last executing test programs:

3m35.010072386s ago: executing program 32 (id=893):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x2, 0x5, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x61e5cc96}, 0x94)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={r2, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90)

3m29.994128149s ago: executing program 33 (id=1015):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a30000000004c000000060a010400000000000000000100000008000b40000000000900010073797a300000000024000480200001800e000100636f6e6e6c696d69740000000c00028008000140fffffffe14000000110001"], 0xd4}}, 0x0)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

3m28.870169055s ago: executing program 34 (id=1038):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x3804402, &(0x7f0000000240)={[{@user_xattr}, {@abort}, {@resuid}, {@user_xattr}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nolazytime}, {@noinit_itable}, {@nomblk_io_submit}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x8)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x10, 0x6, 0x10001)

3m27.670484292s ago: executing program 2 (id=1063):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="48000000140009050000000000000000021f0000", @ANYRES32=r1, @ANYBLOB="08000100e000000208000200ffff"], 0x48}, 0x1, 0x0, 0x0, 0x24000080}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000)

3m27.568304664s ago: executing program 2 (id=1065):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0xc00, &(0x7f0000000340)=ANY=[], 0x1, 0x388, &(0x7f0000000a40)="$eJzs3c9rI2UYwPFn2jRNumwnB1EUpC960cvQVs9qkF1QAy7djbgKwux2oiFjUmZCJIvYevIq3vwHBJc9LnhYUP+BXrytFy+e7EUQdBFxZH680ySdZNLY0nT7/UCbJ3nfJ3kn7yQ8byBvDt798uNWw7cadlcWSkoMEZFHIhVZEM2IL4qSYU9evPTHw2ev33zvrWqtdmVLqavVGy9tKqVW177/5NNy0u3BsuxXPjiQ0q/7T+4/ffDvjY+avmr6qt3pKlvd6vzStW+5jtpu+i1LqWuuY/uOarZ9x4vbO3F7w+3s7PSV3d6+vLLjOb6v7HZftZy+6nZU1+sr+0O72VaWZanLK1nDfYyVZsip393asqszPuDtGfNw0v4OgmBCs+dV7UURq3ykpX73VMcFAADm0kj9/7WuESqykBaURrIWKEbx8DIgrP91HNX/4WLhsP6/99yP3Uvv3F9N6v8Hxaz6/+Wf4/yh+j989BOv/78duX60Ijr3do/T+X/V/5gPa8OvyN8OV+yJsP4PXw3piv7z9++tRwH1PwAAAAAAAAAAAAAAAAAAAAAA58GjIDCDIDD1pf47/ApBcl1fm/RFY5w76fxLNLnp/C8nOwqk5wMeS9dvLidRYVXE/aJX79Xjy6Rdd1wXU/6JzodEvOHEXtSoQhX5wd3t1ZeShMXof1VEiSuObIgplaH8KL76Ru3KhorF+dHj7/bqRmElzG9IM8rfFFOeyM7fzMwvygvPD+RbYspPt6Ujrmwn72M6/7MNpV5/uzaSX476ZXn19KYDAAAAAIBTYSlVihbP+mOAdP0br98tS2mVwfVxuJaXwfX50c8H0vX1eub6vGA+Uzi74wYAAAAA4CLxi3datus6nt8fG5Qlr4/+8GCkqSA59xwGhSn6DAUPo2BpUp/FgSPs33kziSbfczH5BY1ph+H5fUkCkWkH/+dy9jD0Fq5DTaXsZzUnCMw40Mc/RVbpuFPg+QtTH/JgsBaOR43vYxjhfOXcTzqz4/rItWMPLCfQO+fmdX7qq2/+ynh6p5hBI9m1d7DplfulnCONAmPklr2MPvr8Ck/a34MgdzxL2e8W383yIzMAAAAA5oQu+su+vuW1sx0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX0IlukzYmOOtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAObFfwEAAP//ERfkbQ==")
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
io_setup(0x7d, &(0x7f0000000600)=<r2=>0x0)
io_submit(r2, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000)="96", 0xfffffe10, 0x0, 0x0, 0x0, r1}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r0, 0x0, 0x0, 0xffffffffffffffff}])

3m27.345592147s ago: executing program 2 (id=1075):
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
timer_create(0x3, 0x0, &(0x7f0000001400))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10)
close(r0)

3m26.844200295s ago: executing program 2 (id=1077):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x8000000, 0x238, 0xf8, 0x720d, 0x148, 0xf8, 0x148, 0x1c8, 0x240, 0x240, 0x1c8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)
sendto$inet(r2, 0x0, 0x0, 0x24000080, 0x0, 0x0)

3m26.44832571s ago: executing program 2 (id=1072):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
recvmmsg(r0, &(0x7f0000007640)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000f00)=""/4096, 0x1000}], 0x1}}], 0x1, 0x10000, 0x0)
sendto$inet(r0, &(0x7f0000000580)="17", 0x1, 0x10008095, 0x0, 0x0)

3m26.307035872s ago: executing program 35 (id=1073):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_config_ext={0x2, 0x3}, 0x8, 0xa88, 0x8409, 0x5, 0x0, 0x3c, 0xfffe}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000003d)
close_range(0xffffffffffffffff, r0, 0x0)

3m26.277897573s ago: executing program 2 (id=1076):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYRES16=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000340)='dctcp\x00', 0x6)

3m25.437320645s ago: executing program 36 (id=1078):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f00000012c0)='sys_enter\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r3 = add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)="da", 0x1, r2)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000001c0)=@keyring={'key_or_keyring:', r3})

3m25.437243855s ago: executing program 37 (id=1076):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYRES16=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000340)='dctcp\x00', 0x6)

3m24.788359415s ago: executing program 7 (id=1039):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000140)={'filter\x00', 0x7, 0x4, 0x3e8, 0x218, 0x110, 0x0, 0x300, 0x300, 0x300, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x2b}, 0x1, 0xffffffff}}}, {{@arp={@broadcast, @broadcast, 0xff, 0x0, 0x8, 0xf, {@mac=@remote, {[0xff, 0x7f, 0xff, 0xff]}}, {@empty, {[0x0, 0xff, 0xff, 0xff]}}, 0x7, 0x1, 0x4, 0x9, 0x8, 0x38, 'pim6reg\x00', 'team0\x00', {}, {}, 0x0, 0x112}, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3ee, 'syz0\x00', {0x7}}}}, {{@arp={@rand_addr=0x64010102, @loopback, 0xff, 0x0, 0x0, 0x4, {@empty, {[0x0, 0xff, 0xff, 0x0, 0x0, 0xff]}}, {@mac=@remote, {[0x0, 0x0, 0xff, 0xff]}}, 0x40, 0x4, 0x800, 0x7, 0x0, 0x5, 'xfrm0\x00', 'nicvf0\x00', {}, {0xff}, 0x0, 0x102}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

3m24.769052295s ago: executing program 38 (id=1039):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000140)={'filter\x00', 0x7, 0x4, 0x3e8, 0x218, 0x110, 0x0, 0x300, 0x300, 0x300, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x2b}, 0x1, 0xffffffff}}}, {{@arp={@broadcast, @broadcast, 0xff, 0x0, 0x8, 0xf, {@mac=@remote, {[0xff, 0x7f, 0xff, 0xff]}}, {@empty, {[0x0, 0xff, 0xff, 0xff]}}, 0x7, 0x1, 0x4, 0x9, 0x8, 0x38, 'pim6reg\x00', 'team0\x00', {}, {}, 0x0, 0x112}, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3ee, 'syz0\x00', {0x7}}}}, {{@arp={@rand_addr=0x64010102, @loopback, 0xff, 0x0, 0x0, 0x4, {@empty, {[0x0, 0xff, 0xff, 0x0, 0x0, 0xff]}}, {@mac=@remote, {[0x0, 0x0, 0xff, 0xff]}}, 0x40, 0x4, 0x800, 0x7, 0x0, 0x5, 'xfrm0\x00', 'nicvf0\x00', {}, {0xff}, 0x0, 0x102}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

2m12.462814409s ago: executing program 6 (id=2763):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000e00)=ANY=[@ANYBLOB="000000004c90020052feffff0300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"])

2m12.273812592s ago: executing program 6 (id=2770):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0xc8, 0x0, 0x7, 0x0, 0x3, 0x5, 0x0, 0x0, 0x0, 0xb}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102032900fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)

2m12.186878473s ago: executing program 6 (id=2774):
unshare(0x2040400)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r0, 0x0, 0x7}, 0x18)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r1, &(0x7f0000000780)=[{{&(0x7f0000000300)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4000844)

2m12.140937914s ago: executing program 6 (id=2776):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000240)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000040)='./file0\x00')

2m12.119939804s ago: executing program 6 (id=2779):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, 0x0, 0xc4, 0xc4ffffff, 0x0, 0x0)

2m11.786910869s ago: executing program 6 (id=2785):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1b)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

2m11.777362829s ago: executing program 39 (id=2785):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1b)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

2m0.214619608s ago: executing program 8 (id=3032):
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x40)
r0 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
writev(0xffffffffffffffff, 0x0, 0x0)
getdents(r0, &(0x7f0000000340)=""/101, 0xfec8)

2m0.116354529s ago: executing program 8 (id=3034):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180300002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r0}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0xd)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x80)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce8102031100fe08000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef)

2m0.06218119s ago: executing program 8 (id=3037):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000003c0)={0x2c, r3, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000840}, 0x4000000)

2m0.04967479s ago: executing program 8 (id=3039):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x89901)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)

1m59.997943281s ago: executing program 8 (id=3043):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e0b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r1}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002"], 0x90}}, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1m59.252162591s ago: executing program 8 (id=3064):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)

1m59.200699512s ago: executing program 40 (id=3064):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)

43.807486011s ago: executing program 0 (id=5014):
r0 = socket$kcm(0x2, 0x3, 0x84)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40010)
socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, {0xe}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x4000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000100)='kmem_cache_free\x00', r2, 0x0, 0xfffffffffffffff8}, 0x18)
sendmsg$inet(r0, &(0x7f0000001000)={&(0x7f0000000080)={0x2, 0x29, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x14}, @loopback}}}], 0x20}, 0x4)

43.710205733s ago: executing program 0 (id=5016):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mkdir(&(0x7f0000000000)='./control\x00', 0x20)
r2 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
mkdirat(r2, &(0x7f0000000100)='./control\x00', 0x0)
unlinkat(r2, &(0x7f0000000140)='./control\x00', 0x200)

43.705149873s ago: executing program 0 (id=5017):
r0 = open(&(0x7f00009e1000)='./file1\x00', 0x60840, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7}, 0x94)
fcntl$setlease(r0, 0x400, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a000000070000000300000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r3}, 0x10)
open(&(0x7f00000003c0)='./file1\x00', 0x145142, 0x4)

42.845647995s ago: executing program 0 (id=5052):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)

42.823721356s ago: executing program 0 (id=5054):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000073000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newtfilter={0x44, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {}, {0x7, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_EMATCHES={0x10, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}, @TCA_EMATCH_TREE_LIST={0x4}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20048084}, 0x2008c014)

42.190579005s ago: executing program 0 (id=5063):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000069000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

42.056884227s ago: executing program 41 (id=5063):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000069000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

3.887069854s ago: executing program 9 (id=5822):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095", @ANYRESHEX=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[], 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000a40)={0x2, &(0x7f0000000040)=[{0x5a8, 0x3, 0x6, 0x4}, {0x667, 0x6, 0xe, 0xffff}]})
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x12)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000240)={0xf6, 0x80007, 0x9, 0x401, 0x3, "6c6d1c7d81000000050000000000000000000a", 0xb8b8, 0x788a})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000005c0)=0xb7)
ioctl$GIO_UNIMAP(r1, 0x4b66, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{}]})
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000002c0)={0x4, 0x7, 0xfffff6f4, 0xa, 0x9, "e92bbc1bafa0d951f4e60158276b8a4bb7e7b7", 0x62, 0x9})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000000000, 0x0)
read$msr(r2, 0x0, 0x0)
readv(r1, &(0x7f0000000180)=[{&(0x7f0000000740)=""/174, 0xae}], 0x1)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000500)=ANY=[@ANYRES32, @ANYRESDEC], 0x1, 0x2b9, &(0x7f0000000bc0)="$eJzs3E1oE3kYx/GnTd+XNmVZFnZhd5/dXnaXZWhyXmiDtCIGKtpItSBM7URDxiRkQjRFmghCLx68+HZWQaRQEA+CUOrBk7RIbx689daD9WQRcSSd1iY1jVpbU9rv59A+5Pn/hv+8ZEj+A1n8/+q5eNQxomZG6lvqpL5XCrJcJ51SL2sK8s/5qee/HTtx8nAoHO47qtofGgwEVbXjj+nhi5N/zWR+OP6w43GzzHaeWlwKLsz+PPvL4vvBszFHY44mkhk1dSSZzJgjtqWj1524oXrEtkzH0ljCsdJl/aidTKVyaiZG29tSactx1EzkNG7lNJPUTDqn5hkzllDDMLS9TVDdZPZWaPNu5P6y68pS5pnrNhfEdd3iiy3fcXqosZXz77ol5/+K1/CuBexxJTf1FhF7IhvJRrz/Xj8UlZjYYkm3+OVd8bJw3dtT7sqlUvx7ITgVnv/36RNV7ZRxO7+az2cjvvJ8QPyuz8t4vLr/ULgvoJ7yfKO0leaD4pefKueDFfNN8ndXSd4Qv8yflqTYMjf955uFgYkba/nxgOqBgfCGfKuMrh+me69rdH4AAAAAAAAAANgKQz+quH5vFAdcHlPV9g19L1/yfCCy9nxg4/p8t6q2FgeX5Rvk14aa7joAAAAAAPuGkxuLm7Ztpb+xKH6V347t7L3izqUvH/x7f/UxXT2+ud4XhdRu2K+vKN4O7YpplBeyuvr0ucG+bX6nrBevtmU7davz23zMweGXD6pup1Fsu+mT47OZmZ2/KwEAAADYCesf+nskH32UzQ/9d63WcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYL/Zwk+Ozd2s1NJi8ePdSq1a7yMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA1HwIAAP//r13SAg==")
mkdir(&(0x7f0000000000)='./control\x00', 0x20)
r3 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
mkdirat(r3, &(0x7f0000000300)='./control\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYRES64=r1, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0xfffffffffffffda4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x20, 0x1a, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000005000000000000000500000085100000ffffffff180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000f00000085000000060000000fa6f4ff0800000018370000010000000000000000000000852000000100000018360000020000000000000000000000186700000d0000000000000000000000181000", @ANYRES32=r0, @ANYBLOB="00000000000000001864000010000000000000000100000018110000", @ANYRES32=r0, @ANYBLOB="00fcffffff0000009500000000000000"], &(0x7f00000004c0)='syzkaller\x00', 0x101, 0xe9, &(0x7f0000000880)=""/233, 0x41000, 0x20, '\x00', 0x0, @fallback=0x23, r3, 0x8, &(0x7f0000000980)={0x5, 0x3}, 0x8, 0x10, &(0x7f00000009c0)={0x0, 0x6, 0x10001, 0x9}, 0x10, 0xffffffffffffffff, r5, 0x0, &(0x7f0000000a80)=[r0, r3, r3, r7, r0, r0, 0xffffffffffffffff], 0x0, 0x10, 0x7}, 0x94)
unlinkat(r3, &(0x7f0000000140)='./control\x00', 0x200)
poll(&(0x7f0000b2c000)=[{}], 0x2c, 0xffffffffffbffff8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfdffa000)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)
tkill(0x0, 0x13)

2.978088277s ago: executing program 9 (id=5833):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001000000"], 0x48)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x241a2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x3, @perf_bp={&(0x7f0000000300), 0x1}, 0x0, 0x2, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
shutdown(0xffffffffffffffff, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0xe1002)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000180)=ANY=[@ANYRES8=r0])

2.222276918s ago: executing program 1 (id=5848):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
r3 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x68, 0x14, 0xf0b, 0xfffffffe, 0x0, {0x2, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xfff1, 0x5}, {0x6, 0xffff}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x5, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x200}}, {0x4}}, {{0x1c, 0x1, {0xd, 0x4, 0xc, 0x483, 0x1, 0x0, 0xfffffffc}}, {0x4}}]}]}, 0x68}}, 0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000100b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r4, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c80)={{0x14}, [@NFT_MSG_DELOBJ={0x1c, 0x14, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSET={0x88, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x44, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xe41f}]}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xcc}}, 0x20050800)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000d80)={[{@mblk_io_submit}, {@dioread_nolock}, {@bh}, {@errors_continue}, {@nouid32}, {@quota}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r12}, 0x10)
r13 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r13, 0xc0105512, 0x0)

2.118578429s ago: executing program 9 (id=5850):
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

1.766317504s ago: executing program 5 (id=5853):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x800, 0xfffffffc, 0x7, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'veth0_virt_wifi\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), r3)
sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000340)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000ffdbdf25010000000c00018008000100", @ANYRES32=r4], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x20000)

1.646368756s ago: executing program 5 (id=5854):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x2)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0)
r3 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvfrom$unix(r3, &(0x7f0000000140)=""/263, 0x40000, 0x0, 0x0, 0x0)

1.578334727s ago: executing program 5 (id=5855):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x0, &(0x7f0000000100)})
r0 = io_uring_setup(0x23ea, &(0x7f00000001c0)={0x0, 0xb1d4, 0x400, 0x2, 0x200019f})
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000080)={0x2a, 0x0, 0x1}, 0xc)
read(r1, &(0x7f0000000180)=""/52, 0xfffffdef)
ioctl$BTRFS_IOC_DEV_INFO(r1, 0x890c, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c9vFFUcAPDvTLeFUrWVEBUPptEQSJSWFjD44wB3QvDHzYuVFoIsP0JrtGhiSfBiYrx4IPHkQfwvlOjVk4kHD148GRI0hovG6JrZzi5Lu9tuS5epnc8nmd335s32vYF++97OvLcbQGmN1h93xe6IuJREDLeUVeqPaf2g7Lg7f3xwKtuSqNVe+z2JJN/XOD7Jn4fyF/8zHPHDt0ns7Fte7+z8lXNT1erM5Tw/Pnf+0vjs/JX9Z89PnZk5M3Nh8vnJI4cPHT4yceC+zi9tSR+/9va7wx+feOPLz/9OJr76+UQSR+O304tlreexUUZjNP6s1T5cuj/7dz2y0ZUVpK/5e3JXsnQHm1Ylj5GBiHg8hqOv5X9zOD56pdDGAT1VSyJqQEkl4h9KqjEOaLy37+59cNrjUQnwINw+lj32t4n/Sn5tcCT6I2LPkte1uaS3Llkd33934lq2RY+uwwHtLVzdlqeWxn9Sj82R2F7P7biT3nOdNxsBnMyfs/2vrrP+0SV58Q8PzsLViHii3fh/9fh/syX+31pn/eIfAAAAAAAANs7NYxHxXLv7f2l+b257PF2//5cs3v/78e4KwaMbUP/q9//SWxtQDdDG7WMRL7ed/9uc4zvSl+ceXpwNmJw+W505EBGPRMS+6N+W5SdWqGP/Jzuvdyprnf+XbVn9jbmAeTtuVbbd+5rpqbmp+zlnYNHtqxFPVjrP/8n6/6S1/89lfw8udVnHzj03TnYqWz3+gV6pfRGxt23/nzSPSVb+fI7x+nhgvDEqWO6p9z/9ulP94h+Kk/X/O1aO/5Gk9fN6Ztf28wci4uB8pdapfL3j/4Hk9b7Gz8+8NzU3d3kiYiA5vnz/5NraDFtVIx4a8ZLF/75nVr7+1xz/t8ThYEQsdFnnY/8O/dKpTP8Pxcnif3pN/f/aE5M3Rr7pVH93/f+hep++L9/j+h+srNsALbqdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPB/lEbEQ5GkY810mo6NRQxFxK7YkVYvzs49e/riOxems7L69/+njW/6HV7MJ43v/x9pyU8uyR+MiEcj4rO+wXp+7NTF6nTRJw8AAAAAAAAAAAAAAAAAAACbxFCH9f+ZX/uKbh3Qc5X8WbxD+VSKbgBQGPEP5SX+obzEP5SX+IfyWmf8u10AW4D+H8qqv7vDtve6HUAR9P8AAAAAALCl3HzphetJRCy8OFjfMgN5WfPG4GBRrQN6KS26AUBhzOGF8jL1B8qry8m/wBaWNFN/1dqVd579n/SmQQAAAAAAAAAAAADAMnt33/xp1fX/wJZk/T+Ul/X/UF7W/0N5eY8PrLaK3/p/AAAAAAAAAAAAACje7PyVc1PV6sxlCYnNluiPiE3QjAISA8WHZ8F/mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKb/AgAA//8LDSUP")
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000540)='./file0\x00', 0x410c84, &(0x7f00000004c0), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x94)
ioctl$IMADDTIMER(r2, 0x80044940, 0x0)

1.536198008s ago: executing program 9 (id=5856):
r0 = socket$inet(0xa, 0x801, 0x84)
listen(r0, 0x8)
socket$kcm(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$llc(r1, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r2, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.316939391s ago: executing program 1 (id=5858):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x0, 0xa004}, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
sendto$packet(r0, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

1.315976731s ago: executing program 5 (id=5859):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000080)=0x100, 0x4)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000af8000000160a010300000000000000000100000408000740000000000900020073797a32000000000900020073797a3200000000a40003800800024000000007080001400000000008000240000003ff2c0003801400010067726574617030000000000000000000140001006d6163766c616e30000000000000000054000380140001006e657464657673696d30000000000000140001007465616d5f736c6176655f300000000014000100766c616e31000000000000000000000014000100767863616e310000000000000000000008000240000000040900010073797a30000000000c00054000000000000000010800074000000000580000000c0a01040000000000000000010000060900020073797a30000000000800044000000002080004400000000308000440000000020900020073797a320000000008000440000000020900010073797a310000000048000000080a010400000000000000000a00000508000a40000000021c00074072234881a2966d9912a063d64bb2151c01a69c8ee60f532e08000b400000000408000a400000000120000000060a01040000a28100000000050000040c000640000000009fe6000298000000020a030000000000000000000a00000a0c0004400000000000000002090001"], 0x298}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008000)

1.234958642s ago: executing program 1 (id=5861):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000380)=0xffffffff00000041, 0x8)
bind$vsock_stream(r0, &(0x7f0000000940), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)

1.154671684s ago: executing program 3 (id=5864):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000500), 0x66)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x2a, 0x5}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1}, &(0x7f0000000280), &(0x7f00000002c0)}, 0x20)
io_setup(0x4, &(0x7f00000003c0)=<r3=>0x0)
io_destroy(r3)
getdents64(0xffffffffffffffff, &(0x7f00000000c0)=""/85, 0x55)

1.153952584s ago: executing program 1 (id=5865):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r0)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000003c0)={0x20, r4, 0x5, 0x0, 0x0, {0x22}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}}, 0x2000c094)

1.047560745s ago: executing program 3 (id=5866):
socket$can_raw(0x1d, 0x3, 0x1)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$isdn_base(0x22, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

959.254846ms ago: executing program 1 (id=5867):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r0, &(0x7f00000014c0)=ANY=[], 0x46b)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}, {&(0x7f0000000e80)='\b', 0x1}], 0xa6}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)='\\', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, &(0x7f00000001c0)='\x00'/15, 0xffffffffffffff88, 0x4002045, 0x0, 0x0)

958.834566ms ago: executing program 3 (id=5868):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000100)=0x3915, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x2d, 0x0)
recvmmsg(r2, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

928.947937ms ago: executing program 3 (id=5869):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = syz_io_uring_setup(0x1458, &(0x7f00000004c0)={0x0, 0x3, 0x10180, 0x2000, 0x3ae}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000002c0)=<r3=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='9'], 0x38}}, 0x4000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x9, 0x4004, @fd, 0x7925, 0x0, 0x0, 0x18, 0x1, {0x3}})
io_uring_enter(r1, 0x2d3e, 0xfffffffd, 0x0, 0x0, 0x0)

891.636927ms ago: executing program 3 (id=5870):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
r3 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x68, 0x14, 0xf0b, 0xfffffffe, 0x0, {0x2, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xfff1, 0x5}, {0x6, 0xffff}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x5, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x200}}, {0x4}}, {{0x1c, 0x1, {0xd, 0x4, 0xc, 0x483, 0x1, 0x0, 0xfffffffc}}, {0x4}}]}]}, 0x68}}, 0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000100b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r4, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c80)={{0x14}, [@NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSET={0x88, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x44, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xe41f}]}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd8}}, 0x20050800)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000d80)={[{@mblk_io_submit}, {@dioread_nolock}, {@bh}, {@errors_continue}, {@nouid32}, {@quota}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r11 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r12}, 0x10)
r13 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r13, 0xc0105512, 0x0)

413.279544ms ago: executing program 9 (id=5871):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000c80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kmem_cache_free\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
capset(0x0, 0x0)
set_mempolicy_home_node(&(0x7f0000146000/0x1000)=nil, 0x1000, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)

410.856994ms ago: executing program 5 (id=5872):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x0)
close(r0)

330.035285ms ago: executing program 4 (id=5873):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, '\x00', 0x0, 0x2}, 0x94)
socket$kcm(0xa, 0x2, 0x73)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
close_range(r2, 0xffffffffffffffff, 0x200000000000000)

286.596736ms ago: executing program 5 (id=5874):
socket$can_raw(0x1d, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r0, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0x1}, {0x0}], 0x2}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0xfdef}], 0x1}}], 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x80, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

234.123287ms ago: executing program 4 (id=5875):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
mount$9p_fd(0x0, 0x0, 0x0, 0x80, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
listen(r0, 0x0)
syz_emit_ethernet(0x9a, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd600a8435006406fffe8000000000001200000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="900200"], 0x0)

233.671507ms ago: executing program 4 (id=5876):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4000000000002ab}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r0, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000c00)={0x120, r1, 0x0, 0x70bd2b, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}]}, 0x120}}, 0x8801)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4000000}, 0x6e)
open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x9)

232.010017ms ago: executing program 4 (id=5877):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000040)={0x48, 0x2, 0x6, 0x301, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x48}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

201.130507ms ago: executing program 9 (id=5878):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

200.520937ms ago: executing program 4 (id=5879):
r0 = open(0x0, 0x53f802, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x6, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xb, 0xb76a}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x20000261, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000740)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
close(0xffffffffffffffff)
fsetxattr$security_capability(r0, &(0x7f0000000040), 0x0, 0x0, 0x2)

173.147688ms ago: executing program 4 (id=5880):
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
r2 = dup(r1)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x18)
sendfile(r2, r3, 0x0, 0x8000fffffffe)

98.855859ms ago: executing program 1 (id=5881):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000a40)={0x0, 0x4661, 0x800, 0x3, 0x20e}, &(0x7f0000000540)=<r4=>0x0, &(0x7f0000000680)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r2, 0x0, 0x0})
io_uring_enter(r3, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
close_range(r1, r2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
openat$vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x600000, 0x0)

0s ago: executing program 3 (id=5882):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r3}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x1d, &(0x7f00000001c0), 0x4)

kernel console output (not intermixed with test programs):

romiscuous mode
[  226.136462][T10559] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.160500][   T29] kauditd_printk_skb: 212 callbacks suppressed
[  226.160517][   T29] audit: type=1400 audit(232.134:7341): avc:  denied  { name_bind } for  pid=15480 comm="syz.4.4782" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  226.188183][   T29] audit: type=1400 audit(232.134:7342): avc:  denied  { node_bind } for  pid=15480 comm="syz.4.4782" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  226.249353][   T29] audit: type=1400 audit(232.224:7343): avc:  denied  { watch watch_reads } for  pid=15489 comm="syz.1.4783" path="/367/file0" dev="tmpfs" ino=1937 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  226.294484][T15493] vlan2: entered allmulticast mode
[  226.316961][   T29] audit: type=1400 audit(232.254:7344): avc:  denied  { execute_no_trans } for  pid=15489 comm="syz.1.4783" path="/367/file0" dev="tmpfs" ino=1937 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  226.340197][   T29] audit: type=1400 audit(232.254:7345): avc:  denied  { ioctl } for  pid=15491 comm="syz.4.4784" path="socket:[54355]" dev="sockfs" ino=54355 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  226.340231][   T29] audit: type=1326 audit(232.284:7346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15497 comm="syz.9.4786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9282c1e929 code=0x7ffc0000
[  226.387486][   T29] audit: type=1326 audit(232.284:7347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15497 comm="syz.9.4786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9282c1e929 code=0x7ffc0000
[  226.410551][   T29] audit: type=1326 audit(232.284:7348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15497 comm="syz.9.4786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9282c1e929 code=0x7ffc0000
[  226.410617][   T29] audit: type=1326 audit(232.284:7349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15497 comm="syz.9.4786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9282c1e929 code=0x7ffc0000
[  226.410650][   T29] audit: type=1326 audit(232.284:7350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15497 comm="syz.9.4786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9282c1e929 code=0x7ffc0000
[  226.496177][T15498] loop9: detected capacity change from 0 to 128
[  226.496907][T15498] vfat: Unknown parameter 'ÿÿÿÿ18446744073709551615'
[  227.124219][T15528] loop4: detected capacity change from 0 to 512
[  227.131047][T15528] EXT4-fs: Ignoring removed mblk_io_submit option
[  227.137562][T15528] EXT4-fs: Ignoring removed bh option
[  227.147591][T15528] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  227.307094][T15528] EXT4-fs (loop4): 1 truncate cleaned up
[  227.313506][T15528] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.417238][T15536] SELinux:  policydb version 0 does not match my version range 15-34
[  227.429136][T15536] SELinux: failed to load policy
[  227.807987][T15556] loop0: detected capacity change from 0 to 512
[  227.814650][T15556] EXT4-fs: Ignoring removed mblk_io_submit option
[  227.821254][T15556] EXT4-fs: Ignoring removed bh option
[  227.827615][T15556] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  227.840849][T15556] EXT4-fs (loop0): 1 truncate cleaned up
[  227.847220][T15556] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.921331][ T6205] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.438998][T15606] loop1: detected capacity change from 0 to 512
[  228.445780][T15606] EXT4-fs: Ignoring removed mblk_io_submit option
[  228.452406][T15606] EXT4-fs: Ignoring removed bh option
[  228.484869][T15606] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  228.497697][ T8518] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.509923][T15606] EXT4-fs (loop1): 1 truncate cleaned up
[  228.516243][T15606] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.824668][T15625] loop4: detected capacity change from 0 to 256
[  228.833010][T15625] FAT-fs (loop4): bogus number of FAT sectors
[  228.839333][T15625] FAT-fs (loop4): Can't find a valid FAT filesystem
[  228.839365][T15618] loop9: detected capacity change from 0 to 8192
[  228.950338][T15630] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  229.028949][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.208953][T15655] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  229.219813][T15655] netlink: 32 bytes leftover after parsing attributes in process `+}[@'.
[  229.365518][T15669] vlan1: entered allmulticast mode
[  229.408918][T15672] ip6gre2: entered allmulticast mode
[  229.769706][T15701] loop0: detected capacity change from 0 to 1024
[  229.788289][T15701] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.821440][T15701] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.4867: Allocating blocks 497-513 which overlap fs metadata
[  229.839812][T15708] veth0: entered promiscuous mode
[  229.845211][T15708] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4869'.
[  229.858479][T15699] EXT4-fs (loop0): pa ffff888106a1dd20: logic 128, phys. 273, len 15
[  229.866692][T15699] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  229.881485][T15708] veth0 (unregistering): left promiscuous mode
[  229.905019][ T8518] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.926953][T15711] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4870'.
[  229.936041][T15711] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4870'.
[  229.961213][T15711] wireguard0: entered promiscuous mode
[  229.966806][T15711] wireguard0: entered allmulticast mode
[  230.024616][T15720] netlink: zone id is out of range
[  230.029841][T15720] netlink: zone id is out of range
[  230.034997][T15720] netlink: zone id is out of range
[  230.040153][T15720] netlink: zone id is out of range
[  230.045287][T15720] netlink: zone id is out of range
[  230.069231][T15724] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4876'.
[  230.130787][T15730] vlan2: entered allmulticast mode
[  230.136003][T15730] dummy0: entered allmulticast mode
[  230.170392][T15735] loop9: detected capacity change from 0 to 512
[  230.180668][T15735] EXT4-fs: Ignoring removed nobh option
[  230.182922][T15740] tipc: New replicast peer: 255.255.255.255
[  230.188131][T15735] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -13
[  230.192548][T15740] tipc: Enabled bearer <udp:syz2>, priority 10
[  230.202395][T15735] EXT4-fs error (device loop9): ext4_clear_blocks:876: inode #13: comm syz.9.4880: attempt to clear invalid blocks 2 len 1
[  230.221319][T15735] EXT4-fs (loop9): Remounting filesystem read-only
[  230.228189][T15735] EXT4-fs (loop9): 1 truncate cleaned up
[  230.234335][T15735] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.297543][T10559] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.440634][T15762] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4894'.
[  230.449814][T15762] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4894'.
[  230.551421][T15766] SELinux: failed to load policy
[  230.784004][T15778] netlink: 'syz.1.4901': attribute type 4 has an invalid length.
[  230.791837][T15778] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.4901'.
[  231.006695][T15789] loop1: detected capacity change from 0 to 512
[  231.013539][T15789] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  231.022511][T15789] EXT4-fs (loop1): invalid journal inode
[  231.028207][T15789] EXT4-fs (loop1): can't get journal size
[  231.034600][T15789] EXT4-fs (loop1): 1 truncate cleaned up
[  231.040936][T15789] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.071351][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.085237][T15792] bond_slave_1: entered promiscuous mode
[  231.091282][T15791] bond_slave_1: left promiscuous mode
[  231.176206][   T29] kauditd_printk_skb: 214 callbacks suppressed
[  231.176222][   T29] audit: type=1326 audit(237.144:7565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.1.4908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f430c2a58e7 code=0x7ffc0000
[  231.188804][T15808] loop0: detected capacity change from 0 to 1024
[  231.207541][   T29] audit: type=1326 audit(237.154:7566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.1.4908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f430c24ab19 code=0x7ffc0000
[  231.213091][T15808] EXT4-fs: Ignoring removed nobh option
[  231.234638][   T29] audit: type=1326 audit(237.154:7567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.1.4908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  231.234924][   T29] audit: type=1326 audit(237.184:7568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.1.4908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f430c2a58e7 code=0x7ffc0000
[  231.242958][T15808] EXT4-fs: Ignoring removed oldalloc option
[  231.263195][   T29] audit: type=1326 audit(237.184:7569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.1.4908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f430c24ab19 code=0x7ffc0000
[  231.315054][   T29] audit: type=1326 audit(237.184:7570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.1.4908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  231.369559][   T29] audit: type=1326 audit(237.214:7571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.1.4908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f430c2a58e7 code=0x7ffc0000
[  231.392531][   T29] audit: type=1326 audit(237.214:7572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.1.4908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f430c24ab19 code=0x7ffc0000
[  231.396422][T15808] EXT4-fs: Ignoring removed orlov option
[  231.415369][   T29] audit: type=1326 audit(237.214:7573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.1.4908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  231.444172][   T29] audit: type=1326 audit(237.294:7574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.1.4908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f430c2a58e7 code=0x7ffc0000
[  231.474330][T15808] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.558251][T15825] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4921'.
[  231.568584][T15808] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.4915: Allocating blocks 497-513 which overlap fs metadata
[  231.618944][T15828] loop4: detected capacity change from 0 to 2048
[  231.625867][T15828] EXT4-fs: Ignoring removed mblk_io_submit option
[  231.672926][ T8518] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.687771][T15828] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.715467][T15834] veth0: entered promiscuous mode
[  231.724836][T15828] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.012053][T15850] loop3: detected capacity change from 0 to 512
[  232.018928][T15850] EXT4-fs: Ignoring removed mblk_io_submit option
[  232.025529][T15850] EXT4-fs: Ignoring removed bh option
[  232.033985][T15850] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  232.109811][T15850] EXT4-fs (loop3): 1 truncate cleaned up
[  232.116390][T15850] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.180839][T15854] netlink: 'syz.1.4932': attribute type 4 has an invalid length.
[  232.614468][T10589] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.666425][T15874] loop3: detected capacity change from 0 to 512
[  232.690668][T15874] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  232.711989][T15874] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.745547][T10589] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.811811][T15889] netlink: 'syz.3.4946': attribute type 10 has an invalid length.
[  232.829364][T15889] geneve1: entered promiscuous mode
[  232.835255][T15889] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.844105][T15889] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.852888][T15889] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.861704][T15889] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.911359][T15889] bond0: (slave geneve1): Enslaving as an active interface with an up link
[  233.031267][T15905] syzkaller0: entered promiscuous mode
[  233.036911][T15905] syzkaller0: entered allmulticast mode
[  233.060735][T15907] can0: slcan on ttyS3.
[  233.166784][T15906] can0 (unregistered): slcan off ttyS3.
[  233.207599][T15919] bridge0: entered promiscuous mode
[  233.213056][T15919] macsec0: entered promiscuous mode
[  233.219424][T15919] bridge0: port 4(macsec0) entered blocking state
[  233.225899][T15919] bridge0: port 4(macsec0) entered disabled state
[  233.233174][T15919] macsec0: entered allmulticast mode
[  233.238544][T15919] bridge0: entered allmulticast mode
[  233.244563][T15919] macsec0: left allmulticast mode
[  233.249721][T15919] bridge0: left allmulticast mode
[  233.256812][T15919] bridge0: left promiscuous mode
[  233.553425][T15954] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(7)
[  233.560087][T15954] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  233.567787][T15954] vhci_hcd vhci_hcd.0: Device attached
[  233.611838][T15956] vhci_hcd: connection closed
[  233.612203][ T3623] vhci_hcd: stop threads
[  233.621274][ T3623] vhci_hcd: release socket
[  233.625882][ T3623] vhci_hcd: disconnect device
[  233.687721][T15975] loop0: detected capacity change from 0 to 128
[  234.203710][T16001] SELinux:  Context system_u:object is not valid (left unmapped).
[  234.551306][T16024] loop3: detected capacity change from 0 to 512
[  234.569834][T16024] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.658225][T16024] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.5005: corrupted inode contents
[  234.670446][T16024] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm syz.3.5005: mark_inode_dirty error
[  234.683645][T16024] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.5005: corrupted inode contents
[  234.695914][T16024] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.5005: mark_inode_dirty error
[  234.708538][T16024] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.5005: mark inode dirty (error -117)
[  234.721789][T16024] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  234.760038][T16039] loop1: detected capacity change from 0 to 512
[  234.772371][T10589] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.851289][T16039] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.944552][T16045] loop9: detected capacity change from 0 to 512
[  234.951536][T16045] EXT4-fs: Ignoring removed mblk_io_submit option
[  234.958057][T16045] EXT4-fs: Ignoring removed bh option
[  234.965457][T16045] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  234.980058][T16045] EXT4-fs (loop9): 1 truncate cleaned up
[  234.987055][T16045] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.243957][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.474726][T10559] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.530720][T16085] loop9: detected capacity change from 0 to 2048
[  235.538464][T16085] EXT4-fs (loop9): Invalid log block size: 524290
[  235.669513][T16096] loop4: detected capacity change from 0 to 512
[  235.697661][T16096] EXT4-fs: Ignoring removed bh option
[  235.711726][T16096] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  235.721029][T16096] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  235.735717][T16096] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  235.747357][T16096] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  235.756110][T16096] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.783917][ T6205] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.784161][T16103] SELinux: failed to load policy
[  235.839729][T16101] loop3: detected capacity change from 0 to 8192
[  235.963370][T16120] random: crng reseeded on system resumption
[  236.229424][   T29] kauditd_printk_skb: 367 callbacks suppressed
[  236.229442][   T29] audit: type=1326 audit(242.204:7942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16147 comm="syz.3.5059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087ea9e929 code=0x7ffc0000
[  236.259257][   T29] audit: type=1326 audit(242.234:7943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16147 comm="syz.3.5059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f087ea9e929 code=0x7ffc0000
[  236.282528][   T29] audit: type=1326 audit(242.234:7944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16147 comm="syz.3.5059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f087ea9e963 code=0x7ffc0000
[  236.440440][T16148] loop3: detected capacity change from 0 to 8192
[  236.477095][T16152] loop4: detected capacity change from 0 to 512
[  236.483861][T16152] EXT4-fs: Ignoring removed mblk_io_submit option
[  236.490470][T16152] EXT4-fs: Ignoring removed bh option
[  236.497358][T16152] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  236.571519][T16152] EXT4-fs (loop4): 1 truncate cleaned up
[  236.578082][T16152] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.698394][   T29] audit: type=1326 audit(242.324:7945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16147 comm="syz.3.5059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f087ea9d3df code=0x7ffc0000
[  236.721342][   T29] audit: type=1326 audit(242.414:7946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16147 comm="syz.3.5059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f087ea9e9b7 code=0x7ffc0000
[  236.744283][   T29] audit: type=1326 audit(242.414:7947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16147 comm="syz.3.5059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f087ea9d290 code=0x7ffc0000
[  236.767328][   T29] audit: type=1326 audit(242.414:7948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16147 comm="syz.3.5059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f087ea9e52b code=0x7ffc0000
[  236.790149][   T29] audit: type=1326 audit(242.424:7949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16147 comm="syz.3.5059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f087ea9d58a code=0x7ffc0000
[  236.812952][   T29] audit: type=1326 audit(242.424:7950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16147 comm="syz.3.5059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f087ea9d58a code=0x7ffc0000
[  236.835708][   T29] audit: type=1326 audit(242.424:7951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16147 comm="syz.3.5059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f087ea9d197 code=0x7ffc0000
[  236.982466][ T6205] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.016165][T16171] __nla_validate_parse: 5 callbacks suppressed
[  237.016180][T16171] netlink: 2 bytes leftover after parsing attributes in process `syz.4.5067'.
[  237.018450][T16165] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5065'.
[  237.040417][T16165] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5065'.
[  237.049504][T16165] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5065'.
[  237.155380][T16184] loop4: detected capacity change from 0 to 128
[  237.171469][T16188] loop3: detected capacity change from 0 to 1024
[  237.175417][T16184] vfat: Unknown parameter 'ÿÿÿÿ18446744073709551615'
[  237.180356][T16188] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  237.195859][T16188] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  237.207514][T16188] JBD2: no valid journal superblock found
[  237.213349][T16188] EXT4-fs (loop3): Could not load journal inode
[  237.253302][T16166] chnl_net:caif_netlink_parms(): no params data found
[  237.314428][T16166] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.321630][T16166] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.343425][T16166] bridge_slave_0: entered allmulticast mode
[  237.350794][T16166] bridge_slave_0: entered promiscuous mode
[  237.357810][T16166] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.364926][T16166] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.372195][T16166] bridge_slave_1: entered allmulticast mode
[  237.378983][T16166] bridge_slave_1: entered promiscuous mode
[  237.398046][T16166] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.408982][T16166] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.429833][T16166] team0: Port device team_slave_0 added
[  237.436682][T16166] team0: Port device team_slave_1 added
[  237.454452][T16166] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.461496][T16166] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.487581][T16166] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.498972][T16166] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.505955][T16166] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.528017][T16200] loop3: detected capacity change from 0 to 128
[  237.532124][T16166] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  237.542540][T16200] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  237.571711][T16166] hsr_slave_0: entered promiscuous mode
[  237.577892][T16166] hsr_slave_1: entered promiscuous mode
[  237.583878][T16166] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  237.591511][T16166] Cannot create hsr debugfs directory
[  237.626006][T10589] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  237.648235][T16206] loop3: detected capacity change from 0 to 512
[  237.660278][T16206] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.745072][T10589] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.823461][T16221] loop9: detected capacity change from 0 to 128
[  237.832121][T16221] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  237.851200][T16224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  237.864320][T16166] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  237.871797][T16224] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  237.882148][T16166] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  237.890989][T10559] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  237.891999][T16166] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  237.910708][T16166] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  237.928762][T16226] $Hÿ: renamed from bond0 (while UP)
[  237.936077][T16226] $Hÿ: entered promiscuous mode
[  237.941339][T16226] bond_slave_0: entered promiscuous mode
[  237.947181][T16226] bond_slave_1: entered promiscuous mode
[  237.959792][T16166] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.966919][T16166] bridge0: port 2(bridge_slave_1) entered forwarding state
[  237.974428][T16166] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.981536][T16166] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.019581][ T3605] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.027788][ T3605] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.037673][T16236] loop9: detected capacity change from 0 to 164
[  238.061781][T16166] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.081245][T16236] bio_check_eod: 50 callbacks suppressed
[  238.081261][T16236] syz.9.5086: attempt to access beyond end of device
[  238.081261][T16236] loop9: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  238.085071][T16166] 8021q: adding VLAN 0 to HW filter on device team0
[  238.100955][T16236] syz.9.5086: attempt to access beyond end of device
[  238.100955][T16236] loop9: rw=0, sector=263328, nr_sectors = 4 limit=164
[  238.127956][ T3605] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.135110][ T3605] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.148876][T16243] loop1: detected capacity change from 0 to 512
[  238.160622][ T3605] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.167829][ T3605] bridge0: port 2(bridge_slave_1) entered forwarding state
[  238.171921][T16245] loop4: detected capacity change from 0 to 512
[  238.191329][T16166] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  238.201928][T16166] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  238.224373][T16243] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.304247][T16166] 8021q: adding VLAN 0 to HW filter on device batadv0
[  238.342857][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.429693][T16166] veth0_vlan: entered promiscuous mode
[  238.438125][T16166] veth1_vlan: entered promiscuous mode
[  238.460400][T16166] veth0_macvtap: entered promiscuous mode
[  238.467692][T16166] veth1_macvtap: entered promiscuous mode
[  238.478765][T16166] batman_adv: batadv0: Interface activated: batadv_slave_0
[  238.492216][T16166] batman_adv: batadv0: Interface activated: batadv_slave_1
[  238.502753][T16166] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  238.511749][T16166] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  238.520530][T16166] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  238.529304][T16166] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  238.582831][T16283] loop1: detected capacity change from 0 to 512
[  238.589673][T16283] ext4: Unknown parameter 'noacl'
[  239.006037][T16307] loop1: detected capacity change from 0 to 512
[  239.013008][T16307] EXT4-fs: Ignoring removed mblk_io_submit option
[  239.019547][T16307] EXT4-fs: Ignoring removed bh option
[  239.059245][T16307] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  239.089355][T16307] EXT4-fs (loop1): 1 truncate cleaned up
[  239.095807][T16307] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.393011][T16320] serio: Serial port ptm1
[  239.523323][T16326] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  239.598681][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.751291][T16350] loop1: detected capacity change from 0 to 512
[  239.759858][T16350] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  239.770972][T16350] EXT4-fs (loop1): 1 truncate cleaned up
[  239.777062][T16350] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.837314][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.137757][T16359] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5124'.
[  240.473130][T16371] loop1: detected capacity change from 0 to 512
[  240.480199][T16371] EXT4-fs: Ignoring removed mblk_io_submit option
[  240.486689][T16371] EXT4-fs: Ignoring removed bh option
[  240.764169][T16371] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  240.777613][T16371] EXT4-fs (loop1): 1 truncate cleaned up
[  240.783830][T16371] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.824985][T16379] bridge: RTM_NEWNEIGH with invalid ether address
[  240.881584][T16385] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5135'.
[  241.054935][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.091884][T16402] loop1: detected capacity change from 0 to 128
[  241.125708][T16402] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  241.135870][T16402] FAT-fs (loop1): Filesystem has been set read-only
[  241.154868][T16402] syz.1.5144: attempt to access beyond end of device
[  241.154868][T16402] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  241.161114][T16405] loop5: detected capacity change from 0 to 128
[  241.171445][T16402] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  241.185843][T16402] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  241.212510][T16407] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  241.214369][T16405] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  241.220461][T16407] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  241.247717][T16402] syz.1.5144: attempt to access beyond end of device
[  241.247717][T16402] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  241.267022][T16402] syz.1.5144: attempt to access beyond end of device
[  241.267022][T16402] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  241.281785][T16402] syz.1.5144: attempt to access beyond end of device
[  241.281785][T16402] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  241.292766][T16410] 8021q: adding VLAN 0 to HW filter on device bond1
[  241.297414][T16402] syz.1.5144: attempt to access beyond end of device
[  241.297414][T16402] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  241.323388][T16407] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  241.324736][T16402] syz.1.5144: attempt to access beyond end of device
[  241.324736][T16402] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  241.331303][T16407] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  241.347961][T16410] bridge0: port 3(bond1) entered blocking state
[  241.355554][T16402] syz.1.5144: attempt to access beyond end of device
[  241.355554][T16402] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  241.360049][T16410] bridge0: port 3(bond1) entered disabled state
[  241.368981][T16415] loop4: detected capacity change from 0 to 128
[  241.375982][T16402] syz.1.5144: attempt to access beyond end of device
[  241.375982][T16402] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  241.391991][T16410] bond1: entered allmulticast mode
[  241.423392][T16166] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  241.436184][T16410] bond1: entered promiscuous mode
[  241.506153][T16423] wg2: entered promiscuous mode
[  241.511119][T16423] wg2: entered allmulticast mode
[  241.560209][   T29] kauditd_printk_skb: 467 callbacks suppressed
[  241.560228][   T29] audit: type=1400 audit(247.534:8419): avc:  denied  { write } for  pid=16425 comm="syz.9.5151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  241.669606][   T29] audit: type=1326 audit(247.644:8420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16441 comm="syz.4.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  241.695500][T16442] loop4: detected capacity change from 0 to 128
[  241.728235][T16442] vfat: Unknown parameter 'ÿÿÿÿ18446744073709551615'
[  241.751019][   T29] audit: type=1326 audit(247.644:8421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16441 comm="syz.4.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  241.774228][   T29] audit: type=1326 audit(247.644:8422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16441 comm="syz.4.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  241.797157][   T29] audit: type=1326 audit(247.644:8423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16441 comm="syz.4.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  241.820116][   T29] audit: type=1326 audit(247.644:8424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16441 comm="syz.4.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  241.843040][   T29] audit: type=1326 audit(247.644:8425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16441 comm="syz.4.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  241.866185][   T29] audit: type=1326 audit(247.644:8426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16441 comm="syz.4.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  241.889213][   T29] audit: type=1326 audit(247.644:8427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16441 comm="syz.4.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  241.912065][   T29] audit: type=1326 audit(247.644:8428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16441 comm="syz.4.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  242.123170][T16477] tipc: New replicast peer: 255.255.255.255
[  242.129552][T16477] tipc: Enabled bearer <udp:sy>, priority 10
[  242.320582][T16497] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16497 comm=syz.5.5178
[  242.441665][T16501] syzkaller0: entered promiscuous mode
[  242.447303][T16501] syzkaller0: entered allmulticast mode
[  242.458893][ T3623] syzkaller0: tun_net_xmit 48
[  242.477194][T16501] syzkaller0: tun_net_xmit 1280
[  242.482231][T16501] syzkaller0: create flow: hash 344709803 index 1
[  242.492762][T16500] syzkaller0: delete flow: hash 344709803 index 1
[  242.516279][T16512] loop3: detected capacity change from 0 to 1024
[  242.551578][T16514] netlink: 256 bytes leftover after parsing attributes in process `syz.1.5186'.
[  242.563379][T16512] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.592869][T16512] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.5185: attempt to clear invalid blocks 1886221359 len 1
[  242.625343][T10589] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.638433][T16526] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  242.754073][T16542] loop3: detected capacity change from 0 to 128
[  242.761043][T16542] vfat: Unknown parameter 'ÿÿÿÿ18446744073709551615'
[  242.845169][T16545] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5198'.
[  242.857274][T16545] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  242.866268][T16545] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  242.875072][T16545] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  242.883844][T16545] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  242.899566][T16545] netdevsim netdevsim9 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  242.908566][T16545] netdevsim netdevsim9 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  242.917474][T16545] netdevsim netdevsim9 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  242.926674][T16545] netdevsim netdevsim9 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  243.080586][T16552] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  243.178496][T16556] pim6reg1: entered promiscuous mode
[  243.183927][T16556] pim6reg1: entered allmulticast mode
[  243.256653][T15286] tipc: Node number set to 4111545457
[  243.414363][T16574] 9pnet_fd: Insufficient options for proto=fd
[  243.617726][T16598] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5219'.
[  243.718157][T16613] loop5: detected capacity change from 0 to 512
[  243.732881][T16613] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  243.756835][T16613] EXT4-fs (loop5): 1 truncate cleaned up
[  243.763036][T16613] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.797140][T16166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.982878][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  243.990732][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  243.998257][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.005656][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.013153][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.020603][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.028076][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.035497][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.043028][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.050549][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.058022][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.065454][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.073271][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.080716][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.088155][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.095594][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.102994][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.110471][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.117993][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.125393][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.132791][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.140306][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.147756][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.155218][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.162646][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.170330][T15272] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  244.178384][T15272] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[  244.687278][T16673] loop4: detected capacity change from 0 to 8192
[  244.841007][T16697] ip6gre3: entered allmulticast mode
[  244.921021][T16706] loop9: detected capacity change from 0 to 1024
[  244.929913][T16706] EXT4-fs: Ignoring removed oldalloc option
[  244.935941][T16706] EXT4-fs: Ignoring removed bh option
[  244.960458][T16706] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  244.980250][T16706] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4113: comm syz.9.5268: Allocating blocks 481-513 which overlap fs metadata
[  245.010822][T10559] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.040170][T16721] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5273'.
[  245.356308][T16750] loop1: detected capacity change from 0 to 1024
[  245.363874][T16750] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  245.374935][T16750] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  245.385726][T16750] JBD2: no valid journal superblock found
[  245.391584][T16750] EXT4-fs (loop1): Could not load journal inode
[  246.314717][T16740] loop3: detected capacity change from 0 to 512
[  246.321345][T16740] EXT4-fs: Ignoring removed mblk_io_submit option
[  246.327929][T16740] EXT4-fs: Ignoring removed bh option
[  246.333935][T16740] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  246.351909][T16763] loop1: detected capacity change from 0 to 1024
[  246.366024][T16740] EXT4-fs (loop3): 1 truncate cleaned up
[  246.372177][T16740] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.443304][T10589] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.458310][T16768] syzkaller0: entered promiscuous mode
[  246.463901][T16768] syzkaller0: entered allmulticast mode
[  246.480398][T16763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.560824][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.647763][T16786] loop3: detected capacity change from 0 to 512
[  246.658678][T16785] pim6reg1: entered promiscuous mode
[  246.664039][T16785] pim6reg1: entered allmulticast mode
[  246.674394][T16786] ext4: Unknown parameter 'smackfsfloor'
[  246.765037][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  246.765055][   T29] audit: type=1400 audit(252.734:8615): avc:  denied  { create } for  pid=16789 comm="syz.3.5302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  246.794657][T16796] loop4: detected capacity change from 0 to 128
[  246.802676][T16791] loop9: detected capacity change from 0 to 2048
[  246.806685][   T29] audit: type=1326 audit(252.744:8616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.4.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  246.816657][T16796] vfat: Unknown parameter 'ÿÿÿÿ18446744073709551615'
[  246.831927][   T29] audit: type=1326 audit(252.744:8617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.4.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  246.861663][   T29] audit: type=1326 audit(252.744:8618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.4.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  246.884617][   T29] audit: type=1326 audit(252.744:8619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.4.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  246.907560][   T29] audit: type=1326 audit(252.744:8620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.4.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  246.930631][   T29] audit: type=1326 audit(252.744:8621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.4.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  246.953589][   T29] audit: type=1326 audit(252.744:8622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.4.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  246.976471][   T29] audit: type=1326 audit(252.744:8623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.4.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  246.999467][   T29] audit: type=1326 audit(252.744:8624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.4.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  247.050392][T16791]  loop9: p1 < > p3
[  247.059389][T16791] loop9: p3 size 134217728 extends beyond EOD, truncated
[  247.112839][T16809] loop3: detected capacity change from 0 to 512
[  247.130073][T16809] EXT4-fs (loop3): orphan cleanup on readonly fs
[  247.138618][T16809] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5307: bg 0: block 248: padding at end of block bitmap is not set
[  247.153009][T16810] loop1: detected capacity change from 0 to 128
[  247.153922][T16809] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.5307: Failed to acquire dquot type 1
[  247.173764][T16809] EXT4-fs (loop3): 1 truncate cleaned up
[  247.183559][T16813] tipc: Started in network mode
[  247.188674][T16813] tipc: Node identity d66b8f500387, cluster identity 4711
[  247.195933][T16813] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  247.204227][T16810] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  247.204620][T16809] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  247.229836][T16813] tipc: Disabling bearer <eth:syzkaller0>
[  247.272618][T16809] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  247.283865][T16821] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  247.291177][T16821] IPv6: NLM_F_CREATE should be set when creating new route
[  247.305129][T16809] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  247.413379][T16830] SELinux: failed to load policy
[  247.505803][T16854] loop5: detected capacity change from 0 to 1024
[  247.509200][T16856] ip6gre4: entered allmulticast mode
[  247.512640][T16854] EXT4-fs: Ignoring removed orlov option
[  247.538752][T16859] loop1: detected capacity change from 0 to 256
[  247.708225][T16870] loop5: detected capacity change from 0 to 256
[  247.726023][T16870] FAT-fs (loop5): bogus number of FAT sectors
[  247.732231][T16870] FAT-fs (loop5): Can't find a valid FAT filesystem
[  247.748700][T16873] loop9: detected capacity change from 0 to 7
[  247.773221][T16873] buffer_io_error: 2 callbacks suppressed
[  247.773239][T16873] Buffer I/O error on dev loop9, logical block 0, async page read
[  247.787240][T16873] Buffer I/O error on dev loop9, logical block 0, async page read
[  247.795074][T16873]  loop9: unable to read partition table
[  248.048715][T16873] loop_reread_partitions: partition scan of loop9 (þ被üŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  248.048715][T16873] 
Uªÿÿÿÿÿÿ) failed (rc=-5)
[  248.161326][    C1] sd 0:0:1:0: [sda] tag#3563 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  248.171757][    C1] sd 0:0:1:0: [sda] tag#3563 CDB: Read(6) 08 00 00 00 00 00
[  248.306289][T16892] pim6reg1: entered promiscuous mode
[  248.311848][T16892] pim6reg1: entered allmulticast mode
[  248.362553][T16898] loop4: detected capacity change from 0 to 128
[  248.483228][T16906] loop9: detected capacity change from 0 to 512
[  248.495298][T16908] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  248.547174][T16904] syzkaller0: entered promiscuous mode
[  248.552733][T16904] syzkaller0: entered allmulticast mode
[  248.593786][T16915] loop3: detected capacity change from 0 to 8192
[  248.627812][T16924] loop4: detected capacity change from 0 to 2048
[  248.660254][T16924]  loop4: p1 < > p3
[  248.666720][T16924] loop4: p3 size 134217728 extends beyond EOD, truncated
[  248.706685][T16928] SELinux: failed to load policy
[  248.803644][T16942] netlink: 'syz.5.5360': attribute type 13 has an invalid length.
[  248.811769][T16942] netlink: 152 bytes leftover after parsing attributes in process `syz.5.5360'.
[  248.843776][T16942] : renamed from syz_tun (while UP)
[  248.851534][T16942] : refused to change device tx_queue_len
[  248.857635][T16942] A link change request failed with some changes committed already. Interface  may have been left with an inconsistent configuration, please check.
[  248.967521][T16956] loop3: detected capacity change from 0 to 128
[  249.030384][T16952] loop4: detected capacity change from 0 to 8192
[  249.031061][T16962] loop5: detected capacity change from 0 to 512
[  249.078460][T16962] EXT4-fs (loop5): orphan cleanup on readonly fs
[  249.088117][T16962] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5366: bg 0: block 248: padding at end of block bitmap is not set
[  249.106998][T16962] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.5366: Failed to acquire dquot type 1
[  249.139535][T16962] EXT4-fs (loop5): 1 truncate cleaned up
[  249.159450][T16962] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  249.178625][T16962] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  249.244370][T16972] loop3: detected capacity change from 0 to 8192
[  249.374091][T16988] loop9: detected capacity change from 0 to 1024
[  249.655942][T17016] loop5: detected capacity change from 0 to 512
[  249.714133][T17024] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  249.750892][T17028] loop1: detected capacity change from 0 to 256
[  249.766622][T17028] FAT-fs (loop1): bogus number of FAT sectors
[  249.772822][T17028] FAT-fs (loop1): Can't find a valid FAT filesystem
[  249.800137][T17031] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm syz.5.5386: corrupted inode contents
[  249.838524][T17031] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #18: comm syz.5.5386: mark_inode_dirty error
[  249.869836][T17035] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5394'.
[  249.887874][T17031] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm syz.5.5386: corrupted inode contents
[  249.900378][T17035] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5394'.
[  249.909788][T17031] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #18: comm syz.5.5386: mark_inode_dirty error
[  249.934590][T17031] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #18: comm syz.5.5386: mark inode dirty (error -117)
[  249.957584][T17031] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117)
[  250.103906][T17046] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5398'.
[  250.145139][T17052] loop4: detected capacity change from 0 to 128
[  250.150265][T17053] x_tables: duplicate underflow at hook 1
[  250.337669][T17055] loop1: detected capacity change from 0 to 512
[  250.344647][T17055] EXT4-fs: Ignoring removed mblk_io_submit option
[  250.351232][T17055] EXT4-fs: Ignoring removed bh option
[  250.366510][T17055] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  250.390143][T17055] EXT4-fs (loop1): 1 truncate cleaned up
[  250.622712][T17068] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5407'.
[  250.639284][T17068] team1: entered promiscuous mode
[  250.644406][T17068] team1: entered allmulticast mode
[  250.691238][T17070] loop4: detected capacity change from 0 to 512
[  250.781705][T17075] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  250.789248][T17074] tipc: Resetting bearer <eth:syzkaller0>
[  250.790840][T17070] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.5408: corrupted inode contents
[  250.808910][T17070] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #18: comm syz.4.5408: mark_inode_dirty error
[  250.814251][T17074] tipc: Disabling bearer <eth:syzkaller0>
[  250.820797][T17070] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.5408: corrupted inode contents
[  250.840624][T17070] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.5408: mark_inode_dirty error
[  250.856164][T17070] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.5408: mark inode dirty (error -117)
[  250.869751][T17070] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  250.911354][T17077] loop9: detected capacity change from 0 to 512
[  250.968679][T17083] syzkaller1: entered promiscuous mode
[  250.974316][T17083] syzkaller1: entered allmulticast mode
[  250.981875][T17085] serio: Serial port ptm0
[  251.030777][T17093] loop1: detected capacity change from 0 to 512
[  251.055273][T17093] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.5416: corrupted inode contents
[  251.074384][T17093] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.5416: mark_inode_dirty error
[  251.098421][T17093] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.5416: corrupted inode contents
[  251.113472][T17104] loop3: detected capacity change from 0 to 128
[  251.121460][T17093] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.5416: mark_inode_dirty error
[  252.194614][   T29] kauditd_printk_skb: 235 callbacks suppressed
[  252.194630][   T29] audit: type=1326 audit(258.164:8854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17100 comm="syz.9.5418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9282c158e7 code=0x7ffc0000
[  252.223959][   T29] audit: type=1326 audit(258.164:8855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17100 comm="syz.9.5418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9282bbab19 code=0x7ffc0000
[  252.247002][   T29] audit: type=1326 audit(258.164:8856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17100 comm="syz.9.5418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9282c1e929 code=0x7ffc0000
[  252.272211][T17118] loop5: detected capacity change from 0 to 512
[  252.278897][T17118] EXT4-fs: Ignoring removed mblk_io_submit option
[  252.285428][T17118] EXT4-fs: Ignoring removed bh option
[  252.291485][T17118] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  252.304463][T17115] loop1: detected capacity change from 0 to 512
[  252.311102][T17115] EXT4-fs: Ignoring removed mblk_io_submit option
[  252.317625][T17115] EXT4-fs: Ignoring removed bh option
[  252.323388][T17115] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  252.334390][T17123] loop9: detected capacity change from 0 to 512
[  252.342330][T17118] EXT4-fs (loop5): 1 truncate cleaned up
[  252.352190][T17115] EXT4-fs (loop1): 1 truncate cleaned up
[  252.365351][T17129] loop4: detected capacity change from 0 to 512
[  252.385062][   T29] audit: type=1326 audit(258.354:8857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17128 comm="syz.4.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  252.408727][   T29] audit: type=1326 audit(258.384:8858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17128 comm="syz.4.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  252.431783][   T29] audit: type=1326 audit(258.384:8859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17128 comm="syz.4.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  252.438505][T17123] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #18: comm syz.9.5424: corrupted inode contents
[  252.454900][   T29] audit: type=1326 audit(258.384:8860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17128 comm="syz.4.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  252.489545][   T29] audit: type=1326 audit(258.384:8861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17128 comm="syz.4.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  252.512964][   T29] audit: type=1326 audit(258.384:8862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17128 comm="syz.4.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  252.515138][T17123] EXT4-fs error (device loop9): ext4_dirty_inode:6459: inode #18: comm syz.9.5424: mark_inode_dirty error
[  252.536760][   T29] audit: type=1326 audit(258.384:8863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17128 comm="syz.4.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f97d64de929 code=0x7ffc0000
[  252.553377][T17123] EXT4-fs error (device loop9): ext4_do_update_inode:5568: inode #18: comm syz.9.5424: corrupted inode contents
[  252.582352][T17123] EXT4-fs error (device loop9): ext4_xattr_delete_inode:2991: inode #18: comm syz.9.5424: mark_inode_dirty error
[  252.654476][T17123] EXT4-fs error (device loop9): ext4_xattr_delete_inode:2994: inode #18: comm syz.9.5424: mark inode dirty (error -117)
[  252.688930][T17123] EXT4-fs warning (device loop9): ext4_evict_inode:274: xattr delete (err -117)
[  252.724202][T17146] loop1: detected capacity change from 0 to 128
[  252.909722][T17168] loop9: detected capacity change from 0 to 1024
[  252.916941][T17168] EXT4-fs: Ignoring removed nobh option
[  252.922559][T17168] EXT4-fs: Ignoring removed bh option
[  253.031877][T17168] EXT4-fs error (device loop9): ext4_xattr_inode_iget:442: comm syz.9.5441: error while reading EA inode 32 err=-116
[  253.059037][T17168] EXT4-fs (loop9): Remounting filesystem read-only
[  253.065704][T17168] EXT4-fs warning (device loop9): ext4_xattr_inode_inc_ref_all:1129: inode #18: comm syz.9.5441: cleanup dec ref error -30
[  253.078660][T17168] EXT4-fs warning (device loop9): ext4_xattr_block_set:2190: inode #18: comm syz.9.5441: dec ref error=-30
[  253.206346][T17175] loop4: detected capacity change from 0 to 512
[  253.213505][T17175] EXT4-fs: Ignoring removed mblk_io_submit option
[  253.220113][T17175] EXT4-fs: Ignoring removed bh option
[  253.226272][T17175] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  253.291533][T17175] EXT4-fs (loop4): 1 truncate cleaned up
[  253.547609][T17182] ALSA: seq fatal error: cannot create timer (-19)
[  253.811142][T17200] loop1: detected capacity change from 0 to 512
[  253.818207][T17200] EXT4-fs: Ignoring removed mblk_io_submit option
[  253.824676][T17200] EXT4-fs: Ignoring removed bh option
[  253.898602][T17200] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  253.920413][T17200] EXT4-fs (loop1): 1 truncate cleaned up
[  254.005828][T17203] loop5: detected capacity change from 0 to 512
[  254.037386][T17203] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  254.050436][T17203] EXT4-fs (loop5): 1 truncate cleaned up
[  254.097956][T17216] netlink: 96 bytes leftover after parsing attributes in process `syz.5.5460'.
[  254.127331][T17219] tipc: Started in network mode
[  254.132428][T17219] tipc: Node identity ac14140f, cluster identity 4711
[  254.139643][T17219] tipc: New replicast peer: 0.0.255.255
[  254.145343][T17219] tipc: Enabled bearer <udp:s>, priority 10
[  254.187652][T17227] netlink: 'syz.9.5464': attribute type 10 has an invalid length.
[  254.206852][T17227] team0: Port device dummy0 added
[  254.219958][T17227] netlink: 'syz.9.5464': attribute type 10 has an invalid length.
[  254.229212][T17227] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  254.241828][T17227] team0: Failed to send options change via netlink (err -105)
[  254.250968][T17227] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  254.262170][T17227] team0: Port device dummy0 removed
[  254.262907][T17234] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5467'.
[  254.299340][T17227] dummy0: entered promiscuous mode
[  254.320949][T17234] team1: entered promiscuous mode
[  254.336312][T17234] team1: entered allmulticast mode
[  254.372231][T17241] serio: Serial port ptm0
[  254.483083][T17248] syzkaller0: entered promiscuous mode
[  254.488664][T17248] syzkaller0: entered allmulticast mode
[  254.504680][ T3605] syzkaller0: tun_net_xmit 48
[  254.553546][T17248] syzkaller0: tun_net_xmit 1280
[  254.558591][T17248] syzkaller0: create flow: hash 344709803 index 1
[  254.568166][T17256] loop4: detected capacity change from 0 to 512
[  254.575341][T17256] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  254.595141][T17247] syzkaller0: delete flow: hash 344709803 index 1
[  254.602924][T17256] EXT4-fs (loop4): 1 truncate cleaned up
[  254.786680][T17266] netlink: 'syz.9.5480': attribute type 3 has an invalid length.
[  254.818385][T17268] loop9: detected capacity change from 0 to 1024
[  254.825311][T17268] EXT4-fs: Ignoring removed nobh option
[  254.831211][T17268] EXT4-fs: Ignoring removed bh option
[  254.855044][T17268] EXT4-fs error (device loop9): ext4_xattr_inode_iget:442: comm syz.9.5481: error while reading EA inode 32 err=-116
[  254.867746][T17268] EXT4-fs (loop9): Remounting filesystem read-only
[  254.874345][T17268] EXT4-fs warning (device loop9): ext4_xattr_inode_inc_ref_all:1129: inode #18: comm syz.9.5481: cleanup dec ref error -30
[  254.887537][T17268] EXT4-fs warning (device loop9): ext4_xattr_block_set:2190: inode #18: comm syz.9.5481: dec ref error=-30
[  255.070050][T17283] syzkaller0: entered promiscuous mode
[  255.075599][T17283] syzkaller0: entered allmulticast mode
[  255.102468][T17287] netlink: 'syz.9.5489': attribute type 10 has an invalid length.
[  255.110464][T17287] netlink: 55 bytes leftover after parsing attributes in process `syz.9.5489'.
[  255.220730][T17293] loop9: detected capacity change from 0 to 128
[  255.224653][T17295] 9pnet_fd: Insufficient options for proto=fd
[  255.235921][T17293] vfat: Unknown parameter 'ÿÿÿÿ18446744073709551615'
[  255.259868][T15288] tipc: Node number set to 2886997007
[  255.277666][T17301] loop1: detected capacity change from 0 to 1024
[  255.284397][T17301] EXT4-fs: Ignoring removed bh option
[  255.289846][T17301] EXT4-fs: Ignoring removed nomblk_io_submit option
[  255.299883][T17301] EXT4-fs mount: 49 callbacks suppressed
[  255.299897][T17301] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.405707][ T6205] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.620553][T17312] syzkaller0: entered allmulticast mode
[  255.628917][T17312] syzkaller0 (unregistering): left allmulticast mode
[  255.735572][T17317] loop3: detected capacity change from 0 to 128
[  255.744987][T17317] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  255.784728][T17318] loop5: detected capacity change from 0 to 8192
[  255.806050][T10589] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  255.824348][T17321] netlink: 'syz.3.5502': attribute type 10 has an invalid length.
[  255.832277][T17321] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5502'.
[  255.910380][T17327] netlink: 'syz.5.5516': attribute type 10 has an invalid length.
[  255.918451][T17327] netlink: 55 bytes leftover after parsing attributes in process `syz.5.5516'.
[  255.920294][T17329] 9pnet_fd: Insufficient options for proto=fd
[  255.986170][T17336] loop3: detected capacity change from 0 to 128
[  256.012857][T17338] random: crng reseeded on system resumption
[  256.122410][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.138801][T17346] loop9: detected capacity change from 0 to 128
[  256.145382][T17344] loop5: detected capacity change from 0 to 1024
[  256.155995][T17346] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  256.172104][T17344] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.188026][T17344] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #14: comm syz.5.5515: attempt to clear invalid blocks 1886221359 len 1
[  256.215655][T16166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.228113][T10559] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  256.285468][T17358] 9pnet_fd: Insufficient options for proto=fd
[  256.361076][T17363] loop4: detected capacity change from 0 to 128
[  256.367799][T17360] loop9: detected capacity change from 0 to 8192
[  256.368385][T17363] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  256.516196][T17364] loop5: detected capacity change from 0 to 512
[  256.522997][T17364] EXT4-fs: Ignoring removed mblk_io_submit option
[  256.529552][T17364] EXT4-fs: Ignoring removed bh option
[  256.537785][T17364] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  256.568490][T17364] EXT4-fs (loop5): 1 truncate cleaned up
[  256.575090][T17364] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.754548][T17369] loop4: detected capacity change from 0 to 1024
[  256.790041][T17369] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.816912][T17369] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  256.833938][T17369] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 384 with error 28
[  256.846635][T17369] EXT4-fs (loop4): This should not happen!! Data will be lost
[  256.846635][T17369] 
[  256.856434][T17369] EXT4-fs (loop4): Total free blocks count 0
[  256.862477][T17369] EXT4-fs (loop4): Free/Dirty block details
[  256.868469][T17369] EXT4-fs (loop4): free_blocks=4293918720
[  256.874287][T17369] EXT4-fs (loop4): dirty_blocks=384
[  256.879612][T17369] EXT4-fs (loop4): Block reservation details
[  256.885643][T17369] EXT4-fs (loop4): i_reserved_data_blocks=24
[  256.917032][ T6205] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.936890][T17376] netlink: 'syz.4.5523': attribute type 10 has an invalid length.
[  256.944761][T17376] netlink: 55 bytes leftover after parsing attributes in process `syz.4.5523'.
[  257.144234][T16166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.164146][T17383] loop1: detected capacity change from 0 to 1024
[  257.193259][T17383] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.219163][   T29] kauditd_printk_skb: 261 callbacks suppressed
[  257.219181][   T29] audit: type=1400 audit(263.194:9125): avc:  denied  { append } for  pid=17384 comm="syz.4.5529" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  257.228287][T17383] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #14: comm syz.1.5527: attempt to clear invalid blocks 1886221359 len 1
[  257.354178][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.386875][T17398] pim6reg1: entered promiscuous mode
[  257.392315][T17398] pim6reg1: entered allmulticast mode
[  257.512442][T17407] syzkaller0: entered promiscuous mode
[  257.518040][T17407] syzkaller0: entered allmulticast mode
[  257.639846][T17419] loop9: detected capacity change from 0 to 512
[  257.695749][T17419] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.709718][   T29] audit: type=1400 audit(263.664:9126): avc:  denied  { map } for  pid=17422 comm="syz.5.5543" path="socket:[60033]" dev="sockfs" ino=60033 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  257.732616][   T29] audit: type=1400 audit(263.664:9127): avc:  denied  { read } for  pid=17422 comm="syz.5.5543" path="socket:[60033]" dev="sockfs" ino=60033 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  257.809971][T10559] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.909486][T17444] syzkaller0: entered promiscuous mode
[  257.915020][T17444] syzkaller0: entered allmulticast mode
[  258.051732][T17451] loop9: detected capacity change from 0 to 8192
[  258.114323][   T29] audit: type=1400 audit(264.084:9128): avc:  denied  { setattr } for  pid=17458 comm="syz.9.5556" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  258.149026][T17461] netlink: 'syz.5.5558': attribute type 10 has an invalid length.
[  258.160818][T17461] team0: Port device dummy0 added
[  258.170651][T17461] netlink: 'syz.5.5558': attribute type 10 has an invalid length.
[  258.180267][T17461] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  258.186130][T17463] loop1: detected capacity change from 0 to 1024
[  258.195462][T17461] team0: Failed to send options change via netlink (err -105)
[  258.197174][T17463] EXT4-fs (loop1): orphan cleanup on readonly fs
[  258.209656][T17461] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  258.218709][T17461] team0: Port device dummy0 removed
[  258.220490][T17463] Quota error (device loop1): do_check_range: Getting block 64 out of range 1-5
[  258.226648][T17461] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  258.233221][T17463] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  258.251256][T17463] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.5560: Failed to acquire dquot type 0
[  258.273972][T17463] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  258.295516][T17463] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #13: comm syz.1.5560: corrupted inode contents
[  258.300816][   T29] audit: type=1400 audit(264.264:9129): avc:  denied  { read } for  pid=17467 comm="syz.9.5562" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  258.336831][T17463] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #13: comm syz.1.5560: mark_inode_dirty error
[  258.348443][   T29] audit: type=1400 audit(264.304:9130): avc:  denied  { setopt } for  pid=17469 comm="syz.9.5563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  258.354657][T17463] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #13: comm syz.1.5560: corrupted inode contents
[  258.381636][T17463] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #13: comm syz.1.5560: mark_inode_dirty error
[  258.393688][T17463] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #13: comm syz.1.5560: corrupted inode contents
[  258.410746][T17463] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  258.420055][T17463] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #13: comm syz.1.5560: corrupted inode contents
[  258.433503][T17463] EXT4-fs error (device loop1): ext4_truncate:4597: inode #13: comm syz.1.5560: mark_inode_dirty error
[  258.446352][T17463] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  258.457471][T17463] EXT4-fs (loop1): 1 truncate cleaned up
[  258.463632][T17463] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  258.482647][T17474] loop9: detected capacity change from 0 to 512
[  258.535676][T17474] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.571743][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.770267][T17484] loop5: detected capacity change from 0 to 512
[  258.777304][T17484] EXT4-fs: Ignoring removed mblk_io_submit option
[  258.783745][T17484] EXT4-fs: Ignoring removed bh option
[  258.789967][T17484] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  258.811312][T17484] EXT4-fs (loop5): 1 truncate cleaned up
[  258.817755][T17484] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.850863][T10559] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.867864][   T29] audit: type=1326 audit(264.814:9131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17486 comm="syz.1.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  258.890921][   T29] audit: type=1326 audit(264.814:9132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17486 comm="syz.1.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  259.097354][T17497] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5572'.
[  259.251722][T16166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.352248][T17507] netlink: 'syz.3.5575': attribute type 10 has an invalid length.
[  259.381707][T17507] batman_adv: batadv0: Removing interface: dummy0
[  259.390291][T17507] team0: Device dummy0 failed to register rx_handler
[  259.397937][T17507] macvlan2: mtu less than device minimum
[  259.405947][T17512] netlink: 'syz.3.5575': attribute type 10 has an invalid length.
[  259.507535][T17519] loop1: detected capacity change from 0 to 512
[  259.514676][T17519] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  259.524363][T17519] EXT4-fs (loop1): orphan cleanup on readonly fs
[  259.534654][T17519] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.5580: bg 0: block 248: padding at end of block bitmap is not set
[  259.549617][T17519] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.5580: Failed to acquire dquot type 1
[  259.561500][T17519] EXT4-fs (loop1): 1 truncate cleaned up
[  259.569782][T17519] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  259.599582][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.614617][T17525] loop9: detected capacity change from 0 to 1024
[  259.639279][T17525] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.666975][T10559] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.688805][T17535] loop9: detected capacity change from 0 to 512
[  259.695663][T17535] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  259.708715][T17535] EXT4-fs (loop9): 1 truncate cleaned up
[  259.714965][T17535] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.852283][T17543] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  259.858892][T17543] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  259.866600][T17543] vhci_hcd vhci_hcd.0: Device attached
[  259.873058][T17544] vhci_hcd: cannot find the pending unlink 12
[  259.879317][T17544] vhci_hcd: connection closed
[  259.879433][ T3576] vhci_hcd: stop threads
[  259.888444][ T3576] vhci_hcd: release socket
[  259.892887][ T3576] vhci_hcd: disconnect device
[  260.391900][T17548] sd 0:0:1:0: device reset
[  260.411121][T17551] netlink: 'syz.1.5589': attribute type 10 has an invalid length.
[  260.442936][T17555] loop3: detected capacity change from 0 to 512
[  260.451752][T17555] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  260.462235][T17551] netlink: 'syz.1.5589': attribute type 10 has an invalid length.
[  260.462516][T17555] EXT4-fs (loop3): orphan cleanup on readonly fs
[  260.491601][T17555] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5593: bg 0: block 248: padding at end of block bitmap is not set
[  260.519103][T17555] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.5593: Failed to acquire dquot type 1
[  260.545573][T10559] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.557945][T17555] EXT4-fs (loop3): 1 truncate cleaned up
[  260.564552][T17555] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  260.604415][T10589] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.653849][T17568] loop3: detected capacity change from 0 to 512
[  260.678094][T17568] EXT4-fs (loop3): orphan cleanup on readonly fs
[  260.694827][T15288] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  260.702421][T15288] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  260.705235][T17568] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5599: bg 0: block 248: padding at end of block bitmap is not set
[  260.709859][T15288] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  260.726316][T17568] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.5599: Failed to acquire dquot type 1
[  260.744383][T15288] hid-generic 0000:0004:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  260.755515][T17568] EXT4-fs (loop3): 1 truncate cleaned up
[  260.761875][T17568] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  260.782607][T17568] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  260.798313][T17568] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  260.819353][T17581] bridge: RTM_NEWNEIGH with invalid ether address
[  260.819734][T10589] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.856080][T17584] loop1: detected capacity change from 0 to 512
[  260.867538][T17584] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  260.903347][T17584] EXT4-fs (loop1): 1 truncate cleaned up
[  260.908098][T17585] syzkaller0: entered promiscuous mode
[  260.911569][T17584] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.914551][T17585] syzkaller0: entered allmulticast mode
[  261.538114][T17604] loop9: detected capacity change from 0 to 512
[  261.545434][T17604] EXT4-fs: Ignoring removed mblk_io_submit option
[  261.552079][T17604] EXT4-fs: Ignoring removed bh option
[  261.760447][T17604] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  261.859589][T17603] loop4: detected capacity change from 0 to 512
[  261.866434][T17603] EXT4-fs: Ignoring removed mblk_io_submit option
[  261.872962][T17603] EXT4-fs: Ignoring removed bh option
[  261.888668][T17603] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  261.902148][T17603] EXT4-fs (loop4): 1 truncate cleaned up
[  261.908780][T17603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.931362][T17604] EXT4-fs (loop9): 1 truncate cleaned up
[  261.937765][T17604] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.984974][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.010497][T15272] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[  262.017980][T15272] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[  262.025395][T15272] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[  262.035732][T15272] hid-generic 0000:0004:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  262.104753][ T6205] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.122448][T17621] veth0: entered promiscuous mode
[  262.137190][T10559] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.174903][T17621] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5618'.
[  262.334540][T17641] loop3: detected capacity change from 0 to 2048
[  262.377526][T17641]  loop3: p1 < > p4
[  262.382043][T17641] loop3: p4 size 8388608 extends beyond EOD, truncated
[  262.490751][T17650] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.5631' sets config #0
[  262.529927][   T29] kauditd_printk_skb: 49 callbacks suppressed
[  262.529946][   T29] audit: type=1326 audit(268.494:9176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17648 comm="syz.1.5632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  262.559284][   T29] audit: type=1326 audit(268.504:9177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17648 comm="syz.1.5632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  262.582302][   T29] audit: type=1326 audit(268.504:9178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17648 comm="syz.1.5632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  262.605336][   T29] audit: type=1326 audit(268.504:9179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17648 comm="syz.1.5632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  262.628289][   T29] audit: type=1326 audit(268.504:9180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17648 comm="syz.1.5632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  262.749560][   T29] audit: type=1326 audit(268.504:9181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17648 comm="syz.1.5632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  262.772705][   T29] audit: type=1326 audit(268.504:9182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17648 comm="syz.1.5632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  262.795684][   T29] audit: type=1326 audit(268.504:9183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17648 comm="syz.1.5632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  262.818655][   T29] audit: type=1326 audit(268.504:9184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17648 comm="syz.1.5632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  262.841735][   T29] audit: type=1326 audit(268.504:9185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17648 comm="syz.1.5632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  262.945305][T17661] loop9: detected capacity change from 0 to 512
[  262.952230][T17661] EXT4-fs: Ignoring removed mblk_io_submit option
[  262.958839][T17661] EXT4-fs: Ignoring removed bh option
[  262.978172][T17661] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  263.047431][T17661] EXT4-fs (loop9): 1 truncate cleaned up
[  263.054137][T17661] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.096733][T17665] pim6reg1: entered promiscuous mode
[  263.102090][T17665] pim6reg1: entered allmulticast mode
[  263.102220][T17672] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5636'.
[  263.116584][T17672] netlink: 212 bytes leftover after parsing attributes in process `syz.4.5636'.
[  263.131214][T17671] loop5: detected capacity change from 0 to 1024
[  263.144672][T17671] EXT4-fs: Ignoring removed orlov option
[  263.154360][T17671] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.309005][T10559] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.328118][T17678] syzkaller0: entered promiscuous mode
[  263.333894][T17678] syzkaller0: entered allmulticast mode
[  263.464793][T16166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.535761][T17700] loop9: detected capacity change from 0 to 256
[  263.543951][T17698] Falling back ldisc for ttyS3.
[  263.660802][T15272] IPVS: starting estimator thread 0...
[  263.667265][T17707] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  263.786613][T17713] IPVS: using max 2112 ests per chain, 105600 per kthread
[  263.953399][T17706] SELinux: ebitmap: truncated map
[  263.961062][T17706] SELinux: failed to load policy
[  263.969649][T17735] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5662'.
[  263.973503][T17737] loop4: detected capacity change from 0 to 256
[  264.052280][T17743] loop4: detected capacity change from 0 to 4096
[  264.063441][T17743] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.091718][ T6205] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.114553][T17751] loop4: detected capacity change from 0 to 164
[  264.123312][T17751] bio_check_eod: 881 callbacks suppressed
[  264.123330][T17751] syz.4.5669: attempt to access beyond end of device
[  264.123330][T17751] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  264.145445][T17751] syz.4.5669: attempt to access beyond end of device
[  264.145445][T17751] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  264.159793][T17753] loop5: detected capacity change from 0 to 512
[  264.190220][T17753] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.203033][T17757] loop4: detected capacity change from 0 to 2048
[  264.206286][T17753] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.5670: corrupted inode contents
[  264.222273][T17753] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #2: comm syz.5.5670: mark_inode_dirty error
[  264.233883][T17753] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.5670: corrupted inode contents
[  264.235071][T17757] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.247775][T17753] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.5670: mark_inode_dirty error
[  264.293579][T16166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.295421][ T6205] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.336357][T15284] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[  264.343925][T15284] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[  264.351434][T15284] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[  264.360154][T15284] hid-generic 0000:0004:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  264.505085][T17778] loop3: detected capacity change from 0 to 1024
[  264.511859][T17778] EXT4-fs: Ignoring removed nobh option
[  264.517521][T17778] EXT4-fs: Ignoring removed bh option
[  264.692940][T17780] loop5: detected capacity change from 0 to 512
[  264.699807][T17780] EXT4-fs: Ignoring removed mblk_io_submit option
[  264.706297][T17780] EXT4-fs: Ignoring removed bh option
[  264.714284][ T3584] bridge_slave_1: left allmulticast mode
[  264.720015][ T3584] bridge_slave_1: left promiscuous mode
[  264.725739][ T3584] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.752304][T15243] IPVS: starting estimator thread 0...
[  264.759004][ T3584] bridge_slave_0: left allmulticast mode
[  264.764725][ T3584] bridge_slave_0: left promiscuous mode
[  264.770643][ T3584] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.856699][T17784] IPVS: using max 2448 ests per chain, 122400 per kthread
[  264.899164][T17780] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  264.911029][T17780] EXT4-fs (loop5): 1 truncate cleaned up
[  264.911210][T17786] loop9: detected capacity change from 0 to 128
[  264.917298][T17780] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.923490][T17786] EXT4-fs: Ignoring removed nobh option
[  264.938687][T17778] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.965910][T17778] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.5679: Allocating blocks 385-513 which overlap fs metadata
[  264.980461][ T3584] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  264.991633][ T3584] bond_slave_0: left promiscuous mode
[  264.997237][ T3584] bond_slave_0: left allmulticast mode
[  265.003650][T17786] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  265.006345][T17778] EXT4-fs (loop3): pa ffff888106adf850: logic 16, phys. 129, len 24
[  265.023990][T17778] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  265.024053][T17793] loop1: detected capacity change from 0 to 512
[  265.041826][ T3584] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  265.056778][ T3584] bond_slave_1: left promiscuous mode
[  265.060835][T17793] EXT4-fs: Ignoring removed nomblk_io_submit option
[  265.062307][ T3584] bond_slave_1: left allmulticast mode
[  265.075643][ T3584] bond0 (unregistering): Released all slaves
[  265.076897][T10589] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.118284][ T3584] tipc: Left network mode
[  265.122369][T17793] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.145814][ T3584] hsr_slave_0: left promiscuous mode
[  265.155911][ T3584] hsr_slave_1: left promiscuous mode
[  265.161965][ T3584] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  265.169653][ T3584] batman_adv: batadv0: Removing interface: batadv_slave_0
[  265.196318][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.247413][ T3584] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  265.254873][ T3584] batman_adv: batadv0: Removing interface: batadv_slave_1
[  265.263698][T16166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.298315][ T3584] veth1_macvtap: left promiscuous mode
[  265.303952][ T3584] veth0_macvtap: left promiscuous mode
[  265.312113][ T3584] veth1_vlan: left promiscuous mode
[  265.318133][ T3584] veth0_vlan: left promiscuous mode
[  265.632063][ T3584] team0 (unregistering): Port device team_slave_1 removed
[  265.658145][ T3584] team0 (unregistering): Port device team_slave_0 removed
[  265.809249][T17811] syzkaller0: entered promiscuous mode
[  265.814783][T17811] syzkaller0: entered allmulticast mode
[  265.981928][T17831] loop4: detected capacity change from 0 to 512
[  266.045036][T17831] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.067256][T10559] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  266.127992][T17831] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.5693: iget: bad i_size value: 2533274857506816
[  266.186817][T17841] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  266.198166][T17831] EXT4-fs (loop4): Remounting filesystem read-only
[  266.221054][T17846] loop9: detected capacity change from 0 to 1024
[  266.230906][T17841] SELinux: failed to load policy
[  266.241464][ T6205] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.241896][T17846] EXT4-fs: Ignoring removed nobh option
[  266.256176][T17846] EXT4-fs: Ignoring removed bh option
[  266.298866][T17846] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.304199][T17852] loop1: detected capacity change from 0 to 1024
[  266.329604][T17846] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4113: comm syz.9.5699: Allocating blocks 385-513 which overlap fs metadata
[  266.355994][T17852] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.370100][T17846] EXT4-fs (loop9): pa ffff888106adf8c0: logic 16, phys. 129, len 24
[  266.378255][T17846] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  266.399524][T17852] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  266.428241][T17852] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  266.440689][T17852] EXT4-fs (loop1): This should not happen!! Data will be lost
[  266.440689][T17852] 
[  266.450393][T17852] EXT4-fs (loop1): Total free blocks count 0
[  266.456475][T17852] EXT4-fs (loop1): Free/Dirty block details
[  266.462421][T17852] EXT4-fs (loop1): free_blocks=4293918720
[  266.468233][T17852] EXT4-fs (loop1): dirty_blocks=64
[  266.473427][T17852] EXT4-fs (loop1): Block reservation details
[  266.479465][T17852] EXT4-fs (loop1): i_reserved_data_blocks=4
[  266.489244][T10559] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.502269][T17857] loop4: detected capacity change from 0 to 512
[  266.520276][T17857] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  266.551572][T11331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.583931][T17857] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.638286][T17864] IPv4: Oversized IP packet from 127.202.26.0
[  266.676893][T17866] loop9: detected capacity change from 0 to 164
[  266.690611][T17866] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  266.698856][T17857] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  266.724086][T17857] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.5701: Failed to acquire dquot type 0
[  267.046325][T17885] loop9: detected capacity change from 0 to 512
[  267.053454][T17885] EXT4-fs: Ignoring removed mblk_io_submit option
[  267.060022][T17885] EXT4-fs: Ignoring removed bh option
[  267.066491][T17885] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  267.104254][T17885] EXT4-fs (loop9): 1 truncate cleaned up
[  267.130489][T17884] tls_set_device_offload_rx: netdev not found
[  267.145571][T17889] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  267.293005][T17891] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5715'.
[  267.703082][T17916] loop1: detected capacity change from 0 to 1024
[  267.733570][T17920] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.773132][T17924] loop1: detected capacity change from 0 to 512
[  267.838707][T17920] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.875140][T17931] loop1: detected capacity change from 0 to 1024
[  267.883889][T17933] pim6reg1: entered promiscuous mode
[  267.889464][T17933] pim6reg1: entered allmulticast mode
[  267.902338][T17920] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.968550][T17920] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.036673][T17920] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  268.051849][T17920] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  268.064122][T17920] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  268.077868][T17920] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  268.120541][T17944] netlink: 'syz.1.5737': attribute type 4 has an invalid length.
[  268.273257][T17949] loop3: detected capacity change from 0 to 512
[  268.280265][T17949] EXT4-fs: Ignoring removed mblk_io_submit option
[  268.286774][T17949] EXT4-fs: Ignoring removed bh option
[  268.304790][T17950] loop1: detected capacity change from 0 to 1024
[  268.338893][T17949] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  268.349956][T17950] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  268.374938][T17949] EXT4-fs (loop3): 1 truncate cleaned up
[  268.423893][T17950] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  268.494465][T17950] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  268.503240][T17955] loop5: detected capacity change from 0 to 1024
[  268.535519][T17950] EXT4-fs (loop1): orphan cleanup on readonly fs
[  268.542542][T17955] EXT4-fs: Ignoring removed orlov option
[  268.548370][T17950] EXT4-fs error (device loop1): ext4_read_inode_bitmap:167: comm syz.1.5739: Inode bitmap for bg 0 marked uninitialized
[  268.628708][T15288] hid-generic 0000:0004:0000.000E: unknown main item tag 0x0
[  268.636258][T15288] hid-generic 0000:0004:0000.000E: unknown main item tag 0x0
[  268.643792][T15288] hid-generic 0000:0004:0000.000E: unknown main item tag 0x0
[  268.656714][T15288] hid-generic 0000:0004:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  268.671302][T17961] syzkaller0: entered promiscuous mode
[  268.676915][T17961] syzkaller0: entered allmulticast mode
[  269.032540][T17979] loop4: detected capacity change from 0 to 512
[  269.039581][T17979] EXT4-fs: Ignoring removed mblk_io_submit option
[  269.046029][T17979] EXT4-fs: Ignoring removed bh option
[  269.053009][T17979] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  269.082568][T17979] EXT4-fs (loop4): 1 truncate cleaned up
[  269.148885][T17982] loop3: detected capacity change from 0 to 512
[  269.222669][T17982] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  269.257995][T17989] netlink: 'syz.5.5753': attribute type 10 has an invalid length.
[  269.295625][T17989] bond0: (slave dummy0): Releasing backup interface
[  269.319773][T17982] EXT4-fs (loop3): 1 truncate cleaned up
[  269.355842][T17989] team0: Failed to send options change via netlink (err -105)
[  269.363552][T17989] team0: Port device dummy0 added
[  269.440833][T17995] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  269.441424][T17989] netlink: 'syz.5.5753': attribute type 10 has an invalid length.
[  269.462210][T17989] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  269.485471][T17997] loop9: detected capacity change from 0 to 128
[  269.496752][T17989] team0: Failed to send options change via netlink (err -105)
[  269.504403][T17989] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  269.535259][T17989] team0: Port device dummy0 removed
[  269.550381][T17997] syz.9.5756: attempt to access beyond end of device
[  269.550381][T17997] loop9: rw=2049, sector=145, nr_sectors = 8 limit=128
[  269.565027][T17997] syz.9.5756: attempt to access beyond end of device
[  269.565027][T17997] loop9: rw=2049, sector=161, nr_sectors = 8 limit=128
[  269.578983][T17997] syz.9.5756: attempt to access beyond end of device
[  269.578983][T17997] loop9: rw=2049, sector=177, nr_sectors = 8 limit=128
[  269.592615][T17997] syz.9.5756: attempt to access beyond end of device
[  269.592615][T17997] loop9: rw=2049, sector=193, nr_sectors = 8 limit=128
[  269.606334][T17997] syz.9.5756: attempt to access beyond end of device
[  269.606334][T17997] loop9: rw=2049, sector=209, nr_sectors = 8 limit=128
[  269.620631][T15287] page_pool_release_retry() stalled pool shutdown: id 127, 1 inflight 60 sec
[  269.628163][T17989] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  269.638194][T17997] syz.9.5756: attempt to access beyond end of device
[  269.638194][T17997] loop9: rw=2049, sector=225, nr_sectors = 8 limit=128
[  269.772564][T17997] syz.9.5756: attempt to access beyond end of device
[  269.772564][T17997] loop9: rw=2049, sector=241, nr_sectors = 8 limit=128
[  269.796253][T17997] syz.9.5756: attempt to access beyond end of device
[  269.796253][T17997] loop9: rw=2049, sector=257, nr_sectors = 8 limit=128
[  269.835757][T17997] syz.9.5756: attempt to access beyond end of device
[  269.835757][T17997] loop9: rw=2049, sector=273, nr_sectors = 8 limit=128
[  269.856436][T17997] syz.9.5756: attempt to access beyond end of device
[  269.856436][T17997] loop9: rw=2049, sector=289, nr_sectors = 8 limit=128
[  269.903081][T18003] syzkaller0: entered promiscuous mode
[  269.908676][T18003] syzkaller0: entered allmulticast mode
[  269.998366][T18004] loop4: detected capacity change from 0 to 512
[  270.005179][T18004] EXT4-fs: Ignoring removed mblk_io_submit option
[  270.011786][T18004] EXT4-fs: Ignoring removed bh option
[  270.046591][T18004] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  270.076026][T18004] EXT4-fs (loop4): 1 truncate cleaned up
[  270.593351][   T29] kauditd_printk_skb: 126 callbacks suppressed
[  270.593367][   T29] audit: type=1326 audit(276.564:9310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18016 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e5307e929 code=0x7ffc0000
[  270.629145][T18015] loop9: detected capacity change from 0 to 1024
[  270.660181][T18015] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  270.708061][T17987] Set syz1 is full, maxelem 65536 reached
[  270.735673][T18015] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  270.746756][T18015] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  270.766759][   T29] audit: type=1326 audit(276.594:9311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18016 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e5307e929 code=0x7ffc0000
[  270.789818][   T29] audit: type=1326 audit(276.604:9312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18016 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e5307e929 code=0x7ffc0000
[  270.812804][   T29] audit: type=1326 audit(276.604:9313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18016 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e5307e929 code=0x7ffc0000
[  270.835741][   T29] audit: type=1326 audit(276.604:9314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18016 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e5307e929 code=0x7ffc0000
[  270.837422][T18015] JBD2: no valid journal superblock found
[  270.858742][   T29] audit: type=1326 audit(276.604:9315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18016 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e5307e929 code=0x7ffc0000
[  270.864440][T18015] EXT4-fs (loop9): Could not load journal inode
[  270.887491][   T29] audit: type=1326 audit(276.604:9316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18016 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e5307e929 code=0x7ffc0000
[  270.916827][   T29] audit: type=1326 audit(276.614:9317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18016 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e5307e929 code=0x7ffc0000
[  270.939883][   T29] audit: type=1326 audit(276.614:9318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18016 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e5307e929 code=0x7ffc0000
[  270.963133][   T29] audit: type=1326 audit(276.614:9319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18016 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f6e5307e929 code=0x7ffc0000
[  271.022902][T18027] loop4: detected capacity change from 0 to 2048
[  271.198101][T18040] loop5: detected capacity change from 0 to 164
[  271.362718][T18043] loop3: detected capacity change from 0 to 512
[  271.369708][T18043] EXT4-fs: Ignoring removed mblk_io_submit option
[  271.376208][T18043] EXT4-fs: Ignoring removed bh option
[  271.505306][T18046] loop1: detected capacity change from 0 to 1024
[  271.544964][T18046] EXT4-fs: Ignoring removed oldalloc option
[  271.582576][T18046] EXT4-fs: Ignoring removed orlov option
[  271.641972][T18048] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.681581][T18040] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  271.690102][T18043] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  271.700649][T18046] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  271.712616][T18043] EXT4-fs (loop3): 1 truncate cleaned up
[  271.719549][T18050] netlink: 108 bytes leftover after parsing attributes in process `syz.9.5773'.
[  271.760040][T18048] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.839648][T18048] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.890778][T18027] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  271.907897][T18027] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  271.920457][T18027] EXT4-fs (loop4): This should not happen!! Data will be lost
[  271.920457][T18027] 
[  271.930155][T18027] EXT4-fs (loop4): Total free blocks count 0
[  271.936157][T18027] EXT4-fs (loop4): Free/Dirty block details
[  271.942162][T18027] EXT4-fs (loop4): free_blocks=2415919104
[  271.948347][T18027] EXT4-fs (loop4): dirty_blocks=7984
[  271.953799][T18027] EXT4-fs (loop4): Block reservation details
[  271.960021][T18027] EXT4-fs (loop4): i_reserved_data_blocks=499
[  271.986092][T18048] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.013285][ T3587] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  272.026147][ T3587] EXT4-fs (loop4): This should not happen!! Data will be lost
[  272.026147][ T3587] 
[  272.038594][T18059] pim6reg1: entered promiscuous mode
[  272.044049][T18059] pim6reg1: entered allmulticast mode
[  272.060706][T18062] loop1: detected capacity change from 0 to 1024
[  272.067478][T18062] EXT4-fs: Ignoring removed nobh option
[  272.074304][T18062] EXT4-fs: Ignoring removed oldalloc option
[  272.088438][T15288] hid-generic 0000:0004:0000.000F: unknown main item tag 0x0
[  272.092443][T18048] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.095876][T15288] hid-generic 0000:0004:0000.000F: unknown main item tag 0x0
[  272.095921][T15288] hid-generic 0000:0004:0000.000F: unknown main item tag 0x0
[  272.108807][T18048] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.133987][T18048] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.134434][T15288] hid-generic 0000:0004:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  272.148772][T18048] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.189541][T18069] loop5: detected capacity change from 0 to 256
[  272.321517][T18079] SELinux: failed to load policy
[  272.327378][T18076] loop4: detected capacity change from 0 to 512
[  272.334522][T18076] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  272.365484][T18076] EXT4-fs (loop4): 1 truncate cleaned up
[  272.374208][T18087] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18087 comm=syz.9.5788
[  272.389655][T18087] loop9: detected capacity change from 0 to 512
[  272.397538][T18087] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  272.421487][T18087] EXT4-fs error (device loop9): __ext4_iget:5379: inode #11: block 3: comm syz.9.5788: invalid block
[  272.434499][T18087] EXT4-fs error (device loop9): ext4_orphan_get:1398: comm syz.9.5788: couldn't read orphan inode 11 (err -117)
[  272.449736][T18087] EXT4-fs warning (device loop9): dx_probe:801: inode #2: comm syz.9.5788: Unrecognised inode hash code 20
[  272.461214][T18087] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.5788: Corrupt directory, running e2fsck is recommended
[  272.474667][T18087] EXT4-fs warning (device loop9): dx_probe:801: inode #2: comm syz.9.5788: Unrecognised inode hash code 20
[  272.486159][T18087] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.5788: Corrupt directory, running e2fsck is recommended
[  272.644787][T18095] loop1: detected capacity change from 0 to 512
[  272.651700][T18095] EXT4-fs: Ignoring removed mblk_io_submit option
[  272.658186][T18095] EXT4-fs: Ignoring removed bh option
[  272.745782][T18094] loop9: detected capacity change from 0 to 2048
[  272.912217][T18095] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  272.924282][T18095] EXT4-fs (loop1): 1 truncate cleaned up
[  273.278386][T18109] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5794'.
[  273.387259][T18094] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  273.430182][T18094] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  273.442895][T18094] EXT4-fs (loop9): This should not happen!! Data will be lost
[  273.442895][T18094] 
[  273.452602][T18094] EXT4-fs (loop9): Total free blocks count 0
[  273.458658][T18094] EXT4-fs (loop9): Free/Dirty block details
[  273.464566][T18094] EXT4-fs (loop9): free_blocks=2415919104
[  273.470427][T18094] EXT4-fs (loop9): dirty_blocks=8208
[  273.472020][T15243] hid-generic 0000:0004:0000.0010: unknown main item tag 0x0
[  273.475803][T18094] EXT4-fs (loop9): Block reservation details
[  273.475817][T18094] EXT4-fs (loop9): i_reserved_data_blocks=513
[  273.495487][T15243] hid-generic 0000:0004:0000.0010: unknown main item tag 0x0
[  273.502992][T15243] hid-generic 0000:0004:0000.0010: unknown main item tag 0x0
[  273.537342][T18117] netlink: 'syz.3.5797': attribute type 10 has an invalid length.
[  273.543535][T15243] hid-generic 0000:0004:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  273.552376][T18117] team0: Device dummy0 failed to register rx_handler
[  273.568055][ T3623] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  273.580938][ T3623] EXT4-fs (loop9): This should not happen!! Data will be lost
[  273.580938][ T3623] 
[  273.593894][T18117] macvlan2: mtu less than device minimum
[  273.608905][T18117] netlink: 'syz.3.5797': attribute type 10 has an invalid length.
[  273.666776][T18126] netlink: 'syz.1.5802': attribute type 27 has an invalid length.
[  273.731616][T18128] loop5: detected capacity change from 0 to 128
[  273.743931][T18126] bridge0: port 3(syz_tun) entered disabled state
[  273.759932][T18126] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.767345][T18126] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.774802][T18091] syz.4.5789 (18091) used greatest stack depth: 6784 bytes left
[  273.890405][T18126] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  273.908858][T18126] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  273.970806][T18126] ipvlan0: left allmulticast mode
[  273.975982][T18126] veth0_vlan: left allmulticast mode
[  273.994174][T18126] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  274.002735][T18126] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  274.011219][T18126] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  274.019757][T18126] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  274.260595][T18159] loop5: detected capacity change from 0 to 512
[  274.269659][T18159] EXT4-fs: Ignoring removed oldalloc option
[  274.283662][T18159] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.5812: error while reading EA inode 32 err=-116
[  274.298992][T18163] loop3: detected capacity change from 0 to 512
[  274.309259][T18159] EXT4-fs (loop5): Remounting filesystem read-only
[  274.315806][T18159] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  274.326246][T18159] EXT4-fs (loop5): 1 orphan inode deleted
[  274.478199][T18172] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #19: comm syz.3.5814: corrupted inode contents
[  274.490414][T18172] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #19: comm syz.3.5814: mark_inode_dirty error
[  274.504286][T18172] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #19: comm syz.3.5814: corrupted inode contents
[  274.558269][T18172] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #19: comm syz.3.5814: mark_inode_dirty error
[  274.573729][T18172] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #19: comm syz.3.5814: mark inode dirty (error -117)
[  274.684233][T18176] loop5: detected capacity change from 0 to 512
[  274.691200][T18176] EXT4-fs: Ignoring removed mblk_io_submit option
[  274.697668][T18176] EXT4-fs: Ignoring removed bh option
[  274.704526][T18176] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  274.722367][T18176] EXT4-fs (loop5): 1 truncate cleaned up
[  274.770725][T18172] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  274.994445][T18187] syzkaller0: entered promiscuous mode
[  275.000085][T18187] syzkaller0: entered allmulticast mode
[  275.009801][T18189] loop9: detected capacity change from 0 to 128
[  275.017530][T18189] vfat: Unknown parameter 'ÿÿÿÿ18446744073709551615'
[  275.126644][T18197] wg2: entered promiscuous mode
[  275.131541][T18197] wg2: entered allmulticast mode
[  275.138457][T18162] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  275.352433][T18211] ip6gre3: entered allmulticast mode
[  275.384298][T18213] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5830'.
[  275.467352][T18212] loop3: detected capacity change from 0 to 512
[  275.474233][T18212] EXT4-fs: Ignoring removed mblk_io_submit option
[  275.480798][T18212] EXT4-fs: Ignoring removed bh option
[  275.542342][T18217] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5828'.
[  275.551346][T18217] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5828'.
[  275.909225][   T29] kauditd_printk_skb: 269 callbacks suppressed
[  275.909239][   T29] audit: type=1326 audit(281.884:9589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18219 comm="+}[@" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9282c1e929 code=0x0
[  275.961249][   T29] audit: type=1400 audit(281.934:9590): avc:  denied  { read write } for  pid=18219 comm="syz.9.5833" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  275.984889][   T29] audit: type=1400 audit(281.934:9591): avc:  denied  { open } for  pid=18219 comm="syz.9.5833" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  276.009061][T18221] program syz.9.5833 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.092810][T18212] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  276.108214][T18212] EXT4-fs (loop3): 1 truncate cleaned up
[  276.145830][   T29] audit: type=1400 audit(282.114:9592): avc:  denied  { ioctl } for  pid=18225 comm="syz.1.5834" path="socket:[64766]" dev="sockfs" ino=64766 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  276.187872][   T29] audit: type=1400 audit(282.154:9593): avc:  denied  { mount } for  pid=18227 comm="syz.1.5835" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  276.276337][   T29] audit: type=1326 audit(282.224:9594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18233 comm="syz.1.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  276.299685][   T29] audit: type=1326 audit(282.224:9595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18233 comm="syz.1.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f430c2ad290 code=0x7ffc0000
[  276.322808][   T29] audit: type=1326 audit(282.224:9596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18233 comm="syz.1.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f430c2b0157 code=0x7ffc0000
[  276.345768][   T29] audit: type=1326 audit(282.224:9597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18233 comm="syz.1.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f430c2ae929 code=0x7ffc0000
[  276.368985][   T29] audit: type=1326 audit(282.224:9598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18233 comm="syz.1.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f430c2b0157 code=0x7ffc0000
[  276.400205][T18232] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5837'.
[  276.482799][T18238] loop3: detected capacity change from 0 to 8192
[  276.497211][T18242] loop5: detected capacity change from 0 to 2048
[  276.509044][T18238] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  276.516671][T18238] FAT-fs (loop3): Filesystem has been set read-only
[  276.527553][T18242] Alternate GPT is invalid, using primary GPT.
[  276.534117][T18242]  loop5: p1 p2 p3
[  276.567055][T18247] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  276.575783][T18247] ref_ctr increment failed for inode: 0xc4a offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888103c01cc0
[  276.627140][T18254] netlink: 'syz.1.5847': attribute type 4 has an invalid length.
[  276.679101][T18261] pim6reg1: entered promiscuous mode
[  276.684594][T18261] pim6reg1: entered allmulticast mode
[  277.012449][T18270] loop1: detected capacity change from 0 to 512
[  277.019420][T18270] EXT4-fs: Ignoring removed mblk_io_submit option
[  277.025934][T18270] EXT4-fs: Ignoring removed bh option
[  277.039204][T18270] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  277.051014][T18270] EXT4-fs (loop1): 1 truncate cleaned up
[  277.259032][T18263] netlink: 96 bytes leftover after parsing attributes in process `syz.9.5850'.
[  277.412759][T18249] TCP: out of memory -- consider tuning tcp_mem
[  277.435464][T18283] netlink: 'syz.3.5857': attribute type 1 has an invalid length.
[  277.443535][T18284] loop5: detected capacity change from 0 to 1024
[  277.450291][T18283] 8021q: adding VLAN 0 to HW filter on device bond2
[  277.453501][T18284] EXT4-fs (loop5): bad geometry: block count 1310720 exceeds size of device (512 blocks)
[  277.466114][T18283] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5857'.
[  277.479416][T18283] vlan0: entered promiscuous mode
[  277.484569][T18283] bond2: entered promiscuous mode
[  277.495387][T18278] loop5: detected capacity change from 0 to 2048
[  277.507760][T18283] dummy0: entered promiscuous mode
[  277.560600][T18289] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5860'.
[  277.578299][T18289] bond0: (slave bond_slave_0): Releasing backup interface
[  277.590626][T18293] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.625305][T18296] netlink: 108 bytes leftover after parsing attributes in process `syz.5.5859'.
[  277.660969][T18293] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.685411][T18300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18300 comm=syz.4.5863
[  277.699636][T18300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18300 comm=syz.4.5863
[  277.713254][T18300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18300 comm=syz.4.5863
[  277.729417][T18300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18300 comm=syz.4.5863
[  277.742376][T18300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18300 comm=syz.4.5863
[  277.757290][T18300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18300 comm=syz.4.5863
[  277.770780][T18293] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.770818][T18300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18300 comm=syz.4.5863
[  277.776739][T18300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18300 comm=syz.4.5863
[  277.806390][T18300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18300 comm=syz.4.5863
[  277.819111][T18300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18300 comm=syz.4.5863
[  277.849723][T18293] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.917764][T18309] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  277.930667][T18293] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  277.943365][T18293] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  277.956187][T18293] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  277.967955][T18293] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  278.242023][T18318] loop3: detected capacity change from 0 to 512
[  278.248887][T18318] EXT4-fs: Ignoring removed mblk_io_submit option
[  278.255419][T18318] EXT4-fs: Ignoring removed bh option
[  278.397598][T18318] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  278.418383][T18318] EXT4-fs (loop3): 1 truncate cleaned up
[  278.503682][T18322] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  278.521665][T18322] tipc: Disabling bearer <eth:syzkaller0>
[  278.551238][T18325] random: crng reseeded on system resumption
[  278.645654][T18337] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5877'.
[  278.681037][T18340] loop9: detected capacity change from 0 to 1024
[  278.689193][T18340] EXT4-fs: Ignoring removed orlov option
[  278.749613][T18310] TCP: out of memory -- consider tuning tcp_mem
[  278.912063][T18340] ==================================================================
[  278.920246][T18340] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  278.928516][T18340] 
[  278.930849][T18340] write to 0xffff88811cdd9bb0 of 4 bytes by task 18349 on cpu 1:
[  278.938576][T18340]  writeback_single_inode+0x14a/0x3e0
[  278.943963][T18340]  sync_inode_metadata+0x5b/0x90
[  278.948918][T18340]  generic_buffers_fsync_noflush+0xd9/0x120
[  278.954836][T18340]  ext4_sync_file+0x1ab/0x690
[  278.959524][T18340]  vfs_fsync_range+0x10a/0x130
[  278.964309][T18340]  ext4_buffered_write_iter+0x34f/0x3c0
[  278.969874][T18340]  ext4_file_write_iter+0x383/0xf00
[  278.975084][T18340]  iter_file_splice_write+0x5ef/0x970
[  278.980477][T18340]  direct_splice_actor+0x153/0x2a0
[  278.985608][T18340]  splice_direct_to_actor+0x30f/0x680
[  278.991001][T18340]  do_splice_direct+0xda/0x150
[  278.995787][T18340]  do_sendfile+0x380/0x650
[  279.000219][T18340]  __x64_sys_sendfile64+0x105/0x150
[  279.005458][T18340]  x64_sys_call+0xb39/0x2fb0
[  279.010063][T18340]  do_syscall_64+0xd2/0x200
[  279.014579][T18340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.020486][T18340] 
[  279.022816][T18340] read to 0xffff88811cdd9bb0 of 4 bytes by task 18340 on cpu 0:
[  279.030454][T18340]  __mark_inode_dirty+0x18e/0x760
[  279.035487][T18340]  ext4_write_inline_data_end+0x3e5/0x5f0
[  279.041225][T18340]  ext4_write_end+0x4cd/0x730
[  279.045925][T18340]  generic_perform_write+0x312/0x490
[  279.051216][T18340]  ext4_buffered_write_iter+0x1ee/0x3c0
[  279.056796][T18340]  ext4_file_write_iter+0x383/0xf00
[  279.062011][T18340]  iter_file_splice_write+0x5ef/0x970
[  279.067406][T18340]  direct_splice_actor+0x153/0x2a0
[  279.072536][T18340]  splice_direct_to_actor+0x30f/0x680
[  279.077932][T18340]  do_splice_direct+0xda/0x150
[  279.082727][T18340]  do_sendfile+0x380/0x650
[  279.087164][T18340]  __x64_sys_sendfile64+0x105/0x150
[  279.092387][T18340]  x64_sys_call+0xb39/0x2fb0
[  279.096992][T18340]  do_syscall_64+0xd2/0x200
[  279.101505][T18340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.107412][T18340] 
[  279.109740][T18340] value changed: 0x00000038 -> 0x00000002
[  279.115459][T18340] 
[  279.117784][T18340] Reported by Kernel Concurrency Sanitizer on:
[  279.124043][T18340] CPU: 0 UID: 0 PID: 18340 Comm: syz.9.5878 Tainted: G        W           6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  279.138128][T18340] Tainted: [W]=WARN
[  279.141936][T18340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  279.152007][T18340] ==================================================================
SYZFAIL: failed to send rpc
fd=3 want=42376 sent=0 n=-1 (errno 32: Broken pipe)
[  279.238599][T11331] syz_tun (unregistering): left allmulticast mode
[  279.245195][T11331] syz_tun (unregistering): left promiscuous mode
[  279.251787][T11331] bridge0: port 3(syz_tun) entered disabled state
[  279.283897][T18330] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  279.411357][ T9770] bridge0: port 3(syz_tun) entered disabled state
[  279.421643][ T9770] syz_tun (unregistering): left allmulticast mode
[  279.428177][ T9770] syz_tun (unregistering): left promiscuous mode
[  279.434559][ T9770] bridge0: port 3(syz_tun) entered disabled state
[  279.540468][T18349] bridge0: port 3(syz_tun) entered disabled state
[  279.549803][T18349] syz_tun (unregistering): left allmulticast mode
[  279.556247][T18349] syz_tun (unregistering): left promiscuous mode
[  279.562765][T18349] bridge0: port 3(syz_tun) entered disabled state
[  279.753568][ T3576] bridge_slave_1: left allmulticast mode
[  279.759420][ T3576] bridge_slave_1: left promiscuous mode
[  279.765206][ T3576] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.773168][ T3576] bridge_slave_0: left promiscuous mode
[  279.778914][ T3576] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.908962][ T3576] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  279.918250][ T3576] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  279.927507][ T3576] bond0 (unregistering): Released all slaves
[  279.957720][ T3576] tipc: Disabling bearer <udp:sy>
[  279.962828][ T3576] tipc: Left network mode
[  280.009518][ T3576] hsr_slave_0: left promiscuous mode
[  280.015339][ T3576] hsr_slave_1: left promiscuous mode
[  280.021052][ T3576] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.028642][ T3576] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.329528][ T3576] IPVS: stop unused estimator thread 0...
[  280.389401][ T3576] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.428444][ T3576] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.477931][ T3576] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.538124][ T3576] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.610304][ T3576] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.657681][ T3576] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.707850][ T3576] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.767825][ T3576] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.830174][ T3576] bridge_slave_1: left allmulticast mode
[  280.835838][ T3576] bridge_slave_1: left promiscuous mode
[  280.841628][ T3576] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.849392][ T3576] bridge_slave_0: left allmulticast mode
[  280.855030][ T3576] bridge_slave_0: left promiscuous mode
[  280.860758][ T3576] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.870635][ T3576] bond1: left allmulticast mode
[  280.875497][ T3576] bond1: left promiscuous mode
[  280.880509][ T3576] bridge0: port 3(bond1) entered disabled state
[  280.887501][ T3576] bridge_slave_1: left allmulticast mode
[  280.893158][ T3576] bridge_slave_1: left promiscuous mode
[  280.898892][ T3576] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.906546][ T3576] bridge_slave_0: left promiscuous mode
[  280.912167][ T3576] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.966766][ T3576] team0: Port device geneve1 removed
[  281.169572][ T3576] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.178558][ T3576] bond_slave_0: left promiscuous mode
[  281.185063][ T3576] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.194096][ T3576] bond_slave_1: left promiscuous mode
[  281.200341][ T3576] $Hÿ (unregistering): Released all slaves
[  281.224565][ T3576] bond0 (unregistering): (slave geneve1): Releasing backup interface
[  281.278405][ T3576] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.287932][ T3576] bond0 (unregistering): Released all slaves
[  281.296303][ T3576] bond1 (unregistering): Released all slaves
[  281.305806][ T3576] bond2 (unregistering): Released all slaves
[  281.329913][ T3576] tipc: Left network mode
[  281.334469][ T3576] tipc: Disabling bearer <udp:syz0>
[  281.339740][ T3576] tipc: Disabling bearer <udp:syz2>
[  281.344958][ T3576] tipc: Left network mode
[  281.353687][ T3576] hsr_slave_0: left promiscuous mode
[  281.359351][ T3576] hsr_slave_1: left promiscuous mode
[  281.365013][ T3576] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  281.372550][ T3576] batman_adv: batadv0: Removing interface: batadv_slave_0
[  281.380211][ T3576] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  281.387715][ T3576] batman_adv: batadv0: Removing interface: batadv_slave_1
[  281.397670][ T3576] hsr_slave_0: left promiscuous mode
[  281.403335][ T3576] hsr_slave_1: left promiscuous mode
[  281.408985][ T3576] batman_adv: batadv0: Removing interface: batadv_slave_0
[  281.416572][ T3576] batman_adv: batadv0: Removing interface: batadv_slave_1
[  281.425641][ T3576] veth1_macvtap: left promiscuous mode
[  281.431186][ T3576] veth0_macvtap: left promiscuous mode
[  281.436790][ T3576] veth1_vlan: left promiscuous mode
[  281.442075][ T3576] veth0_vlan: left promiscuous mode
[  281.498719][ T3576] team0 (unregistering): Port device team_slave_1 removed
[  281.509177][ T3576] team0 (unregistering): Port device team_slave_0 removed
[  281.562088][ T3576] team0 (unregistering): Port device team_slave_1 removed
[  281.571493][ T3576] team0 (unregistering): Port device team_slave_0 removed
[  282.092088][ T3576] IPVS: stop unused estimator thread 0...
[  282.488484][ T3584] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.548212][ T3584] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.588026][ T3584] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.637946][ T3584] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.709526][ T3584] bridge_slave_1: left allmulticast mode
[  282.715261][ T3584] bridge_slave_1: left promiscuous mode
[  282.720968][ T3584] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.729371][ T3584] bridge_slave_0: left allmulticast mode
[  282.735065][ T3584] bridge_slave_0: left promiscuous mode
[  282.740822][ T3584] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.001487][ T3584] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  283.011616][ T3584] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  283.021272][ T3584] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  283.030710][ T3584] bond0 (unregistering): Released all slaves
[  283.097330][ T3584] tipc: Disabling bearer <udp:s>
[  283.102392][ T3584] tipc: Left network mode
[  283.108901][ T3584] hsr_slave_0: left promiscuous mode
[  283.114613][ T3584] hsr_slave_1: left promiscuous mode
[  283.120327][ T3584] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  283.127839][ T3584] batman_adv: batadv0: Removing interface: batadv_slave_0
[  283.135526][ T3584] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  283.143030][ T3584] batman_adv: batadv0: Removing interface: batadv_slave_1
[  283.151947][ T3584] veth1_macvtap: left promiscuous mode
[  283.157465][ T3584] veth0_macvtap: left promiscuous mode
[  283.162982][ T3584] veth1_vlan: left promiscuous mode
[  283.168312][ T3584] veth0_vlan: left promiscuous mode
[  283.226346][ T3584] team0 (unregistering): Port device team_slave_1 removed
[  283.236636][ T3584] team0 (unregistering): Port device team_slave_0 removed