196.570245][T16758] batadv2: left allmulticast mode
[  196.575361][T16744] loop3: detected capacity change from 0 to 8192
[  196.575375][T16758] batadv2: left promiscuous mode
[  196.575480][T16758] bridge0: port 5(batadv2) entered disabled state
[  196.597736][T16758] batadv1: left allmulticast mode
[  196.602901][T16758] batadv1: left promiscuous mode
[  196.608150][T16758] bridge0: port 4(batadv1) entered disabled state
[  196.616930][T16758] dummy0: left allmulticast mode
[  196.622111][T16758] bridge0: port 3(dummy0) entered disabled state
[  196.629725][T16758] bridge_slave_1: left allmulticast mode
[  196.635497][T16758] bridge_slave_1: left promiscuous mode
[  196.641421][T16758] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.652132][T16758] bridge_slave_0: left promiscuous mode
[  196.657975][T16758] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.680437][T16758] bond0: (slave bridge0): Releasing backup interface
[  196.721354][T16765] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5210'.
[  196.730878][T16765] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5210'.
[  197.035526][T16799] syzkaller1: entered promiscuous mode
[  197.041079][T16799] syzkaller1: entered allmulticast mode
[  197.169615][T16803] loop0: detected capacity change from 0 to 2048
[  197.266432][T16803]  loop0: p1 < > p4
[  197.273759][T16803] loop0: p4 size 8388608 extends beyond EOD, truncated
[  197.282600][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.290084][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.297632][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.305710][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.313187][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.320675][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.328144][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.336197][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.343663][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.351112][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.358563][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.366578][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.374003][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.381432][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.388970][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.397013][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.404444][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.411987][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.419417][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.427602][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.435112][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.442612][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.450193][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.458294][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.465744][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.473158][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.480677][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.489046][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.496473][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.503886][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.511350][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.519156][ T3394] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  197.527579][ T3394] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  197.546857][   T29] kauditd_printk_skb: 185 callbacks suppressed
[  197.546903][   T29] audit: type=1400 audit(724.513:5769): avc:  denied  { read } for  pid=16820 comm="syz.0.5236" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  197.575866][   T29] audit: type=1400 audit(724.513:5770): avc:  denied  { open } for  pid=16820 comm="syz.0.5236" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  197.647164][   T29] audit: type=1400 audit(724.613:5771): avc:  denied  { mounton } for  pid=16824 comm="syz.7.5237" path="/590/file0" dev="tmpfs" ino=3078 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  197.729459][   T29] audit: type=1400 audit(724.693:5772): avc:  denied  { read } for  pid=16831 comm="syz.3.5240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  197.764784][   T29] audit: type=1400 audit(724.733:5773): avc:  denied  { create } for  pid=16835 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  197.784361][   T29] audit: type=1400 audit(724.733:5774): avc:  denied  { bind } for  pid=16835 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  197.803128][   T29] audit: type=1400 audit(724.733:5775): avc:  denied  { setopt } for  pid=16835 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  197.822792][   T29] audit: type=1400 audit(724.733:5776): avc:  denied  { write } for  pid=16835 comm="+}[@" path="socket:[49520]" dev="sockfs" ino=49520 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  197.841467][T16839] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5244'.
[  197.890140][   T29] audit: type=1400 audit(724.763:5777): avc:  denied  { ioctl } for  pid=16837 comm="syz.7.5244" path="socket:[49527]" dev="sockfs" ino=49527 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  197.916060][   T29] audit: type=1400 audit(724.783:5778): avc:  denied  { execmem } for  pid=16830 comm="syz.2.5241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  198.018356][T16851] loop3: detected capacity change from 0 to 512
[  198.026550][T16851] EXT4-fs: Ignoring removed oldalloc option
[  198.055970][T16851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.114167][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.162013][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.170212][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.177690][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.185203][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.192616][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.200703][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.208252][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.215726][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.223219][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.231304][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.238739][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.246273][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.253765][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.261780][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.269225][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.276718][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.284188][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.292395][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.299911][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.307373][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.315308][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.322755][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.330212][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.337652][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.345666][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.353171][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.360656][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.368110][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.376230][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.383634][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.391072][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.398566][ T3394] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  198.514874][ T3394] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  198.773255][T16871] tipc: Failed to remove unknown binding: 66,1,1/3637564359:3927678851/3927678853
[  198.784115][T16873] netlink: 'syz.2.5256': attribute type 7 has an invalid length.
[  198.792456][T16873] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5256'.
[  198.890432][T16876] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5258'.
[  198.987136][T16881] syzkaller0: entered promiscuous mode
[  198.992764][T16881] syzkaller0: entered allmulticast mode
[  199.332122][T16904] netlink: 'syz.2.5271': attribute type 10 has an invalid length.
[  199.345468][T16904] bridge0: port 4(dummy0) entered blocking state
[  199.351861][T16904] bridge0: port 4(dummy0) entered forwarding state
[  199.363457][T16904] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  199.380341][T16904] batadv3: left allmulticast mode
[  199.385584][T16904] batadv3: left promiscuous mode
[  199.390697][T16904] bridge0: port 6(batadv3) entered disabled state
[  199.406398][T16906] loop7: detected capacity change from 0 to 512
[  199.413697][T16904] batadv2: left allmulticast mode
[  199.418899][T16904] batadv2: left promiscuous mode
[  199.423981][T16904] bridge0: port 5(batadv2) entered disabled state
[  199.433383][T16906] EXT4-fs: Ignoring removed oldalloc option
[  199.439930][T16904] dummy0: left allmulticast mode
[  199.449594][T16904] bridge0: port 4(dummy0) entered disabled state
[  199.459716][T16904] batadv1: left allmulticast mode
[  199.464847][T16904] batadv1: left promiscuous mode
[  199.469971][T16904] bridge0: port 3(batadv1) entered disabled state
[  199.488384][T16906] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.503514][T16904] bridge_slave_1: left allmulticast mode
[  199.509762][T16904] bridge_slave_1: left promiscuous mode
[  199.515446][T16904] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.526324][T16904] bridge_slave_0: left allmulticast mode
[  199.532142][T16904] bridge_slave_0: left promiscuous mode
[  199.538519][T16904] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.553718][T16904] bond0: (slave bridge0): Releasing backup interface
[  199.564109][ T8647] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.677728][T16923] loop0: detected capacity change from 0 to 512
[  199.696263][T16923] EXT4-fs: Ignoring removed oldalloc option
[  199.716871][T16923] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.741556][T16929] __nla_validate_parse: 2 callbacks suppressed
[  199.741571][T16929] netlink: 108 bytes leftover after parsing attributes in process `syz.2.5280'.
[  199.890524][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.241560][T16944] loop0: detected capacity change from 0 to 8192
[  200.296620][T16944]  loop0: p2 p3 p4
[  200.300420][T16944] loop0: p2 start 2936012800 is beyond EOD, truncated
[  200.307336][T16944] loop0: p3 start 1912602624 is beyond EOD, truncated
[  200.314244][T16944] loop0: p4 size 656640 extends beyond EOD, truncated
[  200.414146][T16961] netlink: 108 bytes leftover after parsing attributes in process `syz.0.5295'.
[  200.479552][T16963] tipc: Failed to remove unknown binding: 66,1,1/0:1579685218/1579685220
[  201.060022][T16988] loop0: detected capacity change from 0 to 8192
[  201.127765][T16991] tipc: Failed to remove unknown binding: 66,1,1/0:4029065072/4029065074
[  201.279366][T17002] netlink: 'syz.3.5312': attribute type 10 has an invalid length.
[  201.300496][T17002] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5312'.
[  201.316911][T17008] loop2: detected capacity change from 0 to 512
[  201.328311][T17008] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.5314: Failed to acquire dquot type 1
[  201.355438][T17008] EXT4-fs (loop2): 1 truncate cleaned up
[  201.361567][T17008] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.400006][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.491302][T17021] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5318'.
[  201.530634][T17019] loop3: detected capacity change from 0 to 8192
[  201.551876][T17021] vlan2: entered allmulticast mode
[  201.582424][T17021] dummy0: entered allmulticast mode
[  201.595102][T17019]  loop3: p2 p3 p4
[  201.600014][T17019] loop3: p2 start 2936012800 is beyond EOD, truncated
[  201.607453][T17019] loop3: p3 start 1912602624 is beyond EOD, truncated
[  201.614352][T17019] loop3: p4 size 656640 extends beyond EOD, truncated
[  202.294472][T17056] loop7: detected capacity change from 0 to 512
[  202.308582][T17056] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.5335: Failed to acquire dquot type 1
[  202.320657][T17056] EXT4-fs (loop7): 1 truncate cleaned up
[  202.330199][T17056] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.359804][ T8647] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.567366][   T29] kauditd_printk_skb: 224 callbacks suppressed
[  202.567385][   T29] audit: type=1400 audit(729.543:5999): avc:  denied  { write } for  pid=17075 comm="syz.7.5344" path="socket:[50754]" dev="sockfs" ino=50754 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  202.650564][   T29] audit: type=1400 audit(729.623:6000): avc:  denied  { mount } for  pid=17083 comm="syz.7.5346" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  202.690510][T17088] netlink: 'syz.7.5348': attribute type 13 has an invalid length.
[  202.722824][T17088] gretap0: refused to change device tx_queue_len
[  202.728812][   T29] audit: type=1400 audit(729.693:6001): avc:  denied  { create } for  pid=17091 comm="syz.2.5351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  202.749383][T17088] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  202.782169][   T29] audit: type=1400 audit(729.753:6002): avc:  denied  { connect } for  pid=17091 comm="syz.2.5351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  202.801820][   T29] audit: type=1400 audit(729.753:6003): avc:  denied  { ioctl } for  pid=17091 comm="syz.2.5351" path="socket:[50779]" dev="sockfs" ino=50779 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  202.868499][   T29] audit: type=1400 audit(729.843:6004): avc:  denied  { create } for  pid=17100 comm="syz.6.5354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  202.900948][   T29] audit: type=1400 audit(729.873:6005): avc:  denied  { write } for  pid=17100 comm="syz.6.5354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  202.931477][   T29] audit: type=1400 audit(729.903:6006): avc:  denied  { mount } for  pid=17104 comm="syz.2.5356" name="/" dev="ramfs" ino=49916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  202.931905][T17103] netlink: 68 bytes leftover after parsing attributes in process `syz.3.5355'.
[  203.116716][T17126] loop2: detected capacity change from 0 to 8192
[  203.165040][T17126]  loop2: p2 p3 p4
[  203.169054][T17126] loop2: p2 start 2936012800 is beyond EOD, truncated
[  203.175958][T17126] loop2: p3 start 1912602624 is beyond EOD, truncated
[  203.182874][T17126] loop2: p4 size 656640 extends beyond EOD, truncated
[  203.225672][   T29] audit: type=1400 audit(730.203:6007): avc:  denied  { read } for  pid=17131 comm="syz.2.5365" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  203.248538][   T29] audit: type=1400 audit(730.203:6008): avc:  denied  { open } for  pid=17131 comm="syz.2.5365" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  203.543533][T17147] loop0: detected capacity change from 0 to 2048
[  203.550868][T17147] EXT4-fs: Ignoring removed nobh option
[  203.566200][T17147] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.596562][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.843825][T17164] netlink: 'syz.7.5379': attribute type 4 has an invalid length.
[  203.928079][T17175] loop3: detected capacity change from 0 to 512
[  203.935240][T17175] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  203.953391][T17175] EXT4-fs (loop3): 1 truncate cleaned up
[  203.959822][T17175] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.996427][T17180] loop7: detected capacity change from 0 to 512
[  204.007019][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.009583][T17180] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  204.030827][T17185] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5385'.
[  204.041204][T17180] EXT4-fs (loop7): 1 truncate cleaned up
[  204.063411][T17180] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.084538][T17190] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5389'.
[  204.127445][T17197] netlink: 'syz.6.5392': attribute type 13 has an invalid length.
[  204.142616][ T8647] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.164051][T17197] gretap0: refused to change device tx_queue_len
[  204.179566][T17197] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  204.186879][T17202] netlink: 'syz.2.5393': attribute type 4 has an invalid length.
[  204.268552][T17211] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5398'.
[  204.393280][T17232] netlink: 'syz.2.5407': attribute type 13 has an invalid length.
[  204.423142][T17232] gretap0: refused to change device tx_queue_len
[  204.432468][T17232] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  204.784955][T17268] netlink: 'syz.0.5422': attribute type 13 has an invalid length.
[  204.796920][T17268] gretap0: refused to change device tx_queue_len
[  204.804010][T17268] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  204.929649][ T3387] kernel read not supported for file /vga_arbiter (pid: 3387 comm: kworker/1:3)
[  205.138331][T17319] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5448'.
[  205.221566][T17336] loop0: detected capacity change from 0 to 512
[  205.235956][T17336] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  205.246348][T17331] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5453'.
[  205.271085][T17336] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  205.361616][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  205.438689][T17358] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5456'.
[  205.694085][T17354] netlink: 'syz.2.5458': attribute type 13 has an invalid length.
[  205.705968][T17354] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  205.898721][T17386] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.911370][T17386] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.462429][T17417] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  206.501546][T17422] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5486'.
[  206.521249][T17417] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  206.585973][T17417] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  206.675729][T17417] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  206.731576][T17417] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  206.743183][T17417] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  206.757488][T17417] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  206.777228][T17417] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  206.849144][T17449] 9pnet_fd: Insufficient options for proto=fd
[  206.859653][T17451] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17451 comm=syz.3.5501
[  206.872381][T17451] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17451 comm=syz.3.5501
[  207.099393][T17474] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5512'.
[  207.141070][T17474] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check.
[  207.448362][T17502] loop7: detected capacity change from 0 to 512
[  207.455928][T17502] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  207.484733][T17502] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  207.515534][T17511] loop0: detected capacity change from 0 to 128
[  207.533977][ T8647] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  207.541915][T17511] bio_check_eod: 43 callbacks suppressed
[  207.541932][T17511] syz.0.5527: attempt to access beyond end of device
[  207.541932][T17511] loop0: rw=0, sector=121, nr_sectors = 120 limit=128
[  207.586456][T12082] kworker/u8:21: attempt to access beyond end of device
[  207.586456][T12082] loop0: rw=1, sector=241, nr_sectors = 800 limit=128
[  207.607973][T17515] netlink: 'syz.2.5529': attribute type 10 has an invalid length.
[  207.617312][T17515] dummy0: left promiscuous mode
[  207.624310][T17515] team0: Port device dummy0 added
[  207.633179][T17515] netlink: 'syz.2.5529': attribute type 10 has an invalid length.
[  207.647523][T17515] team0: Port device dummy0 removed
[  207.654099][T17515] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  207.681255][ T4267] kernel read not supported for file /vga_arbiter (pid: 4267 comm: kworker/1:8)
[  207.692315][   T29] kauditd_printk_skb: 111 callbacks suppressed
[  207.692329][   T29] audit: type=1400 audit(734.673:6120): avc:  denied  { ioctl } for  pid=17522 comm="syz.2.5531" path="socket:[52466]" dev="sockfs" ino=52466 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  207.723253][   T29] audit: type=1400 audit(734.673:6121): avc:  denied  { bind } for  pid=17522 comm="syz.2.5531" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  207.742033][   T29] audit: type=1326 audit(734.683:6122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.3.5533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  207.765510][   T29] audit: type=1326 audit(734.683:6123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.3.5533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  207.788428][   T29] audit: type=1326 audit(734.683:6124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.3.5533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  207.811929][   T29] audit: type=1326 audit(734.683:6125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.3.5533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  207.835451][   T29] audit: type=1326 audit(734.683:6126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.3.5533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  207.858957][   T29] audit: type=1326 audit(734.683:6127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.3.5533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  207.882641][   T29] audit: type=1326 audit(734.683:6128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.3.5533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  207.906075][   T29] audit: type=1326 audit(734.693:6129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.3.5533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  207.977644][T17536] netlink: 5 bytes leftover after parsing attributes in process `syz.2.5538'.
[  207.987409][T17536] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  207.994733][T17536] 0ªî{X¹¦: entered allmulticast mode
[  208.000515][T17536] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  208.072847][T17541] loop2: detected capacity change from 0 to 512
[  208.085917][T17541] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  208.107580][T17541] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  208.138004][T17545] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5542'.
[  208.169284][ T8530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  208.397515][T17570] netlink: 176 bytes leftover after parsing attributes in process `syz.6.5553'.
[  208.429595][T17568] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.438357][T17568] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.587232][T17580] loop3: detected capacity change from 0 to 512
[  208.626630][T17580] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.655833][T17580] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.5558: corrupted inode contents
[  208.669857][T17580] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.5558: mark_inode_dirty error
[  208.689028][T17580] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.5558: corrupted inode contents
[  208.701484][T17591] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.726131][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.795803][T17591] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.842079][T17600] netlink: 'syz.3.5565': attribute type 10 has an invalid length.
[  208.853548][T17600] dummy0: left promiscuous mode
[  208.872674][T17600] team0: Port device dummy0 added
[  208.883217][T17600] netlink: 'syz.3.5565': attribute type 10 has an invalid length.
[  208.903931][T17600] team0: Port device dummy0 removed
[  208.912237][T17600] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  208.946240][T17591] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.005788][T17591] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.242233][T17591] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  209.268157][T17609] loop2: detected capacity change from 0 to 512
[  209.277762][T17591] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  209.304469][T17591] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  209.332550][T17591] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  209.385251][T17609] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.519095][T17626] netlink: 176 bytes leftover after parsing attributes in process `syz.0.5578'.
[  209.528684][T17609] loop2: detected capacity change from 512 to 64
[  209.555933][ T8530] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz-executor: invalid indirect mapped block 1280 (level 0)
[  209.595211][ T8530] EXT4-fs error (device loop2): ext4_lookup:1787: inode #14: comm syz-executor: unexpected EA_INODE flag
[  209.607333][T17631] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5580'.
[  209.625669][ T8530] EXT4-fs error (device loop2): ext4_lookup:1787: inode #14: comm syz-executor: unexpected EA_INODE flag
[  209.670261][ T8645] kworker/u8:12: attempt to access beyond end of device
[  209.670261][ T8645] loop2: rw=1, sector=88, nr_sectors = 2 limit=64
[  209.683703][ T8645] EXT4-fs warning (device loop2): ext4_end_bio:372: I/O error 10 writing to inode 15 starting block 44)
[  209.694970][ T8645] Buffer I/O error on device loop2, logical block 44
[  209.727754][T14975] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.841646][T17618] netlink: 'syz.6.5575': attribute type 13 has an invalid length.
[  209.867804][T17618] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  209.984854][T12083] batman_adv: batadv0: Removing interface: ip6gretap1
[  210.068037][T12083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.079650][T12083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.092165][T12083] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  210.104362][T12083] bond0 (unregistering): Released all slaves
[  210.121911][T12083] bond1 (unregistering): Released all slaves
[  210.278614][T12083] hsr_slave_0: left promiscuous mode
[  210.284502][T12083] hsr_slave_1: left promiscuous mode
[  210.297966][T12083] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.315656][T12083] batman_adv: batadv0: Removing interface: ipvlan2
[  210.326425][T12083] pim6reg9 (unregistering): left allmulticast mode
[  210.400021][T12083] team0 (unregistering): Port device team_slave_1 removed
[  210.414733][T12083] team0 (unregistering): Port device team_slave_0 removed
[  210.558083][T17639] chnl_net:caif_netlink_parms(): no params data found
[  210.660317][T17639] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.668019][T17639] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.675315][T17639] bridge_slave_0: entered allmulticast mode
[  210.681772][T17639] bridge_slave_0: entered promiscuous mode
[  210.688621][T17639] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.696320][T17639] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.703753][T17639] bridge_slave_1: entered allmulticast mode
[  210.710215][T17639] bridge_slave_1: entered promiscuous mode
[  210.732326][T17639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.758708][T17639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.805550][T17639] team0: Port device team_slave_0 added
[  210.812214][T17639] team0: Port device team_slave_1 added
[  210.843534][T17639] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.850605][T17639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.877251][T17639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.936229][T17639] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.943214][T17639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.969710][T17639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.057729][T17639] hsr_slave_0: entered promiscuous mode
[  211.077279][T17639] hsr_slave_1: entered promiscuous mode
[  211.083152][T17639] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  211.097287][T17639] Cannot create hsr debugfs directory
[  211.111860][T17679] netlink: 'syz.0.5595': attribute type 13 has an invalid length.
[  211.240995][T17690] loop3: detected capacity change from 0 to 512
[  211.264165][T17690] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  211.298172][T17690] EXT4-fs (loop3): 1 truncate cleaned up
[  211.321566][T17690] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.402080][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.487772][T17639] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  211.488753][T17720] netlink: 'syz.7.5614': attribute type 3 has an invalid length.
[  211.519638][T17639] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  211.540946][T17639] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  211.557889][T17639] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  211.570073][T17724] netlink: 'syz.7.5616': attribute type 10 has an invalid length.
[  211.588969][T17724] dummy0: left allmulticast mode
[  211.599263][T17724] dummy0: left promiscuous mode
[  211.604355][T17724] bridge0: port 5(dummy0) entered disabled state
[  211.617894][T17724] team0: Port device dummy0 added
[  211.641325][T17724] netlink: 'syz.7.5616': attribute type 10 has an invalid length.
[  211.651081][T17724] team0: Port device dummy0 removed
[  211.660459][T17724] : (slave dummy0): Enslaving as an active interface with an up link
[  211.689682][T17639] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.720882][T17639] 8021q: adding VLAN 0 to HW filter on device team0
[  211.739600][ T8645] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.746750][ T8645] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.782015][T12166] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.789171][T12166] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.877860][T17755] 9pnet_fd: Insufficient options for proto=fd
[  211.921410][T17639] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.106512][T17786] netlink: 'syz.7.5634': attribute type 13 has an invalid length.
[  212.142847][T17639] veth0_vlan: entered promiscuous mode
[  212.153091][T17639] veth1_vlan: entered promiscuous mode
[  212.190159][T17639] veth0_macvtap: entered promiscuous mode
[  212.202730][T17639] veth1_macvtap: entered promiscuous mode
[  212.214162][T17639] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.223641][T17639] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.269213][T17639] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.278089][T17639] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.286909][T17639] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.295710][T17639] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.408609][T17819] loop0: detected capacity change from 0 to 512
[  212.429773][T17819] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.467844][T17819] EXT4-fs (loop0): shut down requested (0)
[  212.497031][ T8293] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.586789][T17835] loop5: detected capacity change from 0 to 512
[  212.594863][T17835] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  212.628994][T17835] EXT4-fs (loop5): 1 truncate cleaned up
[  212.639472][T17835] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.691008][T17639] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.849194][   T29] kauditd_printk_skb: 93 callbacks suppressed
[  212.849213][   T29] audit: type=1326 audit(739.823:6223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17857 comm="syz.3.5663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  212.879378][   T29] audit: type=1326 audit(739.823:6224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17857 comm="syz.3.5663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  212.902437][   T29] audit: type=1326 audit(739.823:6225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17857 comm="syz.3.5663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  212.925489][   T29] audit: type=1326 audit(739.823:6226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17857 comm="syz.3.5663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  212.931878][T17861] loop3: detected capacity change from 0 to 512
[  212.949052][   T29] audit: type=1326 audit(739.823:6227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17857 comm="syz.3.5663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  212.978065][   T29] audit: type=1326 audit(739.823:6228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17857 comm="syz.3.5663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  212.981085][T17861] EXT4-fs (loop3): orphan cleanup on readonly fs
[  213.001773][   T29] audit: type=1326 audit(739.833:6229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17857 comm="syz.3.5663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8c607e9a9 code=0x7ffc0000
[  213.012212][T17861] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5664: bg 0: block 248: padding at end of block bitmap is not set
[  213.045546][T17861] Quota error (device loop3): write_blk: dquota write failed
[  213.052940][T17861] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  213.062886][T17861] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.5664: Failed to acquire dquot type 1
[  213.074936][T17861] EXT4-fs (loop3): 1 truncate cleaned up
[  213.081240][T17861] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  213.118405][ T5603] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.261601][T17878] rdma_op ffff888124e41980 conn xmit_rdma 0000000000000000
[  213.262417][   T29] audit: type=1400 audit(740.233:6230): avc:  denied  { create } for  pid=17876 comm="syz.6.5671" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  213.373949][T17881] SELinux: failed to load policy
[  213.415165][T17901] loop5: detected capacity change from 0 to 1024
[  213.422063][T17901] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  213.433173][T17901] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  213.444354][T17901] JBD2: no valid journal superblock found
[  213.450215][T17901] EXT4-fs (loop5): Could not load journal inode
[  213.877011][T17944] loop7: detected capacity change from 0 to 8192
[  214.013387][T17949] ==================================================================
[  214.021521][T17949] BUG: KCSAN: data-race in fat16_ent_put / fat_mirror_bhs
[  214.028664][T17949] 
[  214.030994][T17949] write to 0xffff888107684e60 of 2 bytes by task 17944 on cpu 0:
[  214.038720][T17949]  fat16_ent_put+0x28/0x60
[  214.043147][T17949]  fat_alloc_clusters+0x4ce/0xa80
[  214.048183][T17949]  fat_get_block+0x258/0x5e0
[  214.052787][T17949]  __block_write_begin_int+0x3fd/0xf90
[  214.058266][T17949]  cont_write_begin+0x5fc/0x970
[  214.063150][T17949]  fat_write_begin+0x4f/0xe0
[  214.067757][T17949]  cont_write_begin+0x1ad/0x970
[  214.072636][T17949]  fat_write_begin+0x4f/0xe0
[  214.077237][T17949]  generic_cont_expand_simple+0xb0/0x150
[  214.082886][T17949]  fat_cont_expand+0x3e/0x170
[  214.087572][T17949]  fat_fallocate+0x177/0x1c0
[  214.092175][T17949]  vfs_fallocate+0x413/0x450
[  214.096770][T17949]  __x64_sys_fallocate+0x7a/0xd0
[  214.101717][T17949]  x64_sys_call+0x2b88/0x2fb0
[  214.106405][T17949]  do_syscall_64+0xd2/0x200
[  214.110914][T17949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.116839][T17949] 
[  214.119183][T17949] read to 0xffff888107684e00 of 512 bytes by task 17949 on cpu 1:
[  214.127098][T17949]  fat_mirror_bhs+0x1df/0x320
[  214.131801][T17949]  fat_ent_write+0xd0/0xe0
[  214.136230][T17949]  fat_chain_add+0x15b/0x3f0
[  214.140833][T17949]  fat_get_block+0x46c/0x5e0
[  214.145438][T17949]  __block_write_begin_int+0x3fd/0xf90
[  214.150924][T17949]  cont_write_begin+0x5fc/0x970
[  214.155801][T17949]  fat_write_begin+0x4f/0xe0
[  214.160407][T17949]  cont_write_begin+0x1ad/0x970
[  214.165281][T17949]  fat_write_begin+0x4f/0xe0
[  214.169903][T17949]  generic_cont_expand_simple+0xb0/0x150
[  214.175576][T17949]  fat_cont_expand+0x3e/0x170
[  214.180280][T17949]  fat_setattr+0x2a5/0x8a0
[  214.184722][T17949]  notify_change+0x806/0x890
[  214.189330][T17949]  do_ftruncate+0x34b/0x450
[  214.193848][T17949]  __x64_sys_ftruncate+0x68/0xc0
[  214.198798][T17949]  x64_sys_call+0xd65/0x2fb0
[  214.204231][T17949]  do_syscall_64+0xd2/0x200
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  214.208751][T17949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.214674][T17949] 
[  214.217013][T17949] Reported by Kernel Concurrency Sanitizer on:
[  214.223267][T17949] CPU: 1 UID: 0 PID: 17949 Comm: syz.7.5700 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  214.235781][T17949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/19/2025
[  214.245849][T17949] ==================================================================
[  214.906616][T12166] batadv2: left allmulticast mode
[  214.911669][T12166] batadv2: left promiscuous mode
[  214.916800][T12166] bridge0: port 4(batadv2) entered disabled state
[  214.923817][T12166] batadv1: left allmulticast mode
[  214.928943][T12166] batadv1: left promiscuous mode
[  214.934078][T12166] bridge0: port 3(batadv1) entered disabled state
[  214.941879][T12166] bridge_slave_1: left allmulticast mode
[  214.947946][T12166] bridge_slave_1: left promiscuous mode
[  214.953594][T12166] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.961374][T12166] bridge_slave_0: left allmulticast mode
[  214.967082][T12166] bridge_slave_0: left promiscuous mode
[  214.972766][T12166] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.992031][T12166] bond1 (unregistering): (slave gretap1): Releasing active interface
[  215.116359][T12166] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  215.126161][T12166] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  215.135326][T12166] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  215.143723][T12166] bond0 (unregistering): Released all slaves
[  215.151663][T12166] bond1 (unregistering): Released all slaves
[  215.159931][T12166] bond2 (unregistering): Released all slaves
[  215.186341][T12166] tipc: Left network mode
[  215.191496][T12166] IPVS: stopping backup sync thread 11704 ...
[  215.211515][T12166] hsr_slave_0: left promiscuous mode
[  215.217359][T12166] hsr_slave_1: left promiscuous mode
[  215.222851][T12166] batman_adv: batadv0: Removing interface: batadv_slave_0
[  215.230702][T12166] batman_adv: batadv0: Removing interface: batadv_slave_1
[  215.238230][T12166] batman_adv: batadv0: Removing interface: ipvlan2
[  215.270253][T12166] team0 (unregistering): Port device team_slave_1 removed
[  215.279495][T12166] team0 (unregistering): Port device team_slave_0 removed
[  216.250258][T12082] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.297291][T12082] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.346933][T12082] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.417206][T12082] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.496669][T12082] bridge_slave_1: left allmulticast mode
[  216.502329][T12082] bridge_slave_1: left promiscuous mode
[  216.508069][T12082] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.516255][T12082] bridge_slave_0: left allmulticast mode
[  216.521897][T12082] bridge_slave_0: left promiscuous mode
[  216.527615][T12082] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.596836][T12082] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  216.607184][T12082] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  216.616566][T12082] bond0 (unregistering): Released all slaves
[  216.683305][T12082] hsr_slave_0: left promiscuous mode
[  216.688858][T12082] hsr_slave_1: left promiscuous mode
[  216.694555][T12082] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.702038][T12082] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.710296][T12082] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.718185][T12082] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.729473][T12082] veth1_macvtap: left promiscuous mode
[  216.734984][T12082] veth0_macvtap: left promiscuous mode
[  216.740599][T12082] veth1_vlan: left promiscuous mode
[  216.746331][T12082] veth0_vlan: left promiscuous mode
[  216.803332][T12082] team0 (unregistering): Port device team_slave_1 removed
[  216.813462][T12082] team0 (unregistering): Port device team_slave_0 removed