last executing test programs:

1m7.210449345s ago: executing program 1 (id=179):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000001a80)=""/4112, 0x1010}], 0x1)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, 0x0, 0x0)

1m7.172547676s ago: executing program 0 (id=180):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xe)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc, 0x0, 0x4001}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000003080)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=@delchain={0x24, 0x11, 0x1, 0x20, 0x0, {0x0, 0x0, 0x0, r4, {}, {0x4}, {0x0, 0x5}}}, 0x24}}, 0x0)

1m7.078768608s ago: executing program 0 (id=183):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0xe22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff000000000000000458000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)

1m7.061787208s ago: executing program 0 (id=185):
timerfd_create(0x1, 0x80800)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val={'init_itable', 0x3d, 0x4}}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6e}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000000)=ANY=[], 0xfe37, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

1m7.016406769s ago: executing program 1 (id=187):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5e8, &(0x7f0000001200)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJp4zdzOlP6Y2x+X207T+XySS2fOmeGc4fLtOXPuOXMDqKzB9I9axMGImE4i+pP5xbzOyDIHF4579OdH59NXEvX6a78nkWRp+fFJ9rMvO7knIn78IYkDHavLnZm7cXl8amryerY/PHtlenhm7sbRS1fGL05enLw6+sLoqZMnTp4aOdbSdd0sSDt7+933+z8Ze/Obr/5KRr79ZSyJ0/FyduDS62iXwRhs/Jskq7P6TrW7sJJ0ZP9Plr7FSWeJFWJT8vevKyL+F/3REY/fvP74+JVSKwdsqXoSUQcqKhH/UFF5PyC/t195H1wrpVcCbIeHZxYGAFbHf+fC2GD0NMYG9j5KYumwThIRrY3MLbcvIu7fG7t94d7Y7diicTig2PytiPh/UfwnjfgfiJ4YaMR/bVn8p/2Cc9nPNP3VFstfOVQs/mH7LMR/z5rxH03i/60l8f92i+UPPt58p3dZ/Pe2ekkAAAAAAABQWXfPRMTzRZ//1xbn/0TB/J++iDjdhvIHV+yv/vy/9qANxQAFHp6JeKlw/m8tn/070JFt/asxH6AruXBpavJYRPw7Io5E1550f2SNMo5+euDLZnmD2fy//JWWfz+bC5jV40HnnuXnTIzPjj/pdQMRD29FPFU4/zdZbP+TgvY//X0wvcEyDjx751yzvPXjH9gq9a8jDhe2/4+fWpGs/XyO4UZ/YDjvFaz29Ieffdes/Fbj3yMm4Mml7f/eteN/IFn6vJ6ZzZdxfK6z3iyv1f5/d/J645Ez3VnaB+Ozs9dHIrqTsx1p6rL00c3XGXajPB7yeEnj/8gza4//FfX/eyNifsXfnfyxfE1x7r9/9/3arD76/1CeNP4nNtX+b35j9M7A983K31j7f6LR1h/JUoz/wYIv8jDtXp5eEI6dRVnbXV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A1qEbEvktrQ4natNjQU0RcR/4m9talrM7PPXbj23tWJNK/x/f+1/Jt++xf2k/z7/weW7I+u2D8eEfsj4vOO3sb+0PlrUxNlXzwAAAAAAAAAAAAAAAAAAADsEH1N1v+nfusou3bAlussuwJAaQri/6cy6gFsP+0/VJf4h+oS/1Bd4h+qq8X472p3PYDtp/2H6hL/UF3iHwAAAAAAdpX9h+7+nETE/Iu9jVeqO8szvwd2t1rZFQBK4xE/UF2m/kB1uccHknXye5qetN6Za5k+/wQnAwAAAAAAAAAAAEDlHD5o/T9UlfX/UF3W/0N15ev/D5VcD2D7uccHYp2V/IXr/9c9CwAAAAAAAAAAAABop5m5G5fHp6Ymr9t4Y2dUox0b6Tu7kYPr9frNxrEtlbVnB1zpjtrIp8LvlPqs2MjX+m3srNJ+JQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACv8EwAA//8IGSKz")
prctl$PR_SET_NAME(0xf, &(0x7f0000000a40)='GPL\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x5}, 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

1m6.94547862s ago: executing program 0 (id=188):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x1adc51, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x1389899, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x88f8d2, 0x0)

1m6.880505732s ago: executing program 0 (id=194):
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
close(r0)

1m6.587293397s ago: executing program 1 (id=197):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x457)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
syz_io_uring_setup(0xbc3, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a32000000002c0003800800014000000000180003801400010076657468315f00005f626f6e64000000080002400000000064000000160a0101000b000000000000010000000900020073797a32000000000900010073797a3000000000300003802c0003801400010067656e657665300000000000000000001400010076657468315f"], 0x104}}, 0x0)

1m6.533454828s ago: executing program 0 (id=199):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffd}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x2006, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)

1m6.532901618s ago: executing program 1 (id=200):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x221)

1m6.496707819s ago: executing program 32 (id=199):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffd}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x2006, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)

1m6.471155849s ago: executing program 1 (id=204):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r2 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x402)
r3 = socket$unix(0x1, 0x5, 0x0)
connect$unix(r3, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r2, 0x0, 0x0)

1m6.221736304s ago: executing program 1 (id=206):
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1, 0x2, {0x0, 0x0, 0x4}, 0x1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r3=>0x0})
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r3}, 0x18)
sendmsg$can_j1939(r4, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x101, 0x70bd25, 0x100000, {0x0, 0x0, 0x74, r3, {0xa, 0x8}, {0x5, 0xfff3}, {0xfff1, 0x6}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x40}, 0xc4)

1m6.221525114s ago: executing program 33 (id=206):
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1, 0x2, {0x0, 0x0, 0x4}, 0x1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r3=>0x0})
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r3}, 0x18)
sendmsg$can_j1939(r4, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x101, 0x70bd25, 0x100000, {0x0, 0x0, 0x74, r3, {0xa, 0x8}, {0x5, 0xfff3}, {0xfff1, 0x6}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x40}, 0xc4)

25.376544961s ago: executing program 3 (id=1048):
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2, 0x1, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b98600"/14, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

24.730674673s ago: executing program 3 (id=1060):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000007c0), r3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000800)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000000)={0x24, r4, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x40)
syz_open_dev$tty20(0xc, 0x4, 0x1)
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)={0x24, r4, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x8040}, 0x40)

24.686296254s ago: executing program 3 (id=1063):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
fcntl$dupfd(r0, 0x0, r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f00000000c0)={0x802}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c"], 0x20}}, 0x0)

24.663431975s ago: executing program 3 (id=1065):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080), 0x1, 0x561, &(0x7f0000000f80)="$eJzs3U1rG0cfAPD/ylbenycOhNCWUgw9NCWNHNt9SaGH9NyGBtp7KuyNCZajYMkhdgNNDs25hF5KA6X30nOPoV+gh36GQBsIJZj20IvLyivFL5ItJ7KtVL8frJnZXWl2NPsfz2gkFMDAGs3+FCJejoivk4jjEZHkx4YjPzi6et7yk1tT2ZbEysqnfyaN87J887majzuaZ16KiF++ijhT2FxubXFptlyppPN5fqw+d32strh09upceSadSa9NTE6ef2dy4v333u1ZXd+89Pe3nzwYynMn7iVxIY7lubX1eA6312ZGYzR/TYpxYcOJ4z0orJ8kbff+tOfXwc4M5XFejKwPOB5DedQD/31fRsQKMKCSHcf/b8XduRJgbzXHAc25fY/mwS+Mxx+uToA213949b2RONSYGx1ZTtbNjLL57kgPys/K+PmP+/eyLXr3PgTAtm7fiYhzw8Ob+78k7/+e3bkuztlYhv4P9s6DbPzzVrvxT6E1/ok245+jbWL3WWwf/4VHPSimo2z890Hb8W9r0WpkKM/9rzHmKyZXrlbSrG/7f0ScjuLBLL/Ves755YcrnY6tHf9lW1Z+cyyYX8ej4YPrHzNdrpefp85rPb4T8Urb8W/Sav+kTftnr8elLss4ld5/rdOx7eu/u1Z+iHijbfs/XdFKtl6fHGvcD2PNu2Kzv+6e+rVT+ftd/6z9j2xd/5Fk7XptbedlfH/onzRa68nrrat/dH//H0g+a6QP5Ptuluv1+fGIA8nHrf2F5v6Jp49t5pvnZ/U//frW/V+7+/9wRHzeZf3vnvzx1U7H+qH9p9u2f2t2u6H9d554+NEX33Uqv7v+7+1G6nS+p5v+r9sLfJ7XDgAAAAAAAPpNISKORVIotdKFQqm0+vmOk3GkUKnW6meuVBeuTUfju7IjUSw0V7qPr/k8xHi+YtjMT2zIT0bEiYj4ZuhwI1+aqlam97vyAAAAAAAAAAAAAAAAAAAA0CeOdvj+f+b3of2+OmDX+clvGFzbxn8vfukJ6Ev+/8PgEv8wuMQ/DC7xD4NL/MPgEv8wuMQ/DC7xDwAAAAAAAAAAAAAAAAAAAAAAAAAAAD116eLFbFtZfnJrKstP31hcmK3eODud1mZLcwtTpanq/PXSTLU6U0lLU9W57Z6vUq1eH5+IhZtj9bRWH6stLl2eqy5cq1++OleeSS+nxT2pFQAAAAAAAAAAAAAAAAAAALxYaotLs+VKJZ2XkHimxHB/XIZEjxP73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFP/BgAA//9q6zMB")
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000009000000000000000200000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000014b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='tlb_flush\x00', r3}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
syz_clone(0x200, &(0x7f0000000000)="aefb2712cddc0ed1115362254588d0c6", 0x10, 0x0, 0x0, 0x0)

24.527953477s ago: executing program 3 (id=1067):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r3}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

23.905767509s ago: executing program 3 (id=1081):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x10000})
setrlimit(0x40000000000008, &(0x7f0000000000))
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000600)={0x200000000000001, 0x3}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0xc880, &(0x7f0000000540)={0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @empty}, 0x8}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)='\x00', 0x1}], 0x1}}], 0x2, 0x404c484)

23.905633559s ago: executing program 34 (id=1081):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x10000})
setrlimit(0x40000000000008, &(0x7f0000000000))
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000600)={0x200000000000001, 0x3}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0xc880, &(0x7f0000000540)={0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @empty}, 0x8}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)='\x00', 0x1}], 0x1}}], 0x2, 0x404c484)

9.962008528s ago: executing program 6 (id=1474):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_tcp_buf(r1, 0x6, 0xb, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, 0x0, 0x0)
bind$inet6(r2, 0x0, 0x0)

9.929713288s ago: executing program 6 (id=1477):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
capset(&(0x7f0000000380)={0x20071026}, &(0x7f0000000040))
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r2, &(0x7f0000000040)=ANY=[], 0x6)

9.869968879s ago: executing program 6 (id=1478):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_io_uring_setup(0x4e0, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400252}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='sched_switch\x00', r4, 0x0, 0x80000000000001}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_READ=@pass_buffer={0x16, 0x2, 0x2000, @fd, 0x9, 0x0, 0x0, 0x2})
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0)

9.548861466s ago: executing program 6 (id=1483):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x30)
open(0x0, 0x141bc2, 0x1c0)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f0000000dc0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000100)=[{&(0x7f0000002100)=""/4096, 0x1000}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

9.432201998s ago: executing program 6 (id=1484):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0xffffffffffffff3c, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r1, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0)

8.833045179s ago: executing program 6 (id=1502):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
openat$selinux_status(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x7, &(0x7f0000002400)=<r3=>0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
io_submit(r3, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r2, &(0x7f0000000040)="5c00ffff0000", 0x6, 0x0, 0x0, 0x2}])

8.832816799s ago: executing program 35 (id=1502):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
openat$selinux_status(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x7, &(0x7f0000002400)=<r3=>0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
io_submit(r3, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r2, &(0x7f0000000040)="5c00ffff0000", 0x6, 0x0, 0x0, 0x2}])

6.663700711s ago: executing program 8 (id=1503):
open(&(0x7f0000000080)='./file0\x00', 0x108242, 0x124)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0x8, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
open(&(0x7f00000001c0)='./file0\x00', 0x300, 0x40)

6.560309593s ago: executing program 8 (id=1540):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x2bc3c1f, 0xffffffffffffffff, 0x7, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000500)='./file0/../file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x1000, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x525, &(0x7f0000000100)="$eJzs3c9vG1kdAPCv3fxw03SThT0sCNiyLBRU1U7c3Wi1B1guSGi1WqRlTwh1o8SNothxFDulCZFIJW5ckajECf4EDkgckHrizg1uXIoEUoGKqkFCyGjscZo4dhM1cdzGn4808ps3k/l+n6V5L37+8QIYWlciYicixiLi04iYSusz6Rbvt7bkvCePthd2H20vZKLR+PifI+mZ2wvt89supdfMRXyU7I93iVvb3FqZL5dL6+l+oV5ZK9Q2t64vV+aXSkul1WJxbnZu5t0b7xRPra1vVH7z8DvLH3zy+9998cEfd77x4yTnb7UOjSVtO7VA+7Sel9GY3FeXPHMf9CPYAFxI2zM26ER4LtmI+ExEvJmW9+QGlxMA0F+NxlQ0pvbv95Y5xjkAwIsvec0/GZlsPn39PxnZbD7fnMPLvRYT2XK1Vr92q7qxuhjNOazpGM3eWi6XZtK5wukYzST7s83y0/1ix/6NiHg1In4+frG5n1+olhcH9U8PAAy5Sx3j/+Px1vh/DN4hAICXmZEcAIbP4fF/dCB5AABnx+t/ABg++8b/bt/VBQDOoVzHd/8BgPPvyPn/1+MnPzybVACAM+L9fwAYKt/78MNka+ymv3+9eHtzY6V6+/piqbaSr2ws5Beq62v5pWp1qfmbPZWjrleuVtdm346NO4V6qVYv1Da3blaqG6v1m83f9b5Z8sUCABi8V9+4/+dMROy8d7G5RXstBx8IgHPPbQ7D68KgEwAGZmTQCQADYz4eyBxxvOdHhO71/puLJ8gH6L+rn+sx/9/tf4O7e6X/Nc4uRaBPzP/D8DrZ/L/ZA3iZmf+H4dVoZKznDwBD5hiv4H1EEM65537/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYZHPLZPPpWuCTkc3m8xGXI2I6RjO3lsulmYh4JSL+ND46nuzPDjppAOCEsn/PpOt/XZ16a7Lz6FjmP+PNx4j40S8//sWd+Xp9fTap/9deff1eWl/sGmC8/20AAPYZ6axoj9Ptcby9vu+TR9sL7e0sE3z47dbioknc3XRrp95KPhejETHx78yBxmROaWHinbsR8Xpn+7N7x6fTlU874yexL/ctfjRbOHkgfvZA/GzzWOsxeS4+ewq5wLC5n/Q/73e7/7JxpfmY3n+Zg51pLn52uHN9Du3+b7fR2f+17vePLueafU23/u/KcWO8/Yfv9jx290Lj8yMRu4f63/aK0LlmqVv8t7pd8KfffLzRUfWXL3zpzV7xG7+KuBrPit8qFeqVtUJtc+v6cmV+qbRUWi0W52bnZt698U6x0JyjLrRnqg/7x3vXXund/oiJHvFzR7T/q70u2uHX//30B19+Rvyvf6Vb/Gy89oz4yZj4tWPGn5/4bc/lu5P4iz3aP3Ig/tiBv0vqrh0z/oO/bi0e81QA4AzUNrdW5svl0rrCSQu5fl350gvSQIUehb99cuCeGng+p1IYWJcEnJGnN/2gMwEAAAAAAAAAAAAAAHqpfT/9yb8+fhlu0G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/Pp/AAAA///RQMtW")

6.233965949s ago: executing program 8 (id=1547):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @dev}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="8e42b7", 0x3}], 0x1}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)='\x00', 0x1}], 0x1}}], 0x2, 0x4008cc1)

5.008300863s ago: executing program 8 (id=1571):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
mount(&(0x7f0000000640)=@filename='./file0\x00', &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,')
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000002240)='./file0\x00', 0x40000, &(0x7f0000000240)=ANY=[], 0x1, 0x2c4, &(0x7f0000000a00)="$eJzs3UFrI1UcAPD/pMkkXQ/JwZMIDujB07Ldq5cU6YLYk9KDerG4uyBJEXah4CoGD+LVi0c/gSB483MIfgDBD+DNHhaeTGaGJN1M04DZdenvd0j+nff+7/3fvDQtlLx++vrZ5H4RD7/9+s8YDLLojGMcF1mMohONlFKKhfEPAQC8zC5Sir9T5Zop4/IhixgMdlsaALAjW//8/3XnJQEAO/bhRx+/f3h8fPRBUQzi3tn35ydZRJTPVfvhw/g8pvEg7sQwnlZ/C2h+Wygf76WUZt2iNIq3zmbnJ52V8Q+b4CCGMZpHq/nvHR8dFJUqv5y5fM7iVj3/uJz/bgzj1dX5o86/uyY/TvJ4+82l+m/HMH7/LL6Iadyfpy7m/+agKN5NP/7z1SdleWV+Njs/6c/7LaS957EfAAAAAAAAAAAAAAAAAAAAAADcDLfrs3P6MT+/p7xUn7+z97T8ohdFY7R6Pk/ERXUOcOXS+UCzFD+l1O9GHB/dKYoi1R0X+d14rRvdF7ZwAAAAAAAAAAAAAAAAAAAA+B95/OWTyel0+uDRmuCPWxEtTS1BcxpA87H+DVl7bU3jpStvxJPJab99wKWmTh22Tbq/tPCy1iuXE91eM/Joq5uwfbDfVvPPv2w74GBzn17r/WkJvouI7cpobvLkNIu1ffrlgL3yyqDZ09+W++Rxzbnytqa0+eW3FORrm4Zbb2X+yjyYXdEnsqsKe+ev6s7VV7LLq8jb96K3dBrH+tfG+r1oCZ59r8jm39b5f/PGAwAAAAAAAAAAAAAAAAAAPGPxod/LLfubUjupv7OyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC5Wvz//y2CWZ18jc55PHr8gpcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfBvAAAA//9VflDv")
unlink(&(0x7f00000002c0)='./file0\x00')
pivot_root(&(0x7f00000001c0)='.\x00', &(0x7f0000002080)='./bus\x00')
r1 = dup2(r0, r0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
ioctl$BLKTRACESETUP(r1, 0x1276, 0x0)

4.987345154s ago: executing program 36 (id=1571):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
mount(&(0x7f0000000640)=@filename='./file0\x00', &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,')
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000002240)='./file0\x00', 0x40000, &(0x7f0000000240)=ANY=[], 0x1, 0x2c4, &(0x7f0000000a00)="$eJzs3UFrI1UcAPD/pMkkXQ/JwZMIDujB07Ldq5cU6YLYk9KDerG4uyBJEXah4CoGD+LVi0c/gSB483MIfgDBD+DNHhaeTGaGJN1M04DZdenvd0j+nff+7/3fvDQtlLx++vrZ5H4RD7/9+s8YDLLojGMcF1mMohONlFKKhfEPAQC8zC5Sir9T5Zop4/IhixgMdlsaALAjW//8/3XnJQEAO/bhRx+/f3h8fPRBUQzi3tn35ydZRJTPVfvhw/g8pvEg7sQwnlZ/C2h+Wygf76WUZt2iNIq3zmbnJ52V8Q+b4CCGMZpHq/nvHR8dFJUqv5y5fM7iVj3/uJz/bgzj1dX5o86/uyY/TvJ4+82l+m/HMH7/LL6Iadyfpy7m/+agKN5NP/7z1SdleWV+Njs/6c/7LaS957EfAAAAAAAAAAAAAAAAAAAAAADcDLfrs3P6MT+/p7xUn7+z97T8ohdFY7R6Pk/ERXUOcOXS+UCzFD+l1O9GHB/dKYoi1R0X+d14rRvdF7ZwAAAAAAAAAAAAAAAAAAAA+B95/OWTyel0+uDRmuCPWxEtTS1BcxpA87H+DVl7bU3jpStvxJPJab99wKWmTh22Tbq/tPCy1iuXE91eM/Joq5uwfbDfVvPPv2w74GBzn17r/WkJvouI7cpobvLkNIu1ffrlgL3yyqDZ09+W++Rxzbnytqa0+eW3FORrm4Zbb2X+yjyYXdEnsqsKe+ev6s7VV7LLq8jb96K3dBrH+tfG+r1oCZ59r8jm39b5f/PGAwAAAAAAAAAAAAAAAAAAPGPxod/LLfubUjupv7OyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC5Wvz//y2CWZ18jc55PHr8gpcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfBvAAAA//9VflDv")
unlink(&(0x7f00000002c0)='./file0\x00')
pivot_root(&(0x7f00000001c0)='.\x00', &(0x7f0000002080)='./bus\x00')
r1 = dup2(r0, r0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
ioctl$BLKTRACESETUP(r1, 0x1276, 0x0)

2.525127301s ago: executing program 5 (id=1614):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb000f00000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x20000023896)
close(r0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

2.147082078s ago: executing program 5 (id=1620):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48}, 0x94)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xb, 0xffffffffffffffff, 0x816ac1f4127f23eb)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.012704631s ago: executing program 5 (id=1623):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000885000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x43, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
pwritev(r2, &(0x7f0000000100)=[{0x0, 0x72}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)

1.992626551s ago: executing program 5 (id=1626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x29)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r5 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

1.905728093s ago: executing program 5 (id=1627):
syz_mount_image$ext4(&(0x7f0000002180)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008802, &(0x7f0000000000)={[{@jqfmt_vfsv1}, {@abort}, {@discard}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@data_ordered}, {@mblk_io_submit}, {@usrquota}, {@nodioread_nolock}, {@errors_remount}, {}, {@auto_da_alloc}]}, 0x9, 0x606, &(0x7f0000000600)="$eJzs3c1vVFUbAPDnTD9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFoIUaGiNFk0oCW5MjBtjTFy5EP8LJbJlpW5cuHFlSIgaliaOudM7pdPeaenH9Fbm90uGnnvu3J5zpzxzzj1zzp0A2tZg9k8lYn9ETKeI/jS/uK8z8p2DC8978OeHZ7NHimr1td9TpDyv/vyU/+zLD+6JiB++T7GvY2W5M3PXLo5PTU1ezbeHZy9ND8/MXTt84dL4+cnzk5dHXxg9cfzY8RMjRzZ0XtcL8k7ffOe9/o/H3vz6y7/SyDe/jKU4GS/nT1x6HltlMAZrr0lauavvxFYXVqLOZdtpeQY7Vkf+9+uKiCeiPzqW/DX746NXSq0c0FLVFFEF2lRaR/xnvYVW1gXYTvV+QP3afvl1cKWUXgmwHe6fWhgAWBn/nQtjg9FTGxvY/SA1jPOkiNjYyFyjPRFx987YzXN3xm5Gi8bhgGLzNyLiyaL4T7X4H4ieGKjFf6Uh/rN+wZn8Z5b/6gZ7CsuHisU/bJ+F+O9ZNf6jSfy/tST+395EHfJLkeu9DfHf6+oDAAAAAAAA1un2qYh4vujz/8ri/J8omP/TFxEnt6D8wWXbKz//r9zbgmKAAvdPRbxUOP+3Uv/8faAjT/2nNh+gK527MDV5JCL+GxGHomtXtj2yShmHP9n3RbN9g/n8v/ojK/9uPhcwr8e9zl2Nx0yMD45v9ryBiPs3Ip4qnP+bFtv/VND+Z+8H049Yxr5nb51ptm/t+AdapfpVxMHC9v/hXSvS6vfnGK71B4brvYKVnv7g02+blb/R+HeLCdi8rP3fvXr8D6Sl9+uZWfXXzRdlHp3rrDY7YGP9/9nx7vR67a5C3Xne++Ozs1dHIrrT6Y4styF/dK1XAR4zPxVn1+OhHi9Z/B96ZvXxv6L+f29BsKc/GtcU1/3/775fm1VT/x/Kk8X/xLra//UnRm8NfNes/Edr/4/V2vpDeU7W/rfuFYF/j8/rYdrdmF8Qjp1Fu7a7vgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOKhExJ5IlaHFdKUyNBTRFxH/i92VqSszs8+du/Lu5YlsX+37/yv1b/rtX9hOte//r2Tph9uj0bh9NCL2RsRnHb217aGzV6Ymyj55AAAAAAAAAAAAAAAAAAAA2CH6mqz/z/zWUXbtgJbrLLsCQGkK4v/HMuoBbD/tP7SvDcV/mt/6igDbTvsP7Uv8Q/sS/9C+xD+0L/EP7WrZOH4qqx4AAAAAAMAW2Xvg9s8pIuZf7K09Mt35vq5Sawa0WqXsCgClcYsfaF+m/kH7co0PrDXrt6fpQZuZLzx9dhMHAwAAAAAAAAAAAEDbObjf+n9oV9b/Q/uy/h/aV339/4GS6wFsP9f4QKyxkr9w/f+aRwEAAAAAAAAAAAAAW2mmuitiamry6szctYvjLUt0R0SLi9h04o2dUY2iRG+LfnO1Wr2e/S8o/QQfj0R9KvxOqc+yRH2t36MdVd57EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OifAAAA//8sxicA")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x40201, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a58000000060a010400000000000000000a0000010900010073797a31000000002c0004802800018007000100637400001c0002800500030001000000080002400000000c08000140000000090900020073797a320000000014000000110001"], 0x80}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff02000000000000000000000000000188"], 0xffe)

1.400280663s ago: executing program 7 (id=1636):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0xffffffffffffffdc)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0xe)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r0 = socket$kcm(0xa, 0x5, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x2, 0x2, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000000080)='_', 0x1}], 0x11}, 0x64)
setsockopt$sock_attach_bpf(r1, 0x84, 0x1e, &(0x7f0000000240), 0x4)
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8916, &(0x7f0000000000)={<r3=>r2})
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x8936, &(0x7f0000000000)={r2})

1.390602913s ago: executing program 9 (id=1646):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "008142f47400", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "dc41ffe1", "8ce63ecbc640735f"}, 0x38)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
close(r0)

1.346054944s ago: executing program 9 (id=1639):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000000b05000300000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x141a42, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYBLOB="97020000000000005c00128009000100626f6e64000000004c00028008000a00000000001800088000000000e00000017f00000164010102000000000500010000000000080007"], 0x8c}}, 0x0)
write$tun(r1, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x16, 0x0, 0x14}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0xfd6c)

1.345875004s ago: executing program 7 (id=1640):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002304e800000000000000ea850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='netlink_extack\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000440)=ANY=[@ANYBLOB="14010000", @ANYRES16=r1, @ANYBLOB="010000000000fedbdf25030000000001018044000400200001000a000000000000000000000000005f12000000000000000100000200200002000a00fffd00000000fe8000000000000000000000000000bb000000000d0001007564703a73"], 0x114}}, 0x0)

1.099551928s ago: executing program 7 (id=1641):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x4c}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = timerfd_create(0x0, 0x0)
readv(r3, &(0x7f00000009c0)=[{&(0x7f0000000200)=""/33, 0x21}], 0x1)

1.039367719s ago: executing program 9 (id=1642):
r0 = mq_open(&(0x7f0000000140)='*+@[^#^\x00', 0x40, 0x65, 0x0)
mq_notify(r0, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0xc, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000008c0), r1)
sendmsg$NLBL_MGMT_C_ADD(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000940)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000ffdbdf250100000007000700e0000001080002000500000008000800001e01010c0001"], 0x38}, 0x1, 0x0, 0x0, 0x40010}, 0x80)

937.618882ms ago: executing program 2 (id=1643):
syz_io_uring_complete(0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

543.289739ms ago: executing program 9 (id=1656):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20010814)
close(r2)

542.787469ms ago: executing program 2 (id=1645):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x100)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
preadv2(r2, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

401.135712ms ago: executing program 9 (id=1648):
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB], 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000080)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nodioread_nolock}, {@quota}, {@quota}]}, 0x3, 0x443, &(0x7f0000000dc0)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
syz_clone(0x40b04000, 0x0, 0x0, 0x0, 0x0, 0x0)

400.925402ms ago: executing program 2 (id=1649):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r3}, 0x55)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

294.422224ms ago: executing program 4 (id=1651):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f00000000c0)={'macsec0\x00', 0x400})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x100)
preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

280.854724ms ago: executing program 2 (id=1653):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
recvmsg$unix(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
setsockopt$sock_int(r1, 0x1, 0x21, &(0x7f0000000540)=0x5, 0x4)
recvmsg$unix(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000004010)
close(0x4)

247.632475ms ago: executing program 4 (id=1654):
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x20025, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x800000000}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc0000000000", @ANYBLOB], 0x50)

247.188475ms ago: executing program 7 (id=1655):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
pwrite64(r3, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
fallocate(r2, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000040)={0xc, r2, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

220.207885ms ago: executing program 4 (id=1657):
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = memfd_create(0x0, 0x5)
fsetxattr$security_selinux(r0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x5, 0x0, 0x3, 0xe, 0x0, 0x70bd2c, 0x25dfdbfc, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x7}}]}, 0x70}, 0x1, 0x7}, 0x0)
fchdir(0xffffffffffffffff)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x7a6)

186.406866ms ago: executing program 4 (id=1658):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
writev(r0, &(0x7f0000000400)=[{&(0x7f00000006c0)="581a1791", 0x4}], 0x1)

170.943006ms ago: executing program 4 (id=1659):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x102})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000080)={'wg1\x00', 0x400})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'rose0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000b80), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000000)={'syz_tun\x00', 0x400})
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r2], 0x20}}, 0x0)

105.717818ms ago: executing program 7 (id=1660):
r0 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x67a, 0x1, 0xfffffffe, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r3, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {0x0}, &(0x7f0000000340)=[{&(0x7f0000000380)=""/102, 0x66}], 0x1, 0x60, 0xfffffffefffffffe}}], 0x48, 0x8004}, 0x0)

96.181598ms ago: executing program 4 (id=1661):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

83.948428ms ago: executing program 9 (id=1662):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)=';', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
mknod$loop(0x0, 0x4, 0x0)
sendfile(r1, r0, 0x0, 0x7fffeffd)

70.836468ms ago: executing program 2 (id=1663):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000010180)=@newtfilter={0x74, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x48, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x5, 0xd, 0x3, 0x4, 0x13, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x3, 0x2, 0x8001, 0x10}, {0x0, 0x55, 0xa9, 0x1}]}}]}}]}, 0x74}}, 0x24040084)

32.162819ms ago: executing program 2 (id=1664):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
sysinfo(&(0x7f0000000600)=""/222)

14.924929ms ago: executing program 7 (id=1665):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close(0xffffffffffffffff)
r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0)
ioctl$IMADDTIMER(r2, 0x80044940, &(0x7f0000000600)=0x14)
ioctl$IMADDTIMER(r2, 0x80044940, &(0x7f0000000080)=0x14)
close(r2)

0s ago: executing program 5 (id=1666):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newlink={0x20, 0x10, 0x403, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r2, 0xff7f}}, 0x20}}, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newlink={0x68, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x401}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IFLAGS={0x6, 0x2, 0x9}]}}}, @IFLA_MASTER={0x8, 0xa, r5}, @IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8}, @IFLA_XDP_EXPECTED_FD={0x8}]}]}, 0x68}}, 0x0)

kernel console output (not intermixed with test programs):

003506f0
[   58.231609][ T4948] DR0: 0000200000000300 DR1: 0000000000000000 DR2: 0000000000000000
[   58.239937][ T4948] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   58.248261][ T4948] Call Trace:
[   58.251580][ T4948]  <TASK>
[   58.254518][ T4948]  ext4_xattr_set_entry+0x77f/0x1020
[   58.259849][ T4948]  ext4_xattr_ibody_set+0x184/0x3c0
[   58.265063][ T4948]  ext4_expand_extra_isize_ea+0xcb6/0x11f0
[   58.270927][ T4948]  __ext4_expand_extra_isize+0x246/0x280
[   58.276571][ T4948]  __ext4_mark_inode_dirty+0x29d/0x3f0
[   58.282140][ T4948]  ext4_evict_inode+0x80e/0xd90
[   58.287070][ T4948]  ? __pfx_ext4_evict_inode+0x10/0x10
[   58.292490][ T4948]  evict+0x2e3/0x550
[   58.296425][ T4948]  ? __dquot_initialize+0x146/0x7c0
[   58.301696][ T4948]  iput+0x447/0x5b0
[   58.305544][ T4948]  ext4_process_orphan+0x1a9/0x1c0
[   58.310701][ T4948]  ext4_orphan_cleanup+0x6a8/0xa00
[   58.315851][ T4948]  ext4_fill_super+0x3260/0x35d0
[   58.320825][ T4948]  ? set_blocksize+0x1a8/0x310
[   58.325628][ T4948]  ? sb_set_blocksize+0xe3/0x100
[   58.330598][ T4948]  ? setup_bdev_super+0x30e/0x370
[   58.335638][ T4948]  ? __pfx_ext4_fill_super+0x10/0x10
[   58.340949][ T4948]  get_tree_bdev_flags+0x291/0x300
[   58.346088][ T4948]  ? __pfx_ext4_fill_super+0x10/0x10
[   58.351458][ T4948]  get_tree_bdev+0x1f/0x30
[   58.355903][ T4948]  ext4_get_tree+0x1c/0x30
[   58.360341][ T4948]  vfs_get_tree+0x54/0x1d0
[   58.364787][ T4948]  do_new_mount+0x207/0x5e0
[   58.369319][ T4948]  ? security_capable+0x83/0x90
[   58.374167][ T4948]  path_mount+0x4a4/0xb20
[   58.378483][ T4948]  ? user_path_at+0x109/0x130
[   58.383223][ T4948]  __se_sys_mount+0x28f/0x2e0
[   58.387891][ T4948]  __x64_sys_mount+0x67/0x80
[   58.392490][ T4948]  x64_sys_call+0x2b4d/0x2ff0
[   58.397178][ T4948]  do_syscall_64+0xd2/0x200
[   58.401687][ T4948]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.407826][ T4948]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   58.413575][ T4948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.419543][ T4948] RIP: 0033:0x7feb2c6e034a
[   58.423953][ T4948] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.443729][ T4948] RSP: 002b:00007feb2b13ee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   58.452161][ T4948] RAX: ffffffffffffffda RBX: 00007feb2b13eef0 RCX: 00007feb2c6e034a
[   58.460143][ T4948] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007feb2b13eeb0
[   58.468239][ T4948] RBP: 0000200000000180 R08: 00007feb2b13eef0 R09: 0000000000800700
[   58.476239][ T4948] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[   58.484250][ T4948] R13: 00007feb2b13eeb0 R14: 0000000000000473 R15: 0000200000000680
[   58.492243][ T4948]  </TASK>
[   58.495338][ T4948] ---[ end trace 0000000000000000 ]---
[   58.501432][ T4948] EXT4-fs (loop6): 1 orphan inode deleted
[   58.626785][ T4985] bond1: entered promiscuous mode
[   58.631960][ T4985] bond1: entered allmulticast mode
[   58.642935][ T4985] 8021q: adding VLAN 0 to HW filter on device bond1
[   58.660286][ T4985] bond1 (unregistering): Released all slaves
[   58.725799][ T4996] netlink: 20 bytes leftover after parsing attributes in process `syz.3.528'.
[   58.756208][   T29] audit: type=1400 audit(1757934567.223:966): avc:  denied  { read } for  pid=5000 comm="syz.5.533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   58.942281][ T5009] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.949469][ T5009] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.027010][ T5009] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   59.036892][ T5009] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   59.080917][ T4035] netdevsim netdevsim6 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   59.132042][ T5015] tipc: Started in network mode
[   59.136950][ T5015] tipc: Node identity ac14140f, cluster identity 4711
[   59.154000][ T5015] tipc: New replicast peer: 255.255.255.255
[   59.160210][ T5015] tipc: Enabled bearer <udp:syz2>, priority 10
[   59.169194][ T5017] netlink: 12 bytes leftover after parsing attributes in process `syz.3.542'.
[   59.178082][ T5017] tipc: Disabling bearer <udp:syz2>
[   59.214844][ T4035] netdevsim netdevsim6 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   59.223314][ T4035] netdevsim netdevsim6 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   59.231975][ T4035] netdevsim netdevsim6 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   59.466480][ T5056] loop2: detected capacity change from 0 to 512
[   59.477983][ T5056] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   59.506726][ T5056] EXT4-fs (loop2): 1 truncate cleaned up
[   59.514012][ T5059] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   59.624262][ T5074] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.691727][ T5074] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.695402][ T5064] netlink: 20 bytes leftover after parsing attributes in process `syz.6.556'.
[   59.768968][ T5083] loop6: detected capacity change from 0 to 512
[   59.776962][ T5074] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.785937][ T5083] ext4 filesystem being mounted at /51/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   59.806818][ T5083] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 122
[   59.819226][ T5083] EXT4-fs (loop6): This should not happen!! Data will be lost
[   59.819226][ T5083] 
[   59.840886][ T5074] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.888565][ T4035] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.907715][ T4035] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.920053][ T4035] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.928447][ T4035] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.980342][ T5104] loop5: detected capacity change from 0 to 1024
[   59.988964][ T5104] EXT4-fs: Ignoring removed orlov option
[   60.013609][ T5107] lo speed is unknown, defaulting to 1000
[   60.050069][ T5107] lo speed is unknown, defaulting to 1000
[   60.056478][ T5107] lo speed is unknown, defaulting to 1000
[   60.063656][ T5107] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   60.074866][ T5107] lo speed is unknown, defaulting to 1000
[   60.081213][ T5107] lo speed is unknown, defaulting to 1000
[   60.087454][ T5107] lo speed is unknown, defaulting to 1000
[   60.095208][ T5107] lo speed is unknown, defaulting to 1000
[   60.101488][ T5107] lo speed is unknown, defaulting to 1000
[   60.107703][ T5107] lo speed is unknown, defaulting to 1000
[   60.394647][ T5128] bond0: entered promiscuous mode
[   60.400487][ T5128] bond0: entered allmulticast mode
[   60.405973][ T5128] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.416624][ T5128] bond0 (unregistering): Released all slaves
[   60.516939][ T5138] netlink: 8 bytes leftover after parsing attributes in process `syz.5.584'.
[   60.535035][ T5136] loop2: detected capacity change from 0 to 2048
[   60.680370][ T5153] loop6: detected capacity change from 0 to 1024
[   60.687047][ T5153] EXT4-fs: Ignoring removed orlov option
[   60.711224][ T5156] loop5: detected capacity change from 0 to 512
[   60.723473][ T5157] netlink: 2028 bytes leftover after parsing attributes in process `syz.4.590'.
[   60.732658][ T5157] netlink: 20 bytes leftover after parsing attributes in process `syz.4.590'.
[   60.759004][ T5156] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.833926][ T5166] loop5: detected capacity change from 0 to 512
[   60.862703][ T5166] ext4 filesystem being mounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   60.905600][ T5166] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 122
[   60.917922][ T5166] EXT4-fs (loop5): This should not happen!! Data will be lost
[   60.917922][ T5166] 
[   60.999740][ T5178] bond0: entered promiscuous mode
[   61.004839][ T5178] bond0: entered allmulticast mode
[   61.010555][ T5178] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.019939][ T5178] bond0 (unregistering): Released all slaves
[   61.026542][ T5183] af_packet: tpacket_rcv: packet too big, clamped from 126 to 4294967286. macoff=82
[   61.057216][ T5186] loop5: detected capacity change from 0 to 512
[   61.063996][ T5186] EXT4-fs: Ignoring removed mblk_io_submit option
[   61.071252][ T5186] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.078370][ T5186] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   61.087059][ T5186] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[   61.105762][ T5189] vlan2: entered allmulticast mode
[   61.123295][ T5186] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.602: Allocating blocks 41-42 which overlap fs metadata
[   61.138164][ T5186] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.602: Allocating blocks 41-42 which overlap fs metadata
[   61.152286][ T5186] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.602: Failed to acquire dquot type 1
[   61.164541][ T5186] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   61.180411][ T5186] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.602: corrupted inode contents
[   61.192664][ T5186] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #12: comm syz.5.602: mark_inode_dirty error
[   61.205323][ T5186] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.602: corrupted inode contents
[   61.217365][ T5186] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.602: mark_inode_dirty error
[   61.230623][ T5186] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.602: corrupted inode contents
[   61.243266][ T5186] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[   61.251999][ T5196] tipc: New replicast peer: 255.255.255.255
[   61.252865][ T5186] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.602: corrupted inode contents
[   61.258073][ T5196] tipc: Enabled bearer <udp:syz2>, priority 10
[   61.271247][ T5186] EXT4-fs error (device loop5): ext4_truncate:4666: inode #12: comm syz.5.602: mark_inode_dirty error
[   61.287284][ T5186] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[   61.297115][ T5186] EXT4-fs (loop5): 1 truncate cleaned up
[   61.404870][ T5202] netlink: 'syz.5.610': attribute type 4 has an invalid length.
[   61.514223][ T5209] loop2: detected capacity change from 0 to 1024
[   61.532564][ T5209] EXT4-fs: Ignoring removed orlov option
[   61.574334][ T5217] smc: net device bond0 applied user defined pnetid SYZ0
[   61.590031][ T5217] smc: net device bond0 erased user defined pnetid SYZ0
[   61.625295][ T5225] netlink: 'syz.5.617': attribute type 10 has an invalid length.
[   61.631515][ T5227] lo speed is unknown, defaulting to 1000
[   61.683599][ T5225] team0: Port device dummy0 added
[   61.693094][ T5225] netlink: 'syz.5.617': attribute type 10 has an invalid length.
[   61.701604][ T5225] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   61.720612][ T5225] team0: Failed to send options change via netlink (err -105)
[   61.739549][ T5225] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   61.765611][ T5225] team0: Port device dummy0 removed
[   61.784668][ T5225] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   61.847178][ T5231] lo speed is unknown, defaulting to 1000
[   61.932638][ T5238] lo speed is unknown, defaulting to 1000
[   62.093149][ T5251] netlink: 'syz.4.629': attribute type 30 has an invalid length.
[   62.241353][ T5262] netlink: 'syz.2.633': attribute type 1 has an invalid length.
[   62.241427][ T5262] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.633'.
[   62.243021][ T5262] loop2: detected capacity change from 0 to 128
[   62.263563][ T5262] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.369428][   T10] tipc: Node number set to 3685529147
[   62.394734][   T29] kauditd_printk_skb: 124 callbacks suppressed
[   62.394748][   T29] audit: type=1400 audit(1757934570.863:1087): avc:  denied  { read } for  pid=5269 comm="syz.2.636" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   62.455880][ T5276] siw: device registration error -23
[   62.531448][   T29] audit: type=1400 audit(1757934571.003:1088): avc:  denied  { watch watch_reads } for  pid=5280 comm="syz.6.641" path="/68/file0" dev="tmpfs" ino=376 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   63.109060][ T5288] vlan2: entered allmulticast mode
[   63.122606][ T5289] netlink: 'syz.6.652': attribute type 4 has an invalid length.
[   63.154542][ T5291] lo speed is unknown, defaulting to 1000
[   63.163658][ T5295] loop2: detected capacity change from 0 to 128
[   63.187924][ T5295] ext4 filesystem being mounted at /143/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   63.244986][   T29] audit: type=1400 audit(1757934571.703:1089): avc:  denied  { create } for  pid=5293 comm="syz.2.647" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[   63.464373][ T5322] loop6: detected capacity change from 0 to 736
[   63.492124][ T5325] netlink: 'syz.3.659': attribute type 10 has an invalid length.
[   63.495010][ T5325] netlink: 'syz.3.659': attribute type 10 has an invalid length.
[   63.496437][ T5325] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   63.594713][ T5332] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.594826][ T5332] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.632159][ T5332] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   63.660055][ T5332] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   63.780545][ T4035] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   63.780606][ T4035] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   63.780633][ T4035] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   63.780721][ T4035] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   63.867555][ T5355] lo speed is unknown, defaulting to 1000
[   63.884707][   T29] audit: type=1400 audit(1757934572.353:1090): avc:  denied  { ioctl } for  pid=5358 comm="syz.4.670" path="socket:[13785]" dev="sockfs" ino=13785 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   63.977489][   T29] audit: type=1400 audit(1757934572.443:1091): avc:  denied  { bind } for  pid=5366 comm="syz.4.672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   63.996934][   T29] audit: type=1400 audit(1757934572.443:1092): avc:  denied  { name_bind } for  pid=5366 comm="syz.4.672" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[   63.997359][ T5371] loop6: detected capacity change from 0 to 512
[   64.017751][   T29] audit: type=1400 audit(1757934572.443:1093): avc:  denied  { node_bind } for  pid=5366 comm="syz.4.672" saddr=ff02::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   64.109163][ T5371] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.295691][ T5386] siw: device registration error -23
[   64.401935][ T5390] wg2: entered promiscuous mode
[   64.406813][ T5390] wg2: entered allmulticast mode
[   64.435953][ T5394] netlink: 184 bytes leftover after parsing attributes in process `syz.5.683'.
[   64.445816][ T5394] xt_socket: unknown flags 0xd0
[   64.495216][   T29] audit: type=1400 audit(1757934572.963:1094): avc:  denied  { listen } for  pid=5399 comm="syz.5.685" lport=47018 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   64.582939][   T29] audit: type=1400 audit(1757934573.013:1095): avc:  denied  { accept } for  pid=5399 comm="syz.5.685" lport=47018 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   64.613963][ T5404] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.621135][ T5404] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.645755][   T29] audit: type=1326 audit(1757934573.113:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5409 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   64.674605][ T5404] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   64.685921][ T5404] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   64.758751][ T5404] bridge2: left promiscuous mode
[   64.764688][ T5404] bridge2: left allmulticast mode
[   64.773457][ T4003] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   64.795930][ T4003] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   64.829319][ T4003] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   64.837786][ T4003] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   64.944545][ T5428] loop2: detected capacity change from 0 to 128
[   64.950461][ T5428] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.035181][ T5433] netlink: 32 bytes leftover after parsing attributes in process `syz.3.695'.
[   65.145559][ T5439] loop3: detected capacity change from 0 to 512
[   65.145999][ T5439] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   65.147247][ T5439] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.699: invalid indirect mapped block 4294967295 (level 0)
[   65.147397][ T5439] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.699: invalid indirect mapped block 4294967295 (level 1)
[   65.147834][ T5439] EXT4-fs (loop3): 1 orphan inode deleted
[   65.147850][ T5439] EXT4-fs (loop3): 1 truncate cleaned up
[   65.209568][ T5444] vlan2: entered allmulticast mode
[   65.312385][ T5452] lo speed is unknown, defaulting to 1000
[   65.515383][ T5471] lo speed is unknown, defaulting to 1000
[   65.804912][ T5478] loop5: detected capacity change from 0 to 1024
[   65.813261][ T5478] EXT4-fs: Ignoring removed nobh option
[   65.819307][ T5478] EXT4-fs: Ignoring removed bh option
[   65.824813][ T5478] EXT4-fs: Ignoring removed nobh option
[   65.834843][ T5480] loop6: detected capacity change from 0 to 512
[   65.850683][ T5480] EXT4-fs: Ignoring removed mblk_io_submit option
[   65.863909][ T5478] EXT4-fs mount: 40 callbacks suppressed
[   65.863924][ T5478] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.869732][ T5480] EXT4-fs: Ignoring removed nomblk_io_submit option
[   65.911778][ T5480] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   65.920328][ T5480] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   65.942668][ T5478] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[   65.963150][ T5484] vlan2: entered allmulticast mode
[   65.980303][ T5480] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.716: Allocating blocks 41-42 which overlap fs metadata
[   66.010322][ T5480] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.716: Allocating blocks 41-42 which overlap fs metadata
[   66.036678][ T4014] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.046214][ T5480] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.716: Failed to acquire dquot type 1
[   66.069531][ T5480] EXT4-fs error (device loop6): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   66.108400][ T5480] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #12: comm syz.6.716: corrupted inode contents
[   66.124615][ T5490] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.136377][ T5480] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #12: comm syz.6.716: mark_inode_dirty error
[   66.160847][ T5480] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #12: comm syz.6.716: corrupted inode contents
[   66.174369][ T5480] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #12: comm syz.6.716: mark_inode_dirty error
[   66.186390][ T5480] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #12: comm syz.6.716: corrupted inode contents
[   66.222092][ T5490] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.233744][ T5480] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[   66.242756][ T5480] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #12: comm syz.6.716: corrupted inode contents
[   66.272790][ T5480] EXT4-fs error (device loop6): ext4_truncate:4666: inode #12: comm syz.6.716: mark_inode_dirty error
[   66.287673][ T5480] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[   66.298935][ T5480] EXT4-fs (loop6): 1 truncate cleaned up
[   66.325590][ T5490] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.330396][ T5480] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.426343][ T5490] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.472390][ T5498] loop3: detected capacity change from 0 to 512
[   66.480790][ T5498] EXT4-fs: Ignoring removed mblk_io_submit option
[   66.510627][ T5498] EXT4-fs (loop3): failed to initialize system zone (-117)
[   66.518286][ T4055] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.528605][ T5498] EXT4-fs (loop3): mount failed
[   66.569506][ T4003] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.614470][ T4035] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.652059][ T4035] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.671807][ T5501] serio: Serial port ptm0
[   66.721048][ T4035] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.889484][ T5512] vlan2: entered allmulticast mode
[   67.309418][ T5533] netlink: 28 bytes leftover after parsing attributes in process `syz.2.737'.
[   67.355401][ T5536] netlink: 'syz.3.738': attribute type 16 has an invalid length.
[   67.363255][ T5536] netlink: 156 bytes leftover after parsing attributes in process `syz.3.738'.
[   67.430474][ T5540] ������: renamed from vlan1
[   67.591555][ T5519] Set syz1 is full, maxelem 65536 reached
[   67.628983][ T5547] siw: device registration error -23
[   67.633795][ T5544] lo speed is unknown, defaulting to 1000
[   67.674876][ T5552] netlink: 20 bytes leftover after parsing attributes in process `syz.5.741'.
[   67.777028][   T29] kauditd_printk_skb: 46 callbacks suppressed
[   67.777043][   T29] audit: type=1326 audit(1757934576.243:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5550 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bc3a2eba9 code=0x7fc00000
[   67.807851][   T29] audit: type=1326 audit(1757934576.283:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5550 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8bc3a2eba9 code=0x7fc00000
[   67.832109][   T29] audit: type=1326 audit(1757934576.283:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5550 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bc3a2eba9 code=0x7fc00000
[   67.918466][   T29] audit: type=1400 audit(1757934576.383:1142): avc:  denied  { read write } for  pid=4014 comm="syz-executor" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   67.942799][   T29] audit: type=1400 audit(1757934576.383:1143): avc:  denied  { open } for  pid=4014 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   67.966913][   T29] audit: type=1400 audit(1757934576.383:1144): avc:  denied  { ioctl } for  pid=4014 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   68.007896][   T29] audit: type=1400 audit(1757934576.443:1145): avc:  denied  { prog_load } for  pid=5559 comm="syz.3.748" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   68.026908][   T29] audit: type=1400 audit(1757934576.443:1146): avc:  denied  { bpf } for  pid=5559 comm="syz.3.748" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   68.047341][   T29] audit: type=1400 audit(1757934576.443:1147): avc:  denied  { perfmon } for  pid=5559 comm="syz.3.748" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   68.068170][   T29] audit: type=1400 audit(1757934576.443:1148): avc:  denied  { mounton } for  pid=5559 comm="syz.3.748" path="/153/file0" dev="tmpfs" ino=815 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   68.120510][ T5566] netlink: 4 bytes leftover after parsing attributes in process `syz.6.753'.
[   68.179468][ T5570] ������: renamed from vlan1 (while UP)
[   68.232774][ T5577] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5577 comm=syz.6.757
[   68.247004][ T5577] netlink: 'syz.6.757': attribute type 1 has an invalid length.
[   68.282357][ T5577] bond1: (slave bridge1): making interface the new active one
[   68.290549][ T5577] bond1: (slave bridge1): Enslaving as an active interface with an up link
[   68.301171][ T5581] bridge_slave_1: left allmulticast mode
[   68.306841][ T5581] bridge_slave_1: left promiscuous mode
[   68.312621][ T5581] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.350488][ T5581] bridge_slave_0: left promiscuous mode
[   68.356160][ T5581] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.521165][ T5583] netlink: 'syz.6.759': attribute type 30 has an invalid length.
[   68.695566][ T5610] loop6: detected capacity change from 0 to 512
[   68.720332][ T5616] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   68.730078][ T5610] EXT4-fs: Ignoring removed mblk_io_submit option
[   68.738717][ T5610] EXT4-fs (loop6): failed to initialize system zone (-117)
[   68.778311][ T5610] EXT4-fs (loop6): mount failed
[   68.825848][ T5629] loop5: detected capacity change from 0 to 128
[   68.849757][ T5629] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   68.899056][ T5629] syz.5.777: attempt to access beyond end of device
[   68.899056][ T5629] loop5: rw=0, sector=97, nr_sectors = 944 limit=128
[   68.923810][ T5638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.781'.
[   68.938373][ T4003] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   68.965545][ T5646] netlink: 'syz.5.784': attribute type 1 has an invalid length.
[   69.001300][ T5646] 8021q: adding VLAN 0 to HW filter on device bond1
[   69.036053][ T5646] vlan1: entered allmulticast mode
[   69.041267][ T5646] batadv0: entered allmulticast mode
[   69.049323][ T5646] bond1: (slave vlan1): making interface the new active one
[   69.058305][ T5646] bond1: (slave vlan1): Enslaving as an active interface with an up link
[   69.198922][ T5666] 9pnet: p9_errstr2errno: server reported unknown error 
[   69.265275][ T5674] SELinux:  Context 
 is not valid (left unmapped).
[   70.006283][ T5694] netlink: 'syz.3.806': attribute type 30 has an invalid length.
[   70.143391][ T5710] netlink: 28 bytes leftover after parsing attributes in process `syz.3.814'.
[   70.152333][ T5710] netlink: 8 bytes leftover after parsing attributes in process `syz.3.814'.
[   70.185429][ T5710] netlink: 28 bytes leftover after parsing attributes in process `syz.3.814'.
[   70.194373][ T5710] netlink: 8 bytes leftover after parsing attributes in process `syz.3.814'.
[   70.205895][ T5705] loop6: detected capacity change from 0 to 8192
[   70.259672][ T5705]  loop6: p1 p2[DM] p4
[   70.263889][ T5705] loop6: p1 size 196608 extends beyond EOD, truncated
[   70.309307][ T5705] loop6: p2 start 4292936063 is beyond EOD, truncated
[   70.316113][ T5705] loop6: p4 size 50331648 extends beyond EOD, truncated
[   70.376582][ T5727] sd 0:0:1:0: device reset
[   70.494272][ T5744] loop3: detected capacity change from 0 to 1024
[   70.501252][ T5744] EXT4-fs: Ignoring removed orlov option
[   70.507058][ T5744] EXT4-fs: Ignoring removed nomblk_io_submit option
[   70.524929][ T5744] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.542230][ T5744] EXT4-fs (loop3): shut down requested (1)
[   70.548569][ T5744] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   70.558032][ T5744] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   70.568377][ T5744] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   70.588621][ T5744] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=13
[   70.597610][ T5744] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   70.606487][ T5744] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   70.615754][ T5744] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=13
[   70.624924][ T5744] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   70.633862][ T5744] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   70.642746][ T5744] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   70.651832][ T5744] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=13
[   70.678067][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.721673][ T5764] loop3: detected capacity change from 0 to 8192
[   70.729994][ T5757] Falling back ldisc for ttyS3.
[   70.766745][ T5770] team0: Port device team_slave_0 removed
[   70.779695][ T5764]  loop3: p1 p2[DM] p4
[   70.783885][ T5764] loop3: p1 size 196608 extends beyond EOD, truncated
[   70.791469][ T5764] loop3: p2 start 4292936063 is beyond EOD, truncated
[   70.798277][ T5764] loop3: p4 size 50331648 extends beyond EOD, truncated
[   70.850244][ T5781] netlink: 'syz.4.841': attribute type 30 has an invalid length.
[   70.898368][ T5787] loop2: detected capacity change from 0 to 1024
[   70.906670][ T5787] EXT4-fs: Ignoring removed orlov option
[   70.912473][ T5787] EXT4-fs: Ignoring removed nomblk_io_submit option
[   70.932161][ T5787] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.948287][ T5787] EXT4-fs (loop2): shut down requested (1)
[   70.961214][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   70.970901][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   70.980086][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   70.990727][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[   71.001129][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   71.009935][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   71.018730][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[   71.027719][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   71.036713][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   71.045773][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   71.054612][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[   71.095453][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.766184][ T5825] loop2: detected capacity change from 0 to 512
[   71.772925][ T5825] EXT4-fs: Ignoring removed oldalloc option
[   71.780401][ T5825] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   71.791432][ T5825] EXT4-fs (loop2): 1 truncate cleaned up
[   71.797498][ T5825] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.824591][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.854219][ T5815] loop5: detected capacity change from 0 to 512
[   71.900991][ T5815] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   71.917188][ T5815] EXT4-fs (loop5): mount failed
[   71.930200][ T5815] loop5: detected capacity change from 0 to 512
[   71.936833][ T5815] EXT4-fs: Ignoring removed nobh option
[   71.950643][ T5815] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.862: corrupted inode contents
[   71.964334][ T5815] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.862: mark_inode_dirty error
[   71.976321][ T5815] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.862: corrupted inode contents
[   71.990764][ T5815] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.862: mark_inode_dirty error
[   72.003391][ T5815] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.862: Failed to acquire dquot type 0
[   72.015364][ T5815] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.862: corrupted inode contents
[   72.028447][ T5815] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.862: mark_inode_dirty error
[   72.041066][ T5815] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.862: corrupted inode contents
[   72.053221][ T5815] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.862: mark_inode_dirty error
[   72.065869][ T5815] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.862: corrupted inode contents
[   72.077942][ T5815] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[   72.088046][ T5815] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.862: corrupted inode contents
[   72.102005][ T5815] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.862: mark_inode_dirty error
[   72.113503][ T5815] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[   72.124122][ T5815] EXT4-fs (loop5): 1 truncate cleaned up
[   72.156418][ T5815] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.217476][ T5815] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.254327][ T5815] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.360995][ T5850] tipc: Started in network mode
[   72.365984][ T5850] tipc: Node identity ac14140f, cluster identity 4711
[   72.383205][ T5850] tipc: New replicast peer: 255.255.255.255
[   72.389444][ T5850] tipc: Enabled bearer <udp:s>, priority 10
[   72.452278][ T5856] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   72.619531][ T5860] Falling back ldisc for ttyS3.
[   72.675157][ T5867] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   72.690263][ T5869] netlink: 12 bytes leftover after parsing attributes in process `syz.3.874'.
[   72.706892][ T5863] tipc: Resetting bearer <eth:syzkaller0>
[   72.728601][ T5863] tipc: Disabling bearer <eth:syzkaller0>
[   72.811253][   T29] kauditd_printk_skb: 180 callbacks suppressed
[   72.811344][   T29] audit: type=1400 audit(1757934581.283:1326): avc:  denied  { name_connect } for  pid=5874 comm="syz.3.877" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   72.874785][   T29] audit: type=1400 audit(1757934581.313:1327): avc:  denied  { listen } for  pid=5874 comm="syz.3.877" lport=46809 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   72.897898][   T29] audit: type=1400 audit(1757934581.313:1328): avc:  denied  { accept } for  pid=5874 comm="syz.3.877" lport=46809 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   72.920981][   T29] audit: type=1400 audit(1757934581.313:1329): avc:  denied  { write } for  pid=5874 comm="syz.3.877" path="socket:[15917]" dev="sockfs" ino=15917 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   72.944885][   T29] audit: type=1400 audit(1757934581.313:1330): avc:  denied  { setopt } for  pid=5874 comm="syz.3.877" lport=46809 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   72.969519][   T29] audit: type=1400 audit(1757934581.343:1331): avc:  denied  { write } for  pid=5880 comm="syz.3.881" path="socket:[15932]" dev="sockfs" ino=15932 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   73.057596][   T29] audit: type=1326 audit(1757934581.523:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5888 comm="syz.4.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   73.080990][   T29] audit: type=1326 audit(1757934581.523:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5888 comm="syz.4.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   73.110496][   T29] audit: type=1326 audit(1757934581.523:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5888 comm="syz.4.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   73.133916][   T29] audit: type=1326 audit(1757934581.523:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5888 comm="syz.4.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   73.163666][ T5897] netlink: 'syz.3.887': attribute type 3 has an invalid length.
[   73.171888][ T5896] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   73.184881][ T5897] netlink: 'syz.3.887': attribute type 3 has an invalid length.
[   73.317192][ T5912] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.894'.
[   73.328922][ T5911] loop5: detected capacity change from 0 to 128
[   73.343615][ T5915] loop3: detected capacity change from 0 to 512
[   73.357273][ T5915] EXT4-fs: Ignoring removed mblk_io_submit option
[   73.364342][ T5915] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   73.389241][ T5022] tipc: Node number set to 2886997007
[   73.394084][ T5919] syz.5.891: attempt to access beyond end of device
[   73.394084][ T5919] loop5: rw=1, sector=145, nr_sectors = 16 limit=128
[   73.420230][ T5918] netlink: 'syz.2.895': attribute type 1 has an invalid length.
[   73.429022][ T5915] EXT4-fs (loop3): 1 truncate cleaned up
[   73.439521][ T5915] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.447406][ T5919] syz.5.891: attempt to access beyond end of device
[   73.447406][ T5919] loop5: rw=1, sector=169, nr_sectors = 8 limit=128
[   73.464890][ T5919] syz.5.891: attempt to access beyond end of device
[   73.464890][ T5919] loop5: rw=1, sector=185, nr_sectors = 8 limit=128
[   73.478060][ T5919] syz.5.891: attempt to access beyond end of device
[   73.478060][ T5919] loop5: rw=1, sector=201, nr_sectors = 8 limit=128
[   73.491296][ T5919] syz.5.891: attempt to access beyond end of device
[   73.491296][ T5919] loop5: rw=1, sector=217, nr_sectors = 8 limit=128
[   73.496345][ T5918] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.504486][ T5919] syz.5.891: attempt to access beyond end of device
[   73.504486][ T5919] loop5: rw=1, sector=233, nr_sectors = 8 limit=128
[   73.524221][ T5919] syz.5.891: attempt to access beyond end of device
[   73.524221][ T5919] loop5: rw=1, sector=249, nr_sectors = 8 limit=128
[   73.537552][ T5919] syz.5.891: attempt to access beyond end of device
[   73.537552][ T5919] loop5: rw=1, sector=265, nr_sectors = 8 limit=128
[   73.550967][ T5919] syz.5.891: attempt to access beyond end of device
[   73.550967][ T5919] loop5: rw=1, sector=281, nr_sectors = 8 limit=128
[   73.588272][ T5918] vlan1: entered allmulticast mode
[   73.593446][ T5918] batadv0: entered allmulticast mode
[   73.600104][ T5918] bond0: (slave vlan1): Opening slave failed
[   73.692924][ T5930] vhci_hcd: invalid port number 255
[   73.698165][ T5930] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub
[   73.817316][ T5939] loop5: detected capacity change from 0 to 512
[   73.825246][ T5939] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   74.001241][ T5944] uprobe: syz.4.906:5944 failed to unregister, leaking uprobe
[   74.008867][ T5944] uprobe: syz.4.906:5944 failed to unregister, leaking uprobe
[   74.236527][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.255120][ T5962] netlink: 'syz.3.914': attribute type 1 has an invalid length.
[   74.262898][ T5962] netlink: 'syz.3.914': attribute type 4 has an invalid length.
[   74.268192][ T5964] syz_tun: entered allmulticast mode
[   74.270653][ T5962] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.914'.
[   74.298925][ T5962] netlink: 'syz.3.914': attribute type 1 has an invalid length.
[   74.306800][ T5962] netlink: 'syz.3.914': attribute type 4 has an invalid length.
[   74.314485][ T5962] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.914'.
[   74.341179][ T5971] team0: Port device team_slave_0 removed
[   74.382986][ T5975] netlink: 8 bytes leftover after parsing attributes in process `syz.4.920'.
[   74.401479][ T5975] ip6gre1: entered allmulticast mode
[   74.454656][ T5980] sch_fq: defrate 0 ignored.
[   75.020024][ T6006] team0: Port device team_slave_0 removed
[   75.101781][ T6012] loop6: detected capacity change from 0 to 128
[   76.017357][ T6033] vhci_hcd: invalid port number 255
[   76.022949][ T6033] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub
[   76.076026][ T6036] loop6: detected capacity change from 0 to 512
[   76.088906][ T6036] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.944: iget: bad i_size value: 38620345925642
[   76.123552][ T6036] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.944: couldn't read orphan inode 15 (err -117)
[   76.135543][ T6031] loop5: detected capacity change from 0 to 8192
[   76.152330][ T6036] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.204377][ T6031]  loop5: p1 p2 p3 p4
[   76.218517][ T6031] loop5: p1 start 51379968 is beyond EOD, truncated
[   76.229248][ T6031] loop5: p3 size 15991040 extends beyond EOD, truncated
[   76.238752][ T6045] loop2: detected capacity change from 0 to 1024
[   76.239287][ T6031] loop5: p4 start 16711680 is beyond EOD, truncated
[   76.248464][ T6049] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.944: bg 0: block 5: invalid block bitmap
[   76.264452][ T6045] EXT4-fs: Ignoring removed nomblk_io_submit option
[   76.275137][ T6049] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 400 with error 28
[   76.287646][ T6049] EXT4-fs (loop6): This should not happen!! Data will be lost
[   76.287646][ T6049] 
[   76.297474][ T6049] EXT4-fs (loop6): Total free blocks count 0
[   76.303512][ T6049] EXT4-fs (loop6): Free/Dirty block details
[   76.309532][ T6049] EXT4-fs (loop6): free_blocks=0
[   76.314553][ T6049] EXT4-fs (loop6): dirty_blocks=400
[   76.319820][ T6049] EXT4-fs (loop6): Block reservation details
[   76.325863][ T6049] EXT4-fs (loop6): i_reserved_data_blocks=400
[   76.332991][ T6045] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854c01c, mo2=0003]
[   76.333319][ T6048] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   76.341108][ T6045] System zones: 0-1, 3-36
[   76.341997][ T6045] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.389549][ T6031] loop5: detected capacity change from 0 to 2048
[   76.401409][ T6047] tipc: Resetting bearer <eth:syzkaller0>
[   76.409092][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.421591][ T6054] netlink: 12 bytes leftover after parsing attributes in process `syz.4.952'.
[   76.422389][ T6047] tipc: Disabling bearer <eth:syzkaller0>
[   76.446458][ T6057] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[   76.461181][ T6031]  loop5: p1 < > p4
[   76.465480][ T6031] loop5: p4 size 8388608 extends beyond EOD, truncated
[   76.493882][ T4055] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.521145][ T6063] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6063 comm=syz.6.956
[   76.668393][ T6081] netlink: 64 bytes leftover after parsing attributes in process `syz.3.963'.
[   76.730180][ T6088] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   76.764620][ T6093] loop2: detected capacity change from 0 to 512
[   76.783384][ T6093] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.967: iget: bad i_size value: 38620345925642
[   76.797091][ T6093] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.967: couldn't read orphan inode 15 (err -117)
[   76.811103][ T6093] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.885851][ T6100] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.967: bg 0: block 5: invalid block bitmap
[   76.905955][ T6100] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1416 with error 28
[   76.918448][ T6100] EXT4-fs (loop2): This should not happen!! Data will be lost
[   76.918448][ T6100] 
[   76.928124][ T6100] EXT4-fs (loop2): Total free blocks count 0
[   76.934121][ T6100] EXT4-fs (loop2): Free/Dirty block details
[   76.940071][ T6100] EXT4-fs (loop2): free_blocks=0
[   76.945001][ T6100] EXT4-fs (loop2): dirty_blocks=1416
[   76.950374][ T6100] EXT4-fs (loop2): Block reservation details
[   76.956414][ T6100] EXT4-fs (loop2): i_reserved_data_blocks=1416
[   77.030633][ T6112] netlink: 'syz.6.975': attribute type 2 has an invalid length.
[   77.038320][ T6112] netlink: 'syz.6.975': attribute type 8 has an invalid length.
[   77.046060][ T6112] netlink: 132 bytes leftover after parsing attributes in process `syz.6.975'.
[   77.090487][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.044127][   T29] kauditd_printk_skb: 191 callbacks suppressed
[   78.044224][   T29] audit: type=1326 audit(1757934586.513:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6141 comm="syz.3.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bc3a2eba9 code=0x7ffc0000
[   78.107177][   T29] audit: type=1326 audit(1757934586.563:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6141 comm="syz.3.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bc3a2eba9 code=0x7ffc0000
[   78.130683][   T29] audit: type=1326 audit(1757934586.563:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6141 comm="syz.3.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bc3a2eba9 code=0x7ffc0000
[   78.154022][   T29] audit: type=1326 audit(1757934586.563:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6141 comm="syz.3.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bc3a2eba9 code=0x7ffc0000
[   78.177372][   T29] audit: type=1326 audit(1757934586.563:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6141 comm="syz.3.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bc3a2eba9 code=0x7ffc0000
[   78.200798][   T29] audit: type=1326 audit(1757934586.573:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6141 comm="syz.3.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bc3a2eba9 code=0x7ffc0000
[   78.224105][   T29] audit: type=1326 audit(1757934586.573:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6141 comm="syz.3.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bc3a2eba9 code=0x7ffc0000
[   78.247491][   T29] audit: type=1326 audit(1757934586.573:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6141 comm="syz.3.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bc3a2eba9 code=0x7ffc0000
[   78.270970][   T29] audit: type=1326 audit(1757934586.573:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6141 comm="syz.3.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bc3a2eba9 code=0x7ffc0000
[   78.294261][   T29] audit: type=1326 audit(1757934586.573:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6141 comm="syz.3.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bc3a2eba9 code=0x7ffc0000
[   78.540202][ T6166] netlink: 96 bytes leftover after parsing attributes in process `syz.5.996'.
[   78.599965][ T6179] netlink: 'syz.2.1001': attribute type 1 has an invalid length.
[   78.613197][ T6179] 8021q: adding VLAN 0 to HW filter on device bond1
[   78.616891][ T6178] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1000'.
[   78.634172][ T6179] 8021q: adding VLAN 0 to HW filter on device bond1
[   78.641380][ T6179] bond1: (slave vti0): The slave device specified does not support setting the MAC address
[   78.652428][ T6179] bond1: (slave vti0): Error -95 calling set_mac_address
[   78.673512][ T6178] bond2: entered promiscuous mode
[   78.678642][ T6178] bond2: entered allmulticast mode
[   78.684179][ T6178] 8021q: adding VLAN 0 to HW filter on device bond2
[   78.705200][ T6178] bond2 (unregistering): Released all slaves
[   78.740176][ T6185] vhci_hcd: invalid port number 254
[   78.745396][ T6185] vhci_hcd: invalid port number 254
[   78.791477][ T6193] loop6: detected capacity change from 0 to 512
[   78.798569][ T6193] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   78.811718][ T6193] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e12c, mo2=0002]
[   78.834599][ T6193] System zones: 1-12
[   78.841102][ T6193] EXT4-fs (loop6): orphan cleanup on readonly fs
[   78.847842][ T6193] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1006: bg 0: block 361: padding at end of block bitmap is not set
[   78.864119][ T6193] EXT4-fs (loop6): Remounting filesystem read-only
[   78.870889][ T6193] EXT4-fs (loop6): 1 truncate cleaned up
[   78.876980][ T6193] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[   78.911365][ T6203] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   78.920722][ T4055] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[   78.931114][ T6203] tipc: Disabling bearer <eth:syzkaller0>
[   79.268015][ T6223] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1018'.
[   80.068327][ T6275] netlink: 'syz.3.1036': attribute type 2 has an invalid length.
[   80.076104][ T6275] netlink: 'syz.3.1036': attribute type 8 has an invalid length.
[   80.083930][ T6275] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1036'.
[   80.094159][ T6276] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1034'.
[   80.157503][ T6286] netlink: 'syz.5.1040': attribute type 7 has an invalid length.
[   80.165388][ T6286] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1040'.
[   80.237609][ T6297] loop6: detected capacity change from 0 to 512
[   80.251915][ T6297] EXT4-fs (loop6): revision level too high, forcing read-only mode
[   80.261118][ T6297] EXT4-fs (loop6): orphan cleanup on readonly fs
[   80.278794][ T6297] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.1046: corrupted inode contents
[   80.291012][ T6297] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #16: comm syz.6.1046: mark_inode_dirty error
[   80.302723][ T6297] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.1046: corrupted inode contents
[   80.316472][ T6297] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #16: comm syz.6.1046: mark_inode_dirty error
[   80.330414][ T6297] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.1046: corrupted inode contents
[   80.342876][ T6297] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[   80.351743][ T6297] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.1046: corrupted inode contents
[   80.364902][ T6297] EXT4-fs error (device loop6): ext4_truncate:4666: inode #16: comm syz.6.1046: mark_inode_dirty error
[   80.376398][ T6297] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[   80.385768][ T6297] EXT4-fs (loop6): 1 truncate cleaned up
[   80.391774][  T309] EXT4-fs error (device loop6): ext4_release_dquot:6973: comm kworker/u8:5: Failed to release dquot type 1
[   80.403996][ T6297] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   80.699608][ T4055] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.784485][ T6317] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1051'.
[   80.815997][ T6322] loop2: detected capacity change from 0 to 512
[   80.850248][ T6322] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.978353][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.082530][ T6337] 9pnet: p9_errstr2errno: server reported unknown error 
[   81.190274][ T6349] netlink: 'syz.4.1064': attribute type 1 has an invalid length.
[   81.214643][ T6352] loop3: detected capacity change from 0 to 1024
[   81.220970][ T6345] syzkaller0: entered promiscuous mode
[   81.221062][ T6345] syzkaller0: entered allmulticast mode
[   81.251728][ T6352] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.255414][ T6349] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.308895][ T6359] 9pnet: p9_errstr2errno: server reported unknown error 
[   81.332580][ T6357] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1065: Allocating blocks 497-513 which overlap fs metadata
[   81.372570][ T6357] EXT4-fs (loop3): pa ffff88810731d8c0: logic 256, phys. 385, len 8
[   81.380646][ T6357] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   81.479714][ T6368] lo speed is unknown, defaulting to 1000
[   81.515727][ T6373] netlink: 'syz.4.1073': attribute type 7 has an invalid length.
[   81.523527][ T6373] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1073'.
[   81.614557][ T6343] loop6: detected capacity change from 0 to 1024
[   81.631256][ T6343] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.643486][ T6343] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.672012][ T6387] netlink: 'syz.4.1078': attribute type 7 has an invalid length.
[   81.679804][ T6387] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1078'.
[   81.878514][ T6357] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.917551][ T6394] loop2: detected capacity change from 0 to 1024
[   81.949227][ T4055] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.951042][ T6394] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.990029][ T6394] ext4 filesystem being mounted at /248/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.047216][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.163751][ T4037] bond1 (unregistering): (slave bridge2): Releasing active interface
[   82.199864][ T6410] netlink: 'syz.6.1083': attribute type 10 has an invalid length.
[   82.272615][ T4037] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   82.283527][ T4037] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   82.301885][ T4037] bond0 (unregistering): (slave dummy0): Releasing backup interface
[   82.310867][ T4037] bond0 (unregistering): Released all slaves
[   82.322971][ T4037] bond1 (unregistering): (slave veth3): Releasing active interface
[   82.331915][ T4037] bond1 (unregistering): Released all slaves
[   82.348308][ T6410] team0: Port device dummy0 added
[   82.372686][ T6398] lo speed is unknown, defaulting to 1000
[   82.387537][ T6419] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1087'.
[   82.411048][ T4037] tipc: Left network mode
[   82.420808][ T6419] bond2: entered promiscuous mode
[   82.425829][ T6419] bond2: entered allmulticast mode
[   82.431401][ T6419] 8021q: adding VLAN 0 to HW filter on device bond2
[   82.441703][ T6419] bond2 (unregistering): Released all slaves
[   82.457413][ T4037] hsr_slave_0: left promiscuous mode
[   82.463176][ T4037] hsr_slave_1: left promiscuous mode
[   82.468792][ T4037] batman_adv: batadv0: Removing interface: batadv_slave_0
[   82.476456][ T4037] batman_adv: batadv0: Removing interface: batadv_slave_1
[   82.539062][ T6428] binfmt_misc: register: failed to install interpreter file ./file2
[   82.561805][ T6423] wg2: entered promiscuous mode
[   82.566716][ T6423] wg2: entered allmulticast mode
[   82.598712][ T6432] loop5: detected capacity change from 0 to 128
[   82.620426][ T6398] chnl_net:caif_netlink_parms(): no params data found
[   82.647831][ T6438] loop6: detected capacity change from 0 to 1024
[   82.656521][ T6438] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   82.667706][ T6438] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[   82.677528][ T6438] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   82.690866][ T6438] EXT4-fs (loop6): invalid journal inode
[   82.696526][ T6438] EXT4-fs (loop6): can't get journal size
[   82.702828][ T6438] EXT4-fs error (device loop6): ext4_protect_reserved_inode:182: inode #3: comm syz.6.1095: blocks 2-2 from inode overlap system zone
[   82.703203][ T6398] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.723683][ T6398] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.730941][ T6398] bridge_slave_0: entered allmulticast mode
[   82.737554][ T6398] bridge_slave_0: entered promiscuous mode
[   82.745716][ T6398] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.752875][ T6398] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.761285][ T6438] EXT4-fs (loop6): failed to initialize system zone (-117)
[   82.761317][ T6398] bridge_slave_1: entered allmulticast mode
[   82.771549][ T6438] EXT4-fs (loop6): mount failed
[   82.776593][ T6398] bridge_slave_1: entered promiscuous mode
[   82.807887][ T6398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.821226][ T6398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.845039][ T6398] team0: Port device team_slave_0 added
[   82.853700][ T6398] team0: Port device team_slave_1 added
[   82.873150][ T6398] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.880254][ T6398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.906180][ T6398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.918484][ T6398] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.925521][ T6398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.951494][ T6398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.987506][ T6398] hsr_slave_0: entered promiscuous mode
[   82.993589][ T6398] hsr_slave_1: entered promiscuous mode
[   82.999636][ T6398] debugfs: 'hsr0' already exists in 'hsr'
[   83.005374][ T6398] Cannot create hsr debugfs directory
[   83.092798][ T6398] netdevsim netdevsim7 netdevsim0: renamed from eth0
[   83.106665][ T6398] netdevsim netdevsim7 netdevsim1: renamed from eth1
[   83.126195][ T6398] netdevsim netdevsim7 netdevsim2: renamed from eth2
[   83.151783][ T6398] netdevsim netdevsim7 netdevsim3: renamed from eth3
[   83.217349][ T6398] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.268693][ T6398] 8021q: adding VLAN 0 to HW filter on device team0
[   83.282251][   T29] kauditd_printk_skb: 85 callbacks suppressed
[   83.282279][   T29] audit: type=1326 audit(1757934591.753:1621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6490 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   83.311970][   T29] audit: type=1326 audit(1757934591.753:1622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6490 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   83.352221][ T4003] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.359451][ T4003] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.371317][ T4003] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.378443][ T4003] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.387609][   T29] audit: type=1326 audit(1757934591.803:1623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6490 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   83.411050][   T29] audit: type=1326 audit(1757934591.803:1624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6490 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   83.434482][   T29] audit: type=1326 audit(1757934591.803:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6490 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   83.458103][   T29] audit: type=1326 audit(1757934591.853:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6490 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   83.481571][   T29] audit: type=1326 audit(1757934591.853:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6490 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   83.504979][   T29] audit: type=1326 audit(1757934591.853:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6490 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   83.560608][   T29] audit: type=1326 audit(1757934591.853:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6490 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   83.584028][   T29] audit: type=1326 audit(1757934592.003:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6490 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc80040eba9 code=0x7ffc0000
[   83.594169][ T6398] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.834291][ T6398] veth0_vlan: entered promiscuous mode
[   83.847322][ T6398] veth1_vlan: entered promiscuous mode
[   83.866876][ T6398] veth0_macvtap: entered promiscuous mode
[   83.875837][ T6398] veth1_macvtap: entered promiscuous mode
[   83.887782][ T6398] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.900689][ T6398] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.912345][ T3996] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.927366][ T3996] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.937487][ T6529] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   83.955404][ T3996] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.964697][ T3996] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.153862][ T6548] netlink: 'syz.4.1124': attribute type 10 has an invalid length.
[   84.172309][ T6548] 
: (slave dummy0): Releasing backup interface
[   84.196437][ T6556] netlink: 68 bytes leftover after parsing attributes in process `syz.7.1126'.
[   84.204853][ T6548] team0: Port device dummy0 added
[   84.220111][ T6556] bond1: entered promiscuous mode
[   84.225171][ T6556] bond1: entered allmulticast mode
[   84.231913][ T6556] 8021q: adding VLAN 0 to HW filter on device bond1
[   84.241753][ T6556] bond1 (unregistering): Released all slaves
[   84.426800][ T6578] loop2: detected capacity change from 0 to 512
[   84.442145][ T6578] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.455049][ T6578] ext4 filesystem being mounted at /253/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.496550][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.692552][ T6602] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1141'.
[   84.726372][ T6602] bond2: entered promiscuous mode
[   84.731507][ T6602] bond2: entered allmulticast mode
[   84.736810][ T6602] 8021q: adding VLAN 0 to HW filter on device bond2
[   84.745236][ T6602] bond2 (unregistering): Released all slaves
[   85.453809][ T6631] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1153'.
[   85.531692][ T6639] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1157'.
[   85.579347][ T6639] bond2: entered promiscuous mode
[   85.584445][ T6639] bond2: entered allmulticast mode
[   85.623918][ T6639] 8021q: adding VLAN 0 to HW filter on device bond2
[   85.659055][ T6639] bond2 (unregistering): Released all slaves
[   85.667474][ T6644] loop6: detected capacity change from 0 to 512
[   85.675113][ T6642] loop5: detected capacity change from 0 to 128
[   85.693978][ T6644] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   85.706931][ T6642] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   85.726764][ T6642] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   85.740308][ T6644] EXT4-fs (loop6): 1 truncate cleaned up
[   85.747637][ T6648] loop2: detected capacity change from 0 to 1024
[   85.764916][ T6644] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.797692][ T6648] EXT4-fs: Ignoring removed mblk_io_submit option
[   85.805279][ T6648] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   85.825272][ T6648] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.904030][ T4055] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.926025][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.695996][ T6659] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.784606][ T6678] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1175'.
[   86.812746][ T6678] bond2: entered promiscuous mode
[   86.817807][ T6678] bond2: entered allmulticast mode
[   86.824819][ T6678] 8021q: adding VLAN 0 to HW filter on device bond2
[   86.849674][ T6678] bond2 (unregistering): Released all slaves
[   87.078930][ T6659] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.144601][ T6659] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.173835][ T6719] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1193'.
[   87.218544][ T6659] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.240829][ T6723] macsec0: entered promiscuous mode
[   87.246210][ T6723] macsec0: entered allmulticast mode
[   87.316878][ T6730] loop2: detected capacity change from 0 to 512
[   87.327523][ T4003] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.340239][ T6730] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   87.347238][ T4003] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.372692][ T6730] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.372709][ T4003] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.405851][ T4003] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.494968][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.913934][ T6766] loop5: detected capacity change from 0 to 1024
[   87.930225][ T6766] EXT4-fs: Ignoring removed oldalloc option
[   87.936207][ T6766] EXT4-fs: Ignoring removed bh option
[   87.952858][ T6766] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.011150][ T4014] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.200237][ T6788] ip6gretap0: left allmulticast mode
[   88.205738][ T6788] ip6gretap0: left promiscuous mode
[   88.211395][ T6788] bridge0: port 3(ip6gretap0) entered disabled state
[   88.219012][ T6788] bridge_slave_0: left promiscuous mode
[   88.224656][ T6788] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.232191][ T6788] bridge_slave_1: left allmulticast mode
[   88.237920][ T6788] bridge_slave_1: left promiscuous mode
[   88.243693][ T6788] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.252353][ T6788] 
: (slave bond_slave_0): Releasing backup interface
[   88.261160][ T6788] 
: (slave bond_slave_1): Releasing backup interface
[   88.269372][ T6788] team0: Port device team_slave_1 removed
[   88.275214][ T6788] batman_adv: batadv0: Removing interface: batadv_slave_0
[   88.286401][ T6788] batman_adv: batadv0: Removing interface: batadv_slave_1
[   88.301777][ T6792] loop6: detected capacity change from 0 to 2048
[   88.329724][ T6792]  loop6: p1 < > p4
[   88.339407][   T29] kauditd_printk_skb: 234 callbacks suppressed
[   88.339502][   T29] audit: type=1326 audit(1757934596.803:1865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.2.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[   88.382281][ T6792] loop6: p4 size 8388608 extends beyond EOD, truncated
[   88.393909][   T29] audit: type=1326 audit(1757934596.813:1866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.2.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[   88.417573][   T29] audit: type=1326 audit(1757934596.813:1867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.2.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[   88.441089][   T29] audit: type=1326 audit(1757934596.813:1868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.2.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[   88.485809][   T29] audit: type=1400 audit(1757934596.953:1869): avc:  denied  { unmount } for  pid=4055 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   88.519652][ T6807] lo speed is unknown, defaulting to 1000
[   88.591215][   T29] audit: type=1400 audit(1757934597.063:1870): avc:  denied  { bind } for  pid=6810 comm="syz.7.1231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   88.628543][ T6811] loop7: detected capacity change from 0 to 1024
[   88.648166][ T6811] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.665920][   T29] audit: type=1400 audit(1757934597.133:1871): avc:  denied  { remount } for  pid=6810 comm="syz.7.1231" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   88.695721][ T6811] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   88.716805][   T23] IPVS: starting estimator thread 0...
[   88.740683][ T6398] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.790033][ T6823] netlink: 292 bytes leftover after parsing attributes in process `syz.2.1235'.
[   88.811885][ T6821] loop7: detected capacity change from 0 to 512
[   88.819381][ T6816] IPVS: using max 2688 ests per chain, 134400 per kthread
[   88.831896][ T6821] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.850325][ T6821] ext4 filesystem being mounted at /file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.863638][ T6821] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.894302][ T6832] netlink: 'syz.2.1238': attribute type 1 has an invalid length.
[   88.902094][ T6832] netlink: 198116 bytes leftover after parsing attributes in process `syz.2.1238'.
[   88.947375][ T6837] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1241'.
[   88.956411][ T6837] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1241'.
[   88.972167][ T6835] loop2: detected capacity change from 0 to 512
[   88.981982][ T6837] bridge0: port 3(macsec1) entered blocking state
[   88.988501][ T6837] bridge0: port 3(macsec1) entered disabled state
[   88.991078][ T6835] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.996052][ T6837] macsec1: entered allmulticast mode
[   89.007735][ T6835] ext4 filesystem being mounted at /280/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   89.023365][ T6837] macsec1: left allmulticast mode
[   89.046979][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.063204][   T29] audit: type=1400 audit(1757934597.533:1872): avc:  denied  { ioctl } for  pid=6842 comm="syz.2.1243" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=19083 ioctlcmd=0x54a5 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   89.090710][   T29] audit: type=1400 audit(1757934597.533:1873): avc:  denied  { read } for  pid=6842 comm="syz.2.1243" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   89.114115][   T29] audit: type=1400 audit(1757934597.533:1874): avc:  denied  { open } for  pid=6842 comm="syz.2.1243" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   89.122204][ T6845] netlink: 'syz.2.1244': attribute type 10 has an invalid length.
[   89.145652][ T6845] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1244'.
[   89.155913][ T6845] veth1_vlan: left promiscuous mode
[   89.162119][ T6845] batman_adv: batadv0: Adding interface: veth1_vlan
[   89.168770][ T6845] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[   89.190233][ T6845] batman_adv: batadv0: Interface activated: veth1_vlan
[   89.224911][ T6850] loop5: detected capacity change from 0 to 1024
[   89.233198][ T6850] EXT4-fs: Ignoring removed orlov option
[   89.251096][ T6850] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   89.264370][ T6850] ext4 filesystem being mounted at /195/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.282185][ T6850] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: comm syz.5.1245: lblock 0 mapped to illegal pblock 0 (length 1)
[   89.296341][ T6850] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[   89.308742][ T6850] EXT4-fs (loop5): This should not happen!! Data will be lost
[   89.308742][ T6850] 
[   89.319836][ T6850] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: comm syz.5.1245: lblock 0 mapped to illegal pblock 0 (length 1)
[   89.334616][ T6850] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[   89.346960][ T6850] EXT4-fs (loop5): This should not happen!! Data will be lost
[   89.346960][ T6850] 
[   89.370779][ T4014] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   89.390185][ T6865] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1251'.
[   89.416909][ T6867] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1253'.
[   89.458811][ T6877] loop7: detected capacity change from 0 to 512
[   89.465703][ T6877] ext4: Unknown parameter 'dont_measure'
[   89.475580][ T6877] loop9: detected capacity change from 0 to 7
[   89.482172][ T6877] Buffer I/O error on dev loop9, logical block 0, async page read
[   89.490107][ T6877] Buffer I/O error on dev loop9, logical block 0, async page read
[   89.498006][ T6877]  loop9: unable to read partition table
[   89.504274][ T6877] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   89.504274][ T6877] 
) failed (rc=-5)
[   89.537686][ T6882] usb usb9: usbfs: process 6882 (syz.7.1261) did not claim interface 0 before use
[   89.547199][ T6882] usb usb9: selecting invalid altsetting 9
[   89.630054][ T6898] loop7: detected capacity change from 0 to 512
[   89.644881][ T6898] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.657614][ T6898] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.694793][ T6398] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.783763][ T6911] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1272'.
[   89.891231][ T6919] loop7: detected capacity change from 0 to 2048
[   89.991553][ T6923] loop7: detected capacity change from 0 to 512
[   90.047036][ T6923] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.060825][ T6923] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.121685][ T6398] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.179768][ T6948] loop6: detected capacity change from 0 to 2048
[   90.212246][ T6948] Alternate GPT is invalid, using primary GPT.
[   90.218623][ T6948]  loop6: p1 p2 p3
[   90.250623][ T6952] syzkaller0: entered promiscuous mode
[   90.256125][ T6952] syzkaller0: entered allmulticast mode
[   90.417113][ T6975] team1: entered promiscuous mode
[   90.422203][ T6975] team1: entered allmulticast mode
[   90.444733][ T6977] netlink: 'syz.2.1300': attribute type 10 has an invalid length.
[   90.454487][ T6977] team0: Port device dummy0 added
[   90.460460][ T6977] netlink: 'syz.2.1300': attribute type 10 has an invalid length.
[   90.468701][ T6977] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   90.478546][ T6977] team0: Failed to send options change via netlink (err -105)
[   90.486517][ T6977] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   90.496422][ T6977] team0: Port device dummy0 removed
[   90.503134][ T6977] 
: (slave dummy0): Enslaving as an active interface with an up link
[   90.672255][ T4126] IPVS: starting estimator thread 0...
[   90.733190][ T4126] Process accounting resumed
[   90.759303][ T6996] IPVS: using max 3024 ests per chain, 151200 per kthread
[   90.793108][ T7016] ref_ctr_offset mismatch. inode: 0x645 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000
[   91.035037][ T7043] loop7: detected capacity change from 0 to 512
[   91.051695][ T7043] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   91.064507][ T7043] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.095276][ T7043] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.1329: Failed to acquire dquot type 0
[   91.113429][ T7057] netlink: 'syz.6.1335': attribute type 4 has an invalid length.
[   91.133518][ T6398] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   91.437259][ T7079] capability: warning: `syz.6.1343' uses deprecated v2 capabilities in a way that may be insecure
[   91.785709][ T7102] loop2: detected capacity change from 0 to 256
[   91.889207][ T7112] netlink: 'syz.7.1358': attribute type 1 has an invalid length.
[   91.905026][ T7112] 8021q: adding VLAN 0 to HW filter on device bond1
[   91.925959][ T7112] bond1: (slave gretap1): making interface the new active one
[   91.930474][ T7118] netlink: 'syz.2.1360': attribute type 1 has an invalid length.
[   91.934621][ T7112] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   91.941259][ T7118] __nla_validate_parse: 9 callbacks suppressed
[   91.941294][ T7118] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.1360'.
[   91.969087][ T7112] vlan2: entered allmulticast mode
[   91.974411][ T7112] bond1: entered allmulticast mode
[   91.979599][ T7112] gretap1: entered allmulticast mode
[   91.986357][ T7112] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[   91.998782][ T7120] loop2: detected capacity change from 0 to 512
[   92.010785][ T7120] EXT4-fs: Ignoring removed mblk_io_submit option
[   92.017572][ T7120] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   92.028845][ T7120] EXT4-fs (loop2): 1 truncate cleaned up
[   92.034817][ T7120] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.660457][ T7158] netlink: 'syz.5.1379': attribute type 1 has an invalid length.
[   92.668221][ T7158] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1379'.
[   92.683725][ T7160] openvswitch: netlink: Message has 6 unknown bytes.
[   92.712244][ T7164] loop5: detected capacity change from 0 to 512
[   92.719807][ T7164] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   92.733046][ T7166] loop7: detected capacity change from 0 to 1024
[   92.754399][ T7166] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.767756][ T7164] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[   92.776009][ T7164] System zones: 0-2, 18-18, 34-34
[   92.782464][ T7164] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.795194][ T7164] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.882105][ T7181] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1385'.
[   92.895361][ T7181] netlink: 236 bytes leftover after parsing attributes in process `syz.6.1385'.
[   92.901697][ T4014] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.931306][ T6398] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.992719][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.008777][ T7191] loop5: detected capacity change from 0 to 512
[   93.017546][ T7191] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   93.037847][ T7191] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   93.055370][ T7191] EXT4-fs (loop5): 1 truncate cleaned up
[   93.055421][ T5023] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=5023 comm=kworker/0:13
[   93.061645][ T7191] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.118181][ T7188] 9pnet: p9_errstr2errno: server reported unknown error 18446744073
[   93.145617][ T7191] lo speed is unknown, defaulting to 1000
[   93.367875][ T7218] netlink: 'syz.7.1400': attribute type 21 has an invalid length.
[   93.375797][ T7218] netlink: 156 bytes leftover after parsing attributes in process `syz.7.1400'.
[   93.386902][ T7220] loop6: detected capacity change from 0 to 2048
[   93.404962][ T4014] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.419252][   T29] kauditd_printk_skb: 196 callbacks suppressed
[   93.419264][   T29] audit: type=1400 audit(1757934601.883:2069): avc:  denied  { read } for  pid=7223 comm="syz.7.1404" dev="nsfs" ino=4026532536 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   93.446820][   T29] audit: type=1400 audit(1757934601.893:2070): avc:  denied  { open } for  pid=7223 comm="syz.7.1404" path="net:[4026532536]" dev="nsfs" ino=4026532536 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   93.473860][ T7226] netlink: 'syz.7.1404': attribute type 1 has an invalid length.
[   93.481743][ T7226] netlink: 224 bytes leftover after parsing attributes in process `syz.7.1404'.
[   93.531667][   T29] audit: type=1400 audit(1757934601.893:2071): avc:  denied  { add_name } for  pid=7219 comm="syz.6.1401" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   93.552715][   T29] audit: type=1400 audit(1757934601.893:2072): avc:  denied  { create } for  pid=7219 comm="syz.6.1401" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   93.573157][   T29] audit: type=1400 audit(1757934601.893:2073): avc:  denied  { read write } for  pid=7219 comm="syz.6.1401" name="file2" dev="loop6" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   93.578443][ T7238] netlink: 'syz.6.1401': attribute type 10 has an invalid length.
[   93.595854][   T29] audit: type=1400 audit(1757934601.893:2074): avc:  denied  { open } for  pid=7219 comm="syz.6.1401" path="/200/file2/file2" dev="loop6" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   93.626739][   T29] audit: type=1400 audit(1757934601.893:2075): avc:  denied  { create } for  pid=7227 comm="syz.5.1403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   93.646367][   T29] audit: type=1400 audit(1757934601.893:2076): avc:  denied  { bind } for  pid=7227 comm="syz.5.1403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   93.665899][   T29] audit: type=1400 audit(1757934601.893:2077): avc:  denied  { setopt } for  pid=7227 comm="syz.5.1403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   93.685420][   T29] audit: type=1400 audit(1757934601.893:2078): avc:  denied  { write } for  pid=7227 comm="syz.5.1403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   93.712499][ T7237] lo speed is unknown, defaulting to 1000
[   93.723609][ T7238] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.732158][ T7238] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   93.761227][ T7242] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   93.774858][ T7242] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.924836][ T7261] loop6: detected capacity change from 0 to 1024
[   93.941950][ T7261] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.000256][ T7267] tmpfs: Unexpected value for 'inode32'
[   94.242057][ T7293] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1430'.
[   94.270956][ T7293] netlink: 236 bytes leftover after parsing attributes in process `syz.2.1430'.
[   94.655244][ T7324] loop7: detected capacity change from 0 to 256
[   94.747150][ T7330] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1445'.
[   94.761975][ T7330] netlink: 236 bytes leftover after parsing attributes in process `syz.7.1445'.
[   94.881861][ T7343] I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   94.909080][ T7343] FAT-fs (loop15): unable to read boot sector
[   95.064829][ T7353] netlink: 'syz.4.1455': attribute type 4 has an invalid length.
[   95.148324][ T7356] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.221853][ T7356] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.303512][ T7356] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.382356][ T7356] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.452213][ T7375] loop2: detected capacity change from 0 to 512
[   95.470718][ T7375] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   95.499806][ T7375] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[   95.521112][ T7375] System zones: 0-2, 18-18, 34-34
[   95.550092][ T7375] ext4 filesystem being mounted at /325/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.580772][ T4003] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.604445][ T4003] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.615963][ T4003] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.628127][ T4003] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.635603][ T7384] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   95.653653][ T7384] vhci_hcd: invalid port number 96
[   95.658871][ T7384] vhci_hcd: default hub control req: 0017 vfffc i0060 l0
[   95.731723][ T7391] wg2: entered promiscuous mode
[   95.736657][ T7391] wg2: entered allmulticast mode
[   95.942909][ T7404] veth1_to_bond: entered allmulticast mode
[   95.954633][ T7404] veth1_to_bond: left allmulticast mode
[   96.089418][ T7414] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.101808][ T7416] loop7: detected capacity change from 0 to 512
[   96.108507][ T7416] EXT4-fs: Ignoring removed mblk_io_submit option
[   96.130111][ T7416] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   96.150861][ T7416] EXT4-fs (loop7): 1 truncate cleaned up
[   96.156867][ T7416] EXT4-fs mount: 6 callbacks suppressed
[   96.156882][ T7416] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.185992][ T7414] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.246306][ T7414] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.308353][ T7426] loop6: detected capacity change from 0 to 1024
[   96.320829][ T7426] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.320917][ T7414] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.490177][ T4055] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.520589][ T4003] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.555737][ T4003] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.580117][ T4003] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.588472][ T4003] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.826930][ T7455] syzkaller1: entered promiscuous mode
[   96.832566][ T7455] syzkaller1: entered allmulticast mode
[   96.841900][ T7457] loop5: detected capacity change from 0 to 256
[   97.039785][ T7467] atomic_op ffff88810a9e4d28 conn xmit_atomic 0000000000000000
[   97.055736][ T7469] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   97.065057][ T7469] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.095523][ T6398] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.124662][ T7477] __nla_validate_parse: 10 callbacks suppressed
[   97.124680][ T7477] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1507'.
[   97.233398][ T3991] bridge_slave_1: left allmulticast mode
[   97.239080][ T3991] bridge_slave_1: left promiscuous mode
[   97.244833][ T3991] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.255777][ T3991] bridge_slave_0: left promiscuous mode
[   97.261504][ T3991] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.321100][ T3991] bond1 (unregistering): (slave bridge1): Releasing active interface
[   97.344835][ T7500] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1514'.
[   97.372123][ T3991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   97.381380][ T3991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   97.391994][ T3991] bond0 (unregistering): (slave batadv0): Releasing backup interface
[   97.402618][ T3991] bond0 (unregistering): Released all slaves
[   97.412378][ T3991] bond1 (unregistering): Released all slaves
[   97.433724][ T7472] lo speed is unknown, defaulting to 1000
[   97.511522][ T3991] tipc: Disabling bearer <udp:s>
[   97.516600][ T3991] tipc: Left network mode
[   97.542989][ T3991] hsr_slave_0: left promiscuous mode
[   97.562507][ T3991] hsr_slave_1: left promiscuous mode
[   97.570508][ T3991] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.609076][ T3991] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.691130][ T3991] team0 (unregistering): Port device team_slave_1 removed
[   97.734149][ T3991] team0 (unregistering): Port device team_slave_0 removed
[   97.755123][ T7526] loop5: detected capacity change from 0 to 512
[   97.808923][ T3991] team0 (unregistering): Port device dummy0 removed
[   97.902294][ T7528] validate_nla: 1 callbacks suppressed
[   97.902311][ T7528] netlink: 'syz.7.1523': attribute type 30 has an invalid length.
[   97.918371][ T7472] chnl_net:caif_netlink_parms(): no params data found
[   98.008779][ T7536] loop5: detected capacity change from 0 to 512
[   98.018103][ T7472] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.025401][ T7472] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.034406][ T7536] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[   98.043479][ T7536] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[   98.052911][ T7472] bridge_slave_0: entered allmulticast mode
[   98.059855][ T7536] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[   98.059942][ T7472] bridge_slave_0: entered promiscuous mode
[   98.060955][ T7472] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.081998][ T7472] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.089314][ T7472] bridge_slave_1: entered allmulticast mode
[   98.096006][ T7472] bridge_slave_1: entered promiscuous mode
[   98.102243][ T7536] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   98.110414][ T7536] System zones: 0-2, 18-18, 34-35
[   98.123956][ T7536] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.147535][ T7472] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.168608][ T7472] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.185504][ T4014] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.223999][ T7472] team0: Port device team_slave_0 added
[   98.231192][ T7472] team0: Port device team_slave_1 added
[   98.255310][ T7472] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.262327][ T7472] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.288407][ T7472] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.302537][ T7472] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.309584][ T7472] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.335654][ T7472] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.367887][ T7472] hsr_slave_0: entered promiscuous mode
[   98.374322][ T7472] hsr_slave_1: entered promiscuous mode
[   98.380330][ T7472] debugfs: 'hsr0' already exists in 'hsr'
[   98.386066][ T7472] Cannot create hsr debugfs directory
[   98.465995][ T7472] netdevsim netdevsim8 netdevsim0: renamed from eth0
[   98.476019][ T7472] netdevsim netdevsim8 netdevsim1: renamed from eth1
[   98.485898][ T7472] netdevsim netdevsim8 netdevsim2: renamed from eth2
[   98.497773][ T7472] netdevsim netdevsim8 netdevsim3: renamed from eth3
[   98.538605][ T7472] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.552643][ T7472] 8021q: adding VLAN 0 to HW filter on device team0
[   98.563908][ T3991] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.571006][ T3991] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.590664][ T7472] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   98.601190][ T7472] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   98.614683][ T3991] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.621757][ T3991] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.678374][ T7472] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.744794][ T7567] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1532'.
[   98.753793][ T7567] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1532'.
[   98.777419][ T7567] bridge0: port 1(macsec1) entered blocking state
[   98.783985][ T7567] bridge0: port 1(macsec1) entered disabled state
[   98.790699][ T7567] macsec1: entered allmulticast mode
[   98.796582][ T7567] macsec1: left allmulticast mode
[   98.841074][ T7472] veth0_vlan: entered promiscuous mode
[   98.857064][ T7472] veth1_vlan: entered promiscuous mode
[   98.865611][   T29] kauditd_printk_skb: 332 callbacks suppressed
[   98.865624][   T29] audit: type=1400 audit(1757934607.333:2411): avc:  denied  { read } for  pid=7577 comm="syz.2.1534" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   98.875011][ T7472] veth0_macvtap: entered promiscuous mode
[   98.899599][   T29] audit: type=1400 audit(1757934607.333:2412): avc:  denied  { open } for  pid=7577 comm="syz.2.1534" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   98.912146][ T7472] veth1_macvtap: entered promiscuous mode
[   98.932552][ T7578] loop2: detected capacity change from 0 to 2048
[   98.939725][ T7472] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.950687][ T7472] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.961485][ T4003] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.970562][   T12] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.979413][   T12] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.991531][   T12] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.020094][ T7578]  loop2: unable to read partition table
[   99.025784][ T7578] loop2: partition table beyond EOD, truncated
[   99.032143][ T7578] loop_reread_partitions: partition scan of loop2 () failed (rc=-5)
[   99.062975][   T29] audit: type=1400 audit(1757934607.533:2413): avc:  denied  { mounton } for  pid=7472 comm="syz-executor" path="/root/syzkaller.8IW7jI/syz-tmp" dev="sda1" ino=2053 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   99.087753][   T29] audit: type=1400 audit(1757934607.533:2414): avc:  denied  { mount } for  pid=7472 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   99.087813][   T29] audit: type=1400 audit(1757934607.533:2415): avc:  denied  { mount } for  pid=7472 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   99.087842][   T29] audit: type=1400 audit(1757934607.533:2416): avc:  denied  { mounton } for  pid=7472 comm="syz-executor" path="/root/syzkaller.8IW7jI/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   99.087863][   T29] audit: type=1400 audit(1757934607.533:2417): avc:  denied  { mounton } for  pid=7472 comm="syz-executor" path="/root/syzkaller.8IW7jI/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=23123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   99.111319][   T29] audit: type=1400 audit(1757934607.583:2418): avc:  denied  { mounton } for  pid=7472 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   99.111726][   T29] audit: type=1400 audit(1757934607.583:2419): avc:  denied  { mount } for  pid=7472 comm="syz-executor" name="/" dev="gadgetfs" ino=4751 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   99.150445][   T29] audit: type=1400 audit(1757934607.623:2420): avc:  denied  { read write } for  pid=7577 comm="syz.2.1534" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   99.377657][ T7594] loop8: detected capacity change from 0 to 512
[   99.395166][ T7594] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[   99.404268][ T7594] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[   99.436183][ T7594] EXT4-fs (loop8): warning: mounting unchecked fs, running e2fsck is recommended
[   99.479410][ T7594] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   99.507660][ T7594] System zones: 0-2, 18-18, 34-35
[   99.518195][ T7594] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.553359][ T7607] team0: Port device dummy0 removed
[   99.570079][ T7607] bridge_slave_0: left promiscuous mode
[   99.575741][ T7607] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.614777][ T7607] bridge_slave_1: left allmulticast mode
[   99.616327][ T7472] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.620590][ T7607] bridge_slave_1: left promiscuous mode
[   99.635179][ T7607] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.648500][ T7607] 
: (slave bond_slave_0): Releasing backup interface
[   99.675767][ T7607] 
: (slave bond_slave_1): Releasing backup interface
[   99.687332][ T7607] team0: Port device team_slave_1 removed
[   99.694275][ T7607] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.708435][ T7607] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.759070][ T7615] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1549'.
[   99.907609][ T7636] netlink: 'syz.7.1558': attribute type 1 has an invalid length.
[   99.925561][ T7636] 8021q: adding VLAN 0 to HW filter on device bond3
[   99.947231][ T7636] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1558'.
[   99.964445][ T7636] bond3 (unregistering): Released all slaves
[  100.863856][ T4003] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.907749][ T7675] netlink: 'syz.4.1576': attribute type 1 has an invalid length.
[  100.933333][ T7675] 8021q: adding VLAN 0 to HW filter on device bond2
[  100.946503][ T7675] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1576'.
[  100.960467][ T7675] bond2 (unregistering): Released all slaves
[  101.101439][ T7676] chnl_net:caif_netlink_parms(): no params data found
[  101.162993][ T7704] syzkaller0: entered promiscuous mode
[  101.168496][ T7704] syzkaller0: entered allmulticast mode
[  101.254985][ T7678] chnl_net:caif_netlink_parms(): no params data found
[  101.280734][ T7676] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.287879][ T7676] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.296695][ T7676] bridge_slave_0: entered allmulticast mode
[  101.303520][ T7676] bridge_slave_0: entered promiscuous mode
[  101.306953][ T7722] loop2: detected capacity change from 0 to 512
[  101.311662][ T7676] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.322684][ T7676] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.330272][ T7676] bridge_slave_1: entered allmulticast mode
[  101.336794][ T7676] bridge_slave_1: entered promiscuous mode
[  101.345752][ T7722] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.358279][ T7722] ext4 filesystem being mounted at /357/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.382029][ T7676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.394428][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.412736][ T7676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.441185][ T7678] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.448290][ T7678] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.455860][ T7678] bridge_slave_0: entered allmulticast mode
[  101.464003][ T7678] bridge_slave_0: entered promiscuous mode
[  101.476724][ T7676] team0: Port device team_slave_0 added
[  101.482909][ T7678] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.490081][ T7678] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.497379][ T7678] bridge_slave_1: entered allmulticast mode
[  101.505651][ T7678] bridge_slave_1: entered promiscuous mode
[  101.517869][ T7676] team0: Port device team_slave_1 added
[  101.533782][ T7678] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.549183][ T7678] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.558857][ T7676] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.565880][ T7676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.591971][ T7676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.608593][ T7676] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.615575][ T7676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.641533][ T7676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.661905][ T7678] team0: Port device team_slave_0 added
[  101.669189][ T7678] team0: Port device team_slave_1 added
[  101.695513][ T7676] hsr_slave_0: entered promiscuous mode
[  101.701837][ T7676] hsr_slave_1: entered promiscuous mode
[  101.707765][ T7676] debugfs: 'hsr0' already exists in 'hsr'
[  101.713518][ T7676] Cannot create hsr debugfs directory
[  101.719317][ T7678] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.726243][ T7678] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.752452][ T7678] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.763724][ T7678] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.770676][ T7678] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.796699][ T7678] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.831076][ T7678] hsr_slave_0: entered promiscuous mode
[  101.837132][ T7678] hsr_slave_1: entered promiscuous mode
[  101.843042][ T7678] debugfs: 'hsr0' already exists in 'hsr'
[  101.848750][ T7678] Cannot create hsr debugfs directory
[  101.939085][ T7676] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  101.950765][ T7678] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.962141][ T7676] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  101.973637][ T7676] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  101.983487][ T7676] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  101.992880][ T7750] netlink: 'syz.4.1594': attribute type 10 has an invalid length.
[  102.000733][ T7750] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1594'.
[  102.014857][ T7678] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.026010][ T7750] dummy0: entered promiscuous mode
[  102.072307][ T7678] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.112516][ T7676] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.131960][ T7676] 8021q: adding VLAN 0 to HW filter on device team0
[  102.141918][ T4037] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.149046][ T4037] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.162048][ T7678] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.181116][ T4037] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.188249][ T4037] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.248888][ T7678] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  102.259457][ T7678] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  102.269090][ T7678] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  102.280086][ T7678] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  102.289921][ T7676] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.326058][ T7678] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.345302][ T7678] 8021q: adding VLAN 0 to HW filter on device team0
[  102.354917][ T3996] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.362164][ T3996] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.381341][ T3996] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.388532][ T3996] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.489262][ T7678] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.510227][ T7676] veth0_vlan: entered promiscuous mode
[  102.521581][ T7676] veth1_vlan: entered promiscuous mode
[  102.543580][ T7676] veth0_macvtap: entered promiscuous mode
[  102.554897][ T7676] veth1_macvtap: entered promiscuous mode
[  102.572584][ T7676] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.585601][ T7676] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.596477][ T3996] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.605770][ T3996] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.619940][ T3996] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.630790][ T3996] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.692613][ T4003] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.710181][ T7809] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1575'.
[  102.736943][ T4003] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.755090][ T7813] ref_ctr_offset mismatch. inode: 0x764 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000
[  102.768388][ T7809] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1575'.
[  102.783212][ T7809] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1575'.
[  102.793065][ T7809] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1575'.
[  102.810347][ T7678] veth0_vlan: entered promiscuous mode
[  102.821165][ T7678] veth1_vlan: entered promiscuous mode
[  102.852099][ T4003] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.869699][ T7678] veth0_macvtap: entered promiscuous mode
[  102.881473][ T7678] veth1_macvtap: entered promiscuous mode
[  102.893393][ T7678] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.905794][ T7678] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.933198][ T3996] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.945608][ T3996] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.966437][ T3996] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.991670][ T7824] loop7: detected capacity change from 0 to 1024
[  102.998528][ T4033] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.999410][ T7824] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.014898][ T4003] bridge_slave_1: left allmulticast mode
[  103.020750][ T4003] bridge_slave_1: left promiscuous mode
[  103.026454][ T4003] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.043020][ T7824] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  103.063316][ T4003] bridge_slave_0: left allmulticast mode
[  103.069007][ T4003] bridge_slave_0: left promiscuous mode
[  103.074796][ T4003] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.080846][ T7830] loop2: detected capacity change from 0 to 2048
[  103.107465][ T7824] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.245715][ T4003] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  103.258343][ T4003] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  103.269781][ T4003] bond0 (unregistering): Released all slaves
[  103.338915][ T4003] hsr_slave_0: left promiscuous mode
[  103.345800][ T4003] hsr_slave_1: left promiscuous mode
[  103.352514][ T4003] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.360075][ T4003] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.376392][ T4003] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.383998][ T4003] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.395093][ T4003] veth1_macvtap: left promiscuous mode
[  103.403064][ T6398] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.414561][ T4003] veth0_macvtap: left promiscuous mode
[  103.435964][ T4003] veth1_vlan: left promiscuous mode
[  103.444055][ T4003] veth0_vlan: left promiscuous mode
[  103.545334][ T4003] team0 (unregistering): Port device team_slave_1 removed
[  103.568365][ T4003] team0 (unregistering): Port device team_slave_0 removed
[  103.711807][ T7879] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1621'.
[  103.724689][ T7879] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1621'.
[  103.749582][ T7879] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1621'.
[  103.760218][ T7879] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1621'.
[  103.783570][ T7881] netlink: 'syz.2.1622': attribute type 30 has an invalid length.
[  103.862796][ T7887] loop9: detected capacity change from 0 to 2048
[  103.953342][ T7892] loop5: detected capacity change from 0 to 1024
[  103.960329][ T7892] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.978045][ T7892] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  103.993537][ T7892] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.040700][ T7887]  loop9: unable to read partition table
[  104.048398][ T7887] loop9: partition table beyond EOD, truncated
[  104.054625][ T7887] loop_reread_partitions: partition scan of loop9 () failed (rc=-5)
[  104.136022][ T7904] ref_ctr_offset mismatch. inode: 0x3b offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000
[  104.172079][ T7910] loop2: detected capacity change from 0 to 512
[  104.180329][ T7910] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  104.194266][ T7910] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  104.230448][ T7910] EXT4-fs (loop2): 1 truncate cleaned up
[  104.236578][ T7910] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.448378][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.472708][   T29] kauditd_printk_skb: 159 callbacks suppressed
[  104.472723][   T29] audit: type=1326 audit(1757934612.943:2580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7920 comm="syz.2.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[  104.478751][ T7921] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1635'.
[  104.483227][   T29] audit: type=1326 audit(1757934612.943:2581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7920 comm="syz.2.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[  104.512330][ T7921] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1635'.
[  104.534617][   T29] audit: type=1326 audit(1757934612.943:2582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7920 comm="syz.2.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[  104.534644][   T29] audit: type=1326 audit(1757934612.943:2583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7920 comm="syz.2.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[  104.534665][   T29] audit: type=1326 audit(1757934612.943:2584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7920 comm="syz.2.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[  104.619077][   T29] audit: type=1326 audit(1757934612.983:2585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7920 comm="syz.2.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[  104.642570][   T29] audit: type=1326 audit(1757934612.983:2586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7920 comm="syz.2.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[  104.665941][   T29] audit: type=1326 audit(1757934613.033:2587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7920 comm="syz.2.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[  104.689473][   T29] audit: type=1326 audit(1757934613.033:2588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7920 comm="syz.2.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[  104.716781][ T7924] tipc: Started in network mode
[  104.721920][ T7924] tipc: Node identity 0000000000005f120000000000000001, cluster identity 4711
[  104.730800][ T7924] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  104.813386][ T7935] I/O error, dev loop19, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  104.822709][ T7935] FAT-fs (loop19): unable to read boot sector
[  105.313887][   T29] audit: type=1326 audit(1757934613.783:2589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.2.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0a3ceba9 code=0x7ffc0000
[  105.343034][ T7943] tipc: Started in network mode
[  105.347960][ T7943] tipc: Node identity 16a73c2267a1, cluster identity 4711
[  105.355137][ T7943] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  105.364598][ T7943] tipc: Disabling bearer <eth:syzkaller0>
[  105.380936][ T7945] loop2: detected capacity change from 0 to 2048
[  105.390560][ T7945] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.414313][ T3307] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  105.429018][ T3307] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  105.451029][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.454978][ T7951] loop9: detected capacity change from 0 to 512
[  105.467071][ T7951] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  105.478260][ T7951] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  105.499729][ T7951] EXT4-fs (loop9): 1 truncate cleaned up
[  105.505997][ T7951] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.610182][ T7970] loop7: detected capacity change from 0 to 512
[  105.629315][ T7970] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.643514][ T7970] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.732467][ T6398] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.764745][ T7676] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.796400][ T7989] loop9: detected capacity change from 0 to 512
[  105.805202][ T7989] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  105.841788][ T7989] EXT4-fs (loop9): 1 truncate cleaned up
[  105.850229][ T7678] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.859047][ T7989] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.879830][ T7996] netlink: 'syz.5.1666': attribute type 1 has an invalid length.
[  105.888467][ T7996] caif0: entered promiscuous mode
[  105.893541][ T7996] caif0: entered allmulticast mode
[  106.027532][ T7997] ==================================================================
[  106.035650][ T7997] BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark
[  106.043645][ T7997] 
[  106.045969][ T7997] write to 0xffff8881004913ec of 4 bytes by task 7989 on cpu 1:
[  106.053686][ T7997]  xas_set_mark+0x12b/0x140
[  106.058201][ T7997]  tag_pages_for_writeback+0xc2/0x290
[  106.063586][ T7997]  ext4_do_writepages+0x6b2/0x2750
[  106.068795][ T7997]  ext4_writepages+0x176/0x300
[  106.073560][ T7997]  do_writepages+0x1c6/0x310
[  106.078252][ T7997]  filemap_write_and_wait_range+0x144/0x340
[  106.084158][ T7997]  filemap_invalidate_pages+0xa4/0x1a0
[  106.089609][ T7997]  kiocb_invalidate_pages+0x6e/0x80
[  106.094792][ T7997]  __iomap_dio_rw+0x5d4/0x1250
[  106.099541][ T7997]  iomap_dio_rw+0x40/0x90
[  106.103943][ T7997]  ext4_file_write_iter+0xad9/0xf00
[  106.109134][ T7997]  iter_file_splice_write+0x663/0xa60
[  106.114496][ T7997]  direct_splice_actor+0x153/0x2a0
[  106.119591][ T7997]  splice_direct_to_actor+0x30f/0x680
[  106.124951][ T7997]  do_splice_direct+0xda/0x150
[  106.129699][ T7997]  do_sendfile+0x380/0x650
[  106.134295][ T7997]  __x64_sys_sendfile64+0x105/0x150
[  106.139570][ T7997]  x64_sys_call+0x2bb0/0x2ff0
[  106.144347][ T7997]  do_syscall_64+0xd2/0x200
[  106.148944][ T7997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.154997][ T7997] 
[  106.157313][ T7997] read to 0xffff8881004913ec of 4 bytes by task 7997 on cpu 0:
[  106.165066][ T7997]  file_write_and_wait_range+0x10e/0x2c0
[  106.170702][ T7997]  generic_buffers_fsync_noflush+0x45/0x120
[  106.176609][ T7997]  ext4_sync_file+0x1ab/0x690
[  106.181454][ T7997]  vfs_fsync_range+0x10d/0x130
[  106.187041][ T7997]  ext4_buffered_write_iter+0x34f/0x3c0
[  106.193179][ T7997]  ext4_file_write_iter+0xdbf/0xf00
[  106.199000][ T7997]  iter_file_splice_write+0x663/0xa60
[  106.204733][ T7997]  direct_splice_actor+0x153/0x2a0
[  106.209890][ T7997]  splice_direct_to_actor+0x30f/0x680
[  106.215583][ T7997]  do_splice_direct+0xda/0x150
[  106.220444][ T7997]  do_sendfile+0x380/0x650
[  106.225050][ T7997]  __x64_sys_sendfile64+0x105/0x150
[  106.230252][ T7997]  x64_sys_call+0x2bb0/0x2ff0
[  106.235367][ T7997]  do_syscall_64+0xd2/0x200
[  106.239919][ T7997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.245809][ T7997] 
[  106.248304][ T7997] value changed: 0x02000021 -> 0x0e000021
[  106.254553][ T7997] 
[  106.256956][ T7997] Reported by Kernel Concurrency Sanitizer on:
[  106.263279][ T7997] CPU: 0 UID: 0 PID: 7997 Comm: syz.9.1662 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  106.274722][ T7997] Tainted: [W]=WARN
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  106.278505][ T7997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  106.288542][ T7997] ==================================================================
[  106.440428][ T3654] syz_tun (unregistering): left allmulticast mode
[  106.679836][ T7989] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.200827][  T309] 
 (unregistering): Released all slaves
[  107.208403][  T309] bond1 (unregistering): Released all slaves
[  107.216492][  T309] bond0 (unregistering): Released all slaves
[  107.243831][  T309] hsr_slave_0: left promiscuous mode
[  107.249625][  T309] hsr_slave_1: left promiscuous mode
[  107.552178][  T309] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.602269][  T309] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.651613][  T309] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.701499][  T309] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.764372][  T309] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.821976][  T309] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.871553][  T309] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.911849][  T309] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.141104][  T309] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.190510][  T309] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.250496][  T309] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.290700][  T309] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.342545][  T309] bridge_slave_1: left allmulticast mode
[  108.348242][  T309] bridge_slave_1: left promiscuous mode
[  108.353906][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.361768][  T309] bridge_slave_0: left allmulticast mode
[  108.367468][  T309] bridge_slave_0: left promiscuous mode
[  108.373137][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.381226][  T309] bridge_slave_1: left allmulticast mode
[  108.386872][  T309] bridge_slave_1: left promiscuous mode
[  108.392557][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.400407][  T309] bridge_slave_0: left allmulticast mode
[  108.406041][  T309] bridge_slave_0: left promiscuous mode
[  108.411716][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.420443][  T309] bridge_slave_1: left allmulticast mode
[  108.426111][  T309] bridge_slave_1: left promiscuous mode
[  108.431845][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.439560][  T309] bridge_slave_0: left allmulticast mode
[  108.445239][  T309] bridge_slave_0: left promiscuous mode
[  108.451033][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.561368][  T309] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  108.571273][  T309] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  108.580811][  T309] bond0 (unregistering): Released all slaves
[  108.631789][  T309] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  108.641897][  T309] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  108.651508][  T309] bond0 (unregistering): Released all slaves
[  108.780772][  T309] 
 (unregistering): (slave dummy0): Releasing backup interface
[  108.789056][  T309] 
 (unregistering): Released all slaves
[  108.796655][  T309] bond0 (unregistering): Released all slaves
[  108.804810][  T309] bond1 (unregistering): Released all slaves
[  108.821930][  T309] bond1 (unregistering): (slave gretap1): Releasing active interface
[  108.830180][  T309] gretap1 (unregistering): left allmulticast mode
[  108.901212][  T309] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  108.910938][  T309] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  108.920514][  T309] bond0 (unregistering): Released all slaves
[  108.928484][  T309] bond1 (unregistering): Released all slaves
[  108.936441][  T309] bond2 (unregistering): Released all slaves
[  108.994292][  T309] tipc: Left network mode
[  108.998819][  T309] tipc: Disabling bearer <udp:syz2>
[  109.004061][  T309] tipc: Left network mode
[  109.019661][  T309] tipc: Left network mode
[  109.027374][  T309] hsr_slave_0: left promiscuous mode
[  109.032943][  T309] hsr_slave_1: left promiscuous mode
[  109.038441][  T309] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  109.045868][  T309] batman_adv: batadv0: Removing interface: batadv_slave_0
[  109.053417][  T309] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  109.060929][  T309] batman_adv: batadv0: Removing interface: batadv_slave_1
[  109.069992][  T309] hsr_slave_0: left promiscuous mode
[  109.075484][  T309] hsr_slave_1: left promiscuous mode
[  109.081057][  T309] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  109.088404][  T309] batman_adv: batadv0: Removing interface: batadv_slave_0
[  109.095835][  T309] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  109.103223][  T309] batman_adv: batadv0: Removing interface: batadv_slave_1
[  109.112168][  T309] hsr_slave_0: left promiscuous mode
[  109.118353][  T309] hsr_slave_1: left promiscuous mode
[  109.124128][  T309] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  109.131204][  T309] batman_adv: batadv0: Removing interface: veth1_vlan
[  109.139999][  T309] hsr_slave_0: left promiscuous mode
[  109.145562][  T309] hsr_slave_1: left promiscuous mode
[  109.151436][  T309] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  109.158839][  T309] batman_adv: batadv0: Removing interface: batadv_slave_0
[  109.166262][  T309] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  109.173657][  T309] batman_adv: batadv0: Removing interface: batadv_slave_1
[  109.187454][  T309] veth1_macvtap: left promiscuous mode
[  109.192979][  T309] veth0_macvtap: left promiscuous mode
[  109.199123][  T309] veth1_vlan: left promiscuous mode
[  109.204385][  T309] veth0_vlan: left promiscuous mode
[  109.210135][  T309] veth1_macvtap: left promiscuous mode
[  109.215582][  T309] veth0_macvtap: left promiscuous mode
[  109.221086][  T309] veth1_vlan: left promiscuous mode
[  109.226274][  T309] veth0_vlan: left promiscuous mode
[  109.232282][  T309] veth1_macvtap: left promiscuous mode
[  109.237734][  T309] veth0_macvtap: left promiscuous mode
[  109.243243][  T309] veth1_vlan: left promiscuous mode
[  109.248432][  T309] veth0_vlan: left promiscuous mode
[  109.356874][  T309] team0 (unregistering): Port device team_slave_1 removed
[  109.365665][  T309] team0 (unregistering): Port device team_slave_0 removed
[  109.412447][  T309] team0 (unregistering): Port device team_slave_1 removed
[  109.421597][  T309] team0 (unregistering): Port device team_slave_0 removed
[  109.501928][  T309] team0 (unregistering): Port device team_slave_1 removed
[  109.511664][  T309] team0 (unregistering): Port device team_slave_0 removed
[  110.403815][  T309] IPVS: stop unused estimator thread 0...