last executing test programs:

52.908386264s ago: executing program 4 (id=845):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300000088b000850000001b000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)

52.422031307s ago: executing program 4 (id=847):
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2})
io_uring_setup(0x1de0, &(0x7f0000000280)={0x0, 0x45d6, 0x40, 0x1})
r0 = socket$inet_udp(0x2, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x40000000015, 0x5, 0x0)
recvmmsg(r3, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000004c0)={'bond0\x00'})
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000010025bd", @ANYRES32=r0, @ANYBLOB, @ANYRES32=r4], 0x44}, 0x1, 0x0, 0x0, 0x2404c8a0}, 0x4000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x22, 0x0, &(0x7f0000000180)="e30080670000ec67838717bd86dde148f063096244fe42904bcee14db4241544716b", 0x0, 0x407, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x50)
pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000200)={0x7fffffff, 0x211, 0x1, 'queue0\x00', 0x8})
syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r6, 0x29, 0x30, 0x0, 0x401)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[], 0x0, 0x20, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_setup(0x8, 0x0)
socket$netlink(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)

51.262608659s ago: executing program 4 (id=865):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000140)={0x6}, 0x10)
write(r0, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000140)={0x6}, 0x10)
write(r1, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1000}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x8004)

50.577719399s ago: executing program 4 (id=870):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@nojournal_checksum}, {@dioread_lock}, {@resgid}, {}, {@resgid}, {@inlinecrypt}, {@debug}, {@usrquota}]}, 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
open(&(0x7f0000000680)='./bus\x00', 0x4001410c2, 0x2e)
mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x441, 0x80)
fallocate(r2, 0x8, 0x4000, 0x4000)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x40, 0x8005, 0x0, 0x0, 0xa, 0x4, "ef359f413bb93852f7d6a4ae6dddfbd1000000000000ff91031905b9aaaaf755a3f6a004000000000001000200", "036c47c6780820d1cbf733970000cf33768bbd9bffbcc2542ded71038259ca171ce1a310ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204, 0xffffffffffffffff]})
write$binfmt_misc(r0, &(0x7f0000000340)="be", 0x1)

49.952217404s ago: executing program 4 (id=889):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff3000/0x3000)=nil, &(0x7f0000ff6000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x2, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='8', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

49.905231708s ago: executing program 4 (id=891):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x5, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x7a, &(0x7f0000000d00)={@broadcast, @remote, @void, {@ipv6={0x86dd, @gre_packet={0x6, 0x6, "d5e09e", 0x44, 0x2f, 0xff, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1, 0x1}, {0x8, 0x88be, 0x4, {{0xe, 0x1, 0x2, 0x3, 0x0, 0x0, 0x0, 0xb}, 0x1, {0xffffffff}}}, {0x8, 0x22eb, 0x1, {{0xf, 0x2, 0x0, 0x3, 0x1, 0x1, 0x0, 0xa}, 0x2, {0x5, 0x200, 0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x1}}}, {0x8, 0x6558, 0x3}}}}}}}, 0x0)

49.894193509s ago: executing program 32 (id=891):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x5, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x7a, &(0x7f0000000d00)={@broadcast, @remote, @void, {@ipv6={0x86dd, @gre_packet={0x6, 0x6, "d5e09e", 0x44, 0x2f, 0xff, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1, 0x1}, {0x8, 0x88be, 0x4, {{0xe, 0x1, 0x2, 0x3, 0x0, 0x0, 0x0, 0xb}, 0x1, {0xffffffff}}}, {0x8, 0x22eb, 0x1, {{0xf, 0x2, 0x0, 0x3, 0x1, 0x1, 0x0, 0xa}, 0x2, {0x5, 0x200, 0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x1}}}, {0x8, 0x6558, 0x3}}}}}}}, 0x0)

7.85745515s ago: executing program 3 (id=1637):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000003c0)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r4, &(0x7f0000000140)={&(0x7f0000000340)={0x2, 0x4005, @empty}, 0x10, 0x0}, 0x30006095)
close(r4)

7.205860337s ago: executing program 3 (id=1642):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000001200)=0x8a4, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x1, 0x0, 0x0, @vifc_lcl_addr=@multicast2, @dev}, 0x10)
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bbr', 0x3)
syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000140)='./file0\x00', 0x54411c7e488645be, &(0x7f0000000580)={[{@resgid}, {@nogrpid}, {@commit={'commit', 0x3d, 0x9c}}, {@nojournal_checksum}, {@dax_never}, {}, {@dax}]}, 0x1, 0x53d, &(0x7f0000001740)="$eJzs3V1rZGcdAPD/OZNJZ3ezZqperAXb4lZ2i+zMprFt9KJdQfSqoNb7NSSTEDLJhMykbELRFC+8FERU8AN4I/gBBOlHEKGgX0BFEd3qndpT5swZmpeZzZCXnTD5/eDkPM95+z/PIefMeXl4TgBX1osR8SAiShHxckTMFtPTYoj93tBd7sPH7y51hySy7O1/JpEU0/rb6uanIuJGsVolIr7zzYjb6fG47d299cVms7Fd5Oudja16e3fv3trG4mpjtbE5Pz/32sLrC68u3M8KZ6pnNSLe+Ppff/bjX33jjW5xHv797veTiN/d/GSRpTMFGCLJ/5bzfdHX3UfbFxFsTLr1KZfGXQoAAEbRvRb+dER8Ib/+n41SfjUHAAAATJLszZn4XxKRHfLfDAAAAJgcaUTMRJLWirYAM5GmtVqvDe9n43rabLU7X1pp7Wwud+dFVKOcrqw1G/eLtsLVKCfd/FzRxraff+VIfj4ino2In85ey/O1pVZzedwPPwAAAOCKuPHC4fv//8ymeRoAAACYMNWhGQAAAGBSuOUHAACAyVfNP1EFAAAATKhvvfVWd8j63/Fefmd3Z731zr3lRnu9trGzVFtqbW/VVlut1bzPvo2Tttdstba+HJs7j+qdRrtTb+/uPdxo7Wx2Hq4d+gQ2AAAA8BQ9+8L7f0oiYv+r1/Ihin4ATzJ94SUDLpW/jLsAwHkqjbsAwNhMjbsAwNic3OzfGQImXXLC/OONd3rPCuP3F1MeAADg/N353PH3//13+7oEgMk2SlsfAGCyeLsHV1f5tC0Ab513SYBx+VRv9Myw+UM77xjh/X/vGUOWnapgAADAuZnJhyStFdfpM5GmtVrEzfyzAOVkZa3ZuF/cH/xxtvxMNz+Xr5mc2GYYAAAAAAAAAAAAAAAAAAAAAAAAAOjJsiQyAAAAYKJFpH9L8t78I+7MvjRz+OnAka9+/fLtnz9a7HS25yKmk3/NdidNR0TnF8X0VzKfBAAAAIBLoHefXoznxl0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACbNh4/fXeoPTzPuP74WEdVB8aeiko8rUY6I6/9OYurAeklElM4h/v57EXFrUPwkPsqyrFqUYlD8axccv5rvmkqWFMsejJ9GxI1ziA9X2fvd88+DQcdfGi/m48HH/9SR4/G0+ue/6SJ/MH7//Fcacv65eTCfDo/x3Ae/qQ+N/17Ec1O9uA/i8PmnHz/pxU/iSPzbI9bxe9/d2xs448AmB53/Dsaqdza26u3dvXtrG4urjdXG5vz83GsLry+8unC/vrLWbBR/B4b5yed/+9GT6n99SPzq4fof2/8vjVT7LP7/waPHn+llyoPi3709+Pf31pD4afHb98Ui3Z1/p5/e76UPev7Xf3j+SfVfHlL/ygn1vztS/eMrL3/7h38eOOfY3gAAnob27t76YrPZ2H5CojLCMkMTlSMhSqfczuHEm2db/RIm4nIUY1yJ7Ae9/8ezbeeMqx9LZI0fnX71qTiHYkwfO05LcdoNJhH73W2N+A8JAABMmE8u+pNRFp+++BIBAAAAAAAAAAAAAAAAAADA1XPKbskqEdGbUj65O7F+rH7/wfvjqy4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFAfBwAA//9mMsZi")
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

3.205798919s ago: executing program 1 (id=1687):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000c40)={'filter\x00', 0x104, 0x4, 0x3c8, 0x110, 0x110, 0x110, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@arp={@empty, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac}, {@empty, {[0x0, 0x0, 0x0, 0xff]}}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 'dvmrp0\x00', 'netdevsim0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010101, 0x8, 0x1}}}, {{@arp={@loopback, @local, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pim6reg0\x00', 'veth0\x00', {}, {}, 0x0, 0x20}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x80ca, 0x8}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)

2.318170286s ago: executing program 1 (id=1694):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @perf_config_ext, 0x10208, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000080)=[{&(0x7f0000000500)='|', 0x1}], 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)

1.833891119s ago: executing program 5 (id=1703):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x1000000000000008}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
bind$can_raw(r3, &(0x7f0000000100)={0x1d, r4}, 0x10)
bind$can_raw(r3, &(0x7f00000000c0), 0x10)

1.799890012s ago: executing program 5 (id=1706):
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="780000001800", 0x6, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000070000000080000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r2, 0x0, 0x4}, 0x18)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x0, 0x318}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)

1.655080085s ago: executing program 5 (id=1708):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000200), 0x200000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0xa0380, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000a80)={'syzkaller0\x00', @broadcast})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r3, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

1.633381736s ago: executing program 2 (id=1709):
pipe2(&(0x7f00000006c0)={<r0=>0xffffffffffffffff}, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x4e24, 0xfffffffe, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000200)=@gcm_256={{0x304}, "b5d4c27c5c778dd0", "5f128fd81908609c81286d4f6a539024ffb7007ed672afb4be7aec5ca3d27dbf", '\x00', "b690a3fabf2cb970"}, 0x38)
write$binfmt_script(r3, &(0x7f00000003c0), 0x4)
recvmmsg(r3, 0x0, 0x0, 0x40000002, 0x0)
writev(r3, &(0x7f0000000280)=[{&(0x7f0000000640)="d6", 0x1}], 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

1.59342871s ago: executing program 2 (id=1710):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
io_setup(0x8f0, &(0x7f0000002400))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

1.58925495s ago: executing program 3 (id=1711):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{0xffffffffffffffff, <r0=>0xffffffffffffffff}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RVERSION(r4, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0xfffffd97)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@bloom_filter={0x1e, 0xfff, 0x80, 0x1, 0x4a028, r0, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x2, 0xc, @value=r2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000002c0)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)

1.492154449s ago: executing program 3 (id=1712):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r5 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', <r6=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r5, 0x1, 0x70bd27, 0x25dfdbfc, {}, [{{0x8, 0x1, r6}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x2004c8c0)

1.436290274s ago: executing program 1 (id=1713):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000b8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
ioctl$sock_qrtr_TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000200))
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r4, &(0x7f0000000000)={&(0x7f0000000140)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x30006041)
close(r4)

1.375622209s ago: executing program 5 (id=1714):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
close(0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Le1cYB/CTgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS9hZq7dIWU/rj81ku55znuc89fG/gfy0efmo2m7EQQjPx97u/P8tPFHunxqZnQoiF+RBC/puvfz2JRRW/v/UiWpeidTGRqR3cjr+eddz1PVRTR/Ho/DIewg8hhKWn4+S/vRtfvvPcdXJjc6WwtZZbfCysPw8vDOR7tvPLuyOH2fJsd3Yu+rEu462Zn6qNntw3Sy977YNt1VojcxPVpWOfM5//1p/z3++q1CuNyf7T1aF0Z/2qvBPl/iZ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgk53nrpMbmyuFrbXc4mNh/Xl4YSDfs51f3h05zJZnu7Nz8d/qLuOtmZ+qjZ7cN0sve+2DbdVaI3MT1aVjH1q/+/FzPokW+ja8z3+/q1KvNCb7T1eH0p31q/JOlPvbx/wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5SfqLYOzU2PRNCLMyHEMbjHce/7DcT7+suomcp2i8mMrWD2/HXs467vodq6mgqEcIfW5aejpNfteoS/GM/BwAA//8394ZP")
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', <r4=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r4, @ANYBLOB="080003"], 0x44}}, 0x0)

1.042583049s ago: executing program 1 (id=1715):
openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
open(0x0, 0x14507e, 0x0)
io_submit(0x0, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000980)='\xff\x00\x00\x00\x00\x00\x000`\x14\x99\x06\xc0\x7fs\x00\t\x14\x17\xc3\xf5\xc9\v\x85\xe7\x00\x00\x18\x88\x06\x94\x98\xa9\xe7\x1c\x8a\x89\xdc\xcc\xf7L\xbd%\xc3!\x0e\x91S\xb2~8\"\xe2\xed\xbf\x12\x1a\\6p\'p\xef\x1a\n\x99\x12\xe8\'\x1c\x97M\xa5N\xd9\xbeV&\x1c2K?\x95\xd9\"\xbe\x050+\xca\xea\'\xe9)\xfe\xeb\x9c\xb5\xa0F`\xe4D\x10F\x831\xec\\v\xf0\xab_M\b\x03\xc3\n\x89\x01E`\xd35Q2\xecZz\xdc\x065p\x1c\x8f\x9b\x99IGXO\x00\x00\v\xed\xb0\xc5\xd4\xc7,\x1a\xb3}CMOO\x8a\xa8kh\x7f\x05c\xfc\xebb\xc8\xa2\xa9\xbf\xb3\x9b\xafE\xbd\xc5\xdc\xde\xbe_')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x3}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x0, 0x40, &(0x7f0000000000)={0x60, 0x14, 0x8, 0x2}, 0x8, 0x7, 0x200, 0x0, 0x0, 0x0, 0x0})
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757815"], 0x65)
openat$autofs(0xffffffffffffff9c, 0x0, 0x20100, 0x0)

977.458764ms ago: executing program 1 (id=1716):
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
r1 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x11c167, 0x0, 0xfffffffa, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x17, 0x2000000000000242, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x40}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r4, 0x0, 0x9}, 0x18)
bpf$LINK_DETACH(0x22, &(0x7f0000000100)=r1, 0x4)

886.147412ms ago: executing program 3 (id=1717):
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f00000000c0)=0xffff, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8000001f)
r2 = open(&(0x7f0000000280)='.\x00', 0x181000, 0x0)
fcntl$notify(r2, 0x402, 0x8000003d)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x40000024, 0x800000000004, @tid=r3}, 0x0)
close_range(r1, r2, 0x0)

874.369153ms ago: executing program 5 (id=1718):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r2 = io_uring_setup(0x1694, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@i_version}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000000200)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==")
r3 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
r5 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x68)
fallocate(r5, 0x0, 0x0, 0x1001ed)
fallocate(r5, 0x3, 0xf00, 0x10000)
fallocate(r3, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000040)={0xc, r3, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

839.261966ms ago: executing program 2 (id=1719):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x1c}, 0x1c}}, 0x0)

793.38405ms ago: executing program 3 (id=1720):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
fallocate(0xffffffffffffffff, 0x8, 0x0, 0x8000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x800c4, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
socket$key(0xf, 0x3, 0x2)
fsmount(0xffffffffffffffff, 0x0, 0x0)
open(0x0, 0x143142, 0x80)

741.000765ms ago: executing program 0 (id=1721):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000005000000000000000000000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='page_pool_state_hold\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000fc07ffff00000000000000008500000041000000850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x1800018, &(0x7f0000000840)={[{@errors_remount}, {@nodioread_nolock}, {@nomblk_io_submit}, {@test_dummy_encryption_v1}]}, 0x1, 0x512, &(0x7f0000000ec0)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
r1 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x39c4, 0x2, 0x4, 0xfffffffe}, &(0x7f0000000580)=<r2=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
io_uring_enter(r1, 0x66a8, 0x4000, 0xf, 0x0, 0x18)

740.261975ms ago: executing program 5 (id=1722):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001180)={0x1, &(0x7f00000011c0)=[{0x6, 0x0, 0x0, 0x4}]})
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x18)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r3, 0x400, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

569.50705ms ago: executing program 0 (id=1723):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x80400, 0x0)
timer_create(0x1, 0x0, 0x0)
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
recvmmsg(r0, &(0x7f0000004300)=[{{0x0, 0x0, 0x0}}], 0x1, 0x61, 0x0)
socket$packet(0x11, 0x2, 0x300)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp\x00')
r1 = socket$inet6(0xa, 0x80002, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
sendmmsg$inet(r2, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x7e1f, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x300}}], 0x3, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

519.209064ms ago: executing program 0 (id=1724):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x4, 0xfffb}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8848}, 0x80)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r3, {0xc, 0xc}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=@newtfilter={0x34, 0x2c, 0xd2b, 0x800, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x10, 0xfff1}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x24044094)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)

510.314735ms ago: executing program 1 (id=1725):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e000000040000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='contention_end\x00', r1, 0xe4}, 0x18)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
pwritev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000180)}], 0x1, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r2, &(0x7f0000000600)=[{{0x0, 0x9400, 0x0, 0x0, 0x0, 0x0, 0x94}, 0x40}], 0x1, 0x2, 0x0)

363.019268ms ago: executing program 0 (id=1726):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000180)=@gcm_128={{0x304}, "54fcc1dbadb00b50", "f4d095d17fa5842e23149cba5969c47f", "8da40d64", "eb034ea618e777ea"}, 0x28)
sendto$inet6(r0, &(0x7f0000000340)="d1", 0x1, 0x8000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000080)='memory.swap.current\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='page_pool_state_hold\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000fc07ffff00000000000000008500000041000000850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000240)="c6", 0x3fff, 0x8040, 0x0, 0x0)

285.467235ms ago: executing program 2 (id=1727):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{0xffffffffffffffff, <r0=>0xffffffffffffffff}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RVERSION(r4, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0xfffffd97)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@bloom_filter={0x1e, 0xfff, 0x80, 0x1, 0x4a028, r0, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x2, 0xc, @value=r2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000002c0)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)

285.244475ms ago: executing program 0 (id=1728):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0xc8a2, 0xc000, 0x8, 0xc4})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB=')'], 0x50)
io_uring_enter(r2, 0x2219, 0xcf74, 0x16, 0x0, 0x0)

236.436779ms ago: executing program 0 (id=1729):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141b42, 0x8)
ptrace(0x4206, 0x0)
tkill(0x0, 0x12)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r3=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@bloom_filter={0x1e, 0xb78, 0x2, 0x7, 0x22a20, r2, 0x7, '\x00', r3, 0xffffffffffffffff, 0x0, 0x25, 0x5, 0xa}, 0x50)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000), 0x8)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff})
splice(r4, 0x0, r1, 0x0, 0x1000, 0x800000000000000)

186.384374ms ago: executing program 2 (id=1730):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000d"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8914, &(0x7f0000000080))
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000200)=r2)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000002c0)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r5, &(0x7f0000000280)=ANY=[@ANYBLOB="1e030600bc5cb60128876360864666702c1ffe80000000000000", @ANYRESDEC], 0xffdd)

0s ago: executing program 2 (id=1731):
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f00000000c0)=0xffff, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8000001f)
r2 = open(&(0x7f0000000280)='.\x00', 0x181000, 0x0)
fcntl$notify(r2, 0x402, 0x8000003d)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x40000024, 0x800000000004, @tid=r3}, 0x0)
close_range(r1, r2, 0x0)

kernel console output (not intermixed with test programs):

stead of data journaling mode
[   68.836403][ T5102] EXT4-fs (loop3): 1 truncate cleaned up
[   68.856766][ T5102] netlink: 'syz.3.635': attribute type 13 has an invalid length.
[   68.870445][ T5102] gretap0: refused to change device tx_queue_len
[   68.882992][ T5102] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   68.937915][ T5107] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   68.973921][ T5114] Invalid argument reading file caps for ./file0
[   68.995693][ T5111] EXT4-fs error (device loop4): dx_make_map:1296: inode #2: block 63: comm syz.4.637: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[   69.014509][ T5111] EXT4-fs (loop4): Remounting filesystem read-only
[   69.088117][ T5121] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[   69.137526][ T5121] SELinux: failed to load policy
[   69.162427][ T5125] EXT4-fs (loop1): 1 orphan inode deleted
[   69.307375][ T5136] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   69.321496][ T5134] Buffer I/O error on dev loop4, logical block 0, async page read
[   69.331501][ T5136] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   69.348731][ T5134] Buffer I/O error on dev loop4, logical block 0, async page read
[   69.356725][ T5134]  loop4: unable to read partition table
[   69.400896][ T5134] loop_reread_partitions: partition scan of loop4 (���������S�j��	���%��`��ր����5) failed (rc=-5)
[   69.406302][ T3512] Buffer I/O error on dev loop4, logical block 0, async page read
[   69.447758][ T3512] Buffer I/O error on dev loop4, logical block 0, async page read
[   69.455991][ T3512] Buffer I/O error on dev loop4, logical block 0, async page read
[   69.465451][ T3512] Buffer I/O error on dev loop4, logical block 0, async page read
[   69.473641][ T3512] Buffer I/O error on dev loop4, logical block 0, async page read
[   69.482210][ T3512] Buffer I/O error on dev loop4, logical block 0, async page read
[   69.490329][ T3512] Buffer I/O error on dev loop4, logical block 0, async page read
[   69.505522][ T3512] Buffer I/O error on dev loop4, logical block 0, async page read
[   69.589197][ T5155] EXT4-fs: Ignoring removed nobh option
[   69.602581][ T5153] __nla_validate_parse: 10 callbacks suppressed
[   69.602600][ T5153] netlink: 56 bytes leftover after parsing attributes in process `syz.0.657'.
[   69.637940][ T5155] EXT4-fs: old and new quota format mixing
[   69.646008][ T5153] netlink: 24 bytes leftover after parsing attributes in process `syz.0.657'.
[   70.128603][ T5194] netlink: 24 bytes leftover after parsing attributes in process `syz.1.672'.
[   70.152915][ T5194] IPVS: Error connecting to the multicast addr
[   70.282064][ T5210] netlink: 28 bytes leftover after parsing attributes in process `syz.3.677'.
[   70.294809][ T5211] netlink: 24 bytes leftover after parsing attributes in process `syz.1.681'.
[   70.366233][ T5161] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   70.404627][ T5161] EXT4-fs (loop2): 1 truncate cleaned up
[   70.439874][ T5161] EXT4-fs mount: 64 callbacks suppressed
[   70.439957][ T5161] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.493607][ T5224] all: renamed from team_slave_0 (while UP)
[   70.525422][ T5226] netlink: 24 bytes leftover after parsing attributes in process `syz.1.687'.
[   70.552861][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.698421][ T5240] netlink: 8 bytes leftover after parsing attributes in process `syz.3.694'.
[   70.764735][   T29] kauditd_printk_skb: 110 callbacks suppressed
[   70.764754][   T29] audit: type=1400 audit(70.741:793): avc:  denied  { create } for  pid=5251 comm="syz.2.699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   70.789317][ T5255] 
: renamed from gretap0 (while UP)
[   70.802786][ T5255] netlink: 16 bytes leftover after parsing attributes in process `syz.3.702'.
[   70.811861][ T5255] A link change request failed with some changes committed already. Interface 
 may have been left with an inconsistent configuration, please check.
[   70.842837][ T5257] journal_path: Lookup failure for './file0'
[   70.849000][ T5257] EXT4-fs: error: could not find journal device path
[   70.874665][ T5260] netlink: 16 bytes leftover after parsing attributes in process `syz.3.702'.
[   70.883597][ T5260] A link change request failed with some changes committed already. Interface 
 may have been left with an inconsistent configuration, please check.
[   70.998449][   T29] audit: type=1400 audit(70.971:794): avc:  denied  { create } for  pid=5267 comm="syz.0.706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   71.029492][ T5268] set_capacity_and_notify: 12 callbacks suppressed
[   71.029512][ T5268] loop0: detected capacity change from 0 to 512
[   71.064707][ T5268] EXT4-fs: Ignoring removed mblk_io_submit option
[   71.076485][   T29] audit: type=1400 audit(71.001:795): avc:  denied  { allowed } for  pid=5267 comm="syz.0.706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   71.095088][   T29] audit: type=1326 audit(71.001:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5267 comm="syz.0.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2732ff749 code=0x7ffc0000
[   71.117745][   T29] audit: type=1326 audit(71.001:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5267 comm="syz.0.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2732ff749 code=0x7ffc0000
[   71.138329][ T5268] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a85ec129, mo2=0006]
[   71.140506][   T29] audit: type=1326 audit(71.001:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5267 comm="syz.0.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2732ff749 code=0x7ffc0000
[   71.171116][   T29] audit: type=1326 audit(71.001:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5267 comm="syz.0.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2732ff749 code=0x7ffc0000
[   71.175601][ T5259] loop2: detected capacity change from 0 to 512
[   71.193723][   T29] audit: type=1326 audit(71.001:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5267 comm="syz.0.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2732ff749 code=0x7ffc0000
[   71.193762][   T29] audit: type=1326 audit(71.001:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5267 comm="syz.0.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2732ff749 code=0x7ffc0000
[   71.193795][   T29] audit: type=1326 audit(71.001:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5267 comm="syz.0.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2732ff749 code=0x7ffc0000
[   71.193909][ T5268] EXT4-fs (loop0): failed to initialize system zone (-117)
[   71.193949][ T5268] EXT4-fs (loop0): mount failed
[   71.300565][ T5259] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   71.408562][ T5259] EXT4-fs (loop2): 1 truncate cleaned up
[   71.425183][ T5259] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.440039][ T5277] netlink: 8 bytes leftover after parsing attributes in process `syz.4.709'.
[   71.781772][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.580200][ T5349] loop0: detected capacity change from 0 to 512
[   72.587730][ T5349] EXT4-fs: inline encryption not supported
[   72.610553][ T5349] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.637823][ T5349] EXT4-fs (loop0): shut down requested (2)
[   72.721381][ T3324] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.759633][ T5366] loop2: detected capacity change from 0 to 1024
[   72.797262][ T5366] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.834957][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.873854][ T5372] loop4: detected capacity change from 0 to 4096
[   72.881414][ T5372] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   72.893604][ T5372] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.010471][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.047144][ T5389] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.054865][ T5389] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.063084][ T5395] loop2: detected capacity change from 0 to 512
[   73.073599][ T5395] EXT4-fs: Ignoring removed nobh option
[   73.079425][ T5395] EXT4-fs: old and new quota format mixing
[   73.151311][ T5389] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   73.165683][ T5389] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   73.210222][ T2311] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   73.245100][ T2311] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   73.263745][ T5412] loop3: detected capacity change from 0 to 256
[   73.264670][ T2311] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   73.289919][ T2311] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   73.453913][ T5428] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   73.805487][ T5453] SELinux: failed to load policy
[   73.905249][ T5467] syzkaller0: entered promiscuous mode
[   73.910998][ T5467] syzkaller0: entered allmulticast mode
[   73.924434][ T5469] loop2: detected capacity change from 0 to 1024
[   73.931303][ T5469] EXT4-fs: Ignoring removed bh option
[   73.945978][ T5469] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.963090][ T5469] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.786: Allocating blocks 385-513 which overlap fs metadata
[   73.987655][ T5473] all: renamed from team_slave_0 (while UP)
[   74.044337][ T5469] EXT4-fs (loop2): pa ffff8881075d4150: logic 16, phys. 129, len 24
[   74.052473][ T5469] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8
[   74.067209][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.852253][ T5525] loop1: detected capacity change from 0 to 1024
[   74.868687][ T5525] EXT4-fs: Ignoring removed bh option
[   74.906090][ T5525] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.035049][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.068242][ T5543] sch_tbf: burst 22 is lower than device wg0 mtu (1420) !
[   75.120313][ T5545] __nla_validate_parse: 9 callbacks suppressed
[   75.120331][ T5545] netlink: 72 bytes leftover after parsing attributes in process `syz.4.816'.
[   75.154917][ T5547] loop7: detected capacity change from 0 to 7
[   75.161362][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   75.170991][    C1] buffer_io_error: 2 callbacks suppressed
[   75.171011][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   75.184810][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   75.194418][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   75.202455][ T5547]  loop7: unable to read partition table
[   75.208467][ T5547] loop_reread_partitions: partition scan of loop7 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[   75.395701][ T5565] netlink: 'syz.3.826': attribute type 10 has an invalid length.
[   75.409709][ T5565] team0: Port device dummy0 added
[   75.698130][ T5565] syz.3.826: attempt to access beyond end of device
[   75.698130][ T5565] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128
[   75.712327][ T5565] syz.3.826: attempt to access beyond end of device
[   75.712327][ T5565] loop3: rw=2049, sector=185, nr_sectors = 16 limit=128
[   75.748470][ T5565] syz.3.826: attempt to access beyond end of device
[   75.748470][ T5565] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[   75.762384][ T5565] syz.3.826: attempt to access beyond end of device
[   75.762384][ T5565] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[   75.776167][ T5565] syz.3.826: attempt to access beyond end of device
[   75.776167][ T5565] loop3: rw=2049, sector=241, nr_sectors = 16 limit=128
[   75.821441][ T5565] syz.3.826: attempt to access beyond end of device
[   75.821441][ T5565] loop3: rw=2049, sector=265, nr_sectors = 8 limit=128
[   75.881597][ T5565] syz.3.826: attempt to access beyond end of device
[   75.881597][ T5565] loop3: rw=2049, sector=281, nr_sectors = 8 limit=128
[   75.913281][ T5565] syz.3.826: attempt to access beyond end of device
[   75.913281][ T5565] loop3: rw=2049, sector=297, nr_sectors = 8 limit=128
[   75.927352][ T5565] syz.3.826: attempt to access beyond end of device
[   75.927352][ T5565] loop3: rw=2049, sector=313, nr_sectors = 8 limit=128
[   75.941834][ T5565] syz.3.826: attempt to access beyond end of device
[   75.941834][ T5565] loop3: rw=2049, sector=329, nr_sectors = 8 limit=128
[   76.009580][ T2974] hid_parser_main: 19 callbacks suppressed
[   76.009603][ T2974] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   76.023436][ T2974] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   76.265630][ T5590] IPv4: Oversized IP packet from 127.202.26.0
[   76.355001][ T5598] syz_tun: entered allmulticast mode
[   76.404370][   T29] kauditd_printk_skb: 80 callbacks suppressed
[   76.404387][   T29] audit: type=1400 audit(76.382:883): avc:  denied  { connect } for  pid=5599 comm="syz.1.840" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   76.462111][ T5604] bridge0: entered promiscuous mode
[   76.467631][ T5604] bridge0: left promiscuous mode
[   76.539632][ T5609] netlink: 20 bytes leftover after parsing attributes in process `syz.4.844'.
[   76.576554][ T5611] set_capacity_and_notify: 1 callbacks suppressed
[   76.576575][ T5611] loop4: detected capacity change from 0 to 1024
[   76.592143][ T5611] EXT4-fs: Ignoring removed orlov option
[   76.601857][ T5611] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.041816][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.090617][ T5622] netlink: 8 bytes leftover after parsing attributes in process `syz.2.848'.
[   77.126424][ T5622] netlink: 'syz.2.848': attribute type 17 has an invalid length.
[   77.134261][ T5622] netlink: 148 bytes leftover after parsing attributes in process `syz.2.848'.
[   77.558690][ T5641] loop2: detected capacity change from 0 to 1024
[   77.596114][ T5641] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.638292][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.673501][ T5646] loop2: detected capacity change from 0 to 512
[   77.682767][ T5646] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   77.719186][ T5646] EXT4-fs (loop2): 1 truncate cleaned up
[   77.735376][ T5646] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.774391][ T5649] netlink: 4 bytes leftover after parsing attributes in process `syz.1.856'.
[   77.774709][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.037002][ T5661] loop3: detected capacity change from 0 to 128
[   78.109276][ T5664] loop3: detected capacity change from 0 to 2048
[   78.166322][ T5664]  loop3: p1 < > p4
[   78.175485][ T5664] loop3: p4 size 8388608 extends beyond EOD, truncated
[   78.282701][   T29] audit: type=1400 audit(78.212:884): avc:  denied  { read append } for  pid=5663 comm="syz.3.863" name="loop3p4" dev="devtmpfs" ino=833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   78.305251][   T29] audit: type=1400 audit(78.212:885): avc:  denied  { open } for  pid=5663 comm="syz.3.863" path="/dev/loop3p4" dev="devtmpfs" ino=833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   78.358674][ T5671] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.365951][ T5671] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.546944][ T5676] netlink: 8 bytes leftover after parsing attributes in process `syz.3.867'.
[   78.555963][ T5676] netlink: 16 bytes leftover after parsing attributes in process `syz.3.867'.
[   78.880619][ T1937] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[   78.889622][ T1937] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   78.903713][ T1937] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[   78.912779][ T1937] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   78.925728][   T29] audit: type=1400 audit(78.902:886): avc:  denied  { bind } for  pid=5685 comm="syz.1.871" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   78.950674][ T1937] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[   78.959639][ T1937] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   78.978112][ T5688] loop4: detected capacity change from 0 to 1024
[   79.009052][ T5688] EXT4-fs: inline encryption not supported
[   79.028591][ T1937] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[   79.037625][ T1937] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.062244][ T5695] loop1: detected capacity change from 0 to 1024
[   79.084180][   T29] audit: type=1326 audit(79.032:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5694 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f028ba3f749 code=0x7ffc0000
[   79.091195][ T5688] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[   79.106988][   T29] audit: type=1326 audit(79.032:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5694 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f028ba3f749 code=0x7ffc0000
[   79.116662][ T5688] System zones: 
[   79.137730][   T29] audit: type=1326 audit(79.032:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5694 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f028ba3f749 code=0x7ffc0000
[   79.137768][   T29] audit: type=1326 audit(79.032:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5694 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f028ba3f749 code=0x7ffc0000
[   79.141334][ T5688] 0-1, 3-12
[   79.163958][   T29] audit: type=1326 audit(79.032:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5694 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f028ba3f749 code=0x7ffc0000
[   79.164078][   T29] audit: type=1326 audit(79.032:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5694 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f028ba3f749 code=0x7ffc0000
[   79.216704][ T5695] EXT4-fs: inline encryption not supported
[   79.235416][ T5688] 
[   79.263098][ T5693] netlink: 20 bytes leftover after parsing attributes in process `syz.2.873'.
[   79.279255][ T5695] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.292469][ T5688] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.364491][ T5688] loop4: detected capacity change from 1024 to 64
[   79.396013][ T3321] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 16: comm syz-executor: path /172/file1: bad entry in directory: directory entry overrun - offset=0, inode=17104912, rec_len=158052, size=1024 fake=0
[   79.430985][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.466423][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.503756][ T5696] Buffer I/O error on dev loop4, logical block 64, lost sync page write
[   79.828302][ T5720] chnl_net:caif_netlink_parms(): no params data found
[   79.878797][ T5742] loop2: detected capacity change from 0 to 512
[   79.899099][ T5742] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.922959][ T5720] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.930136][ T5720] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.949023][ T5720] bridge_slave_0: entered allmulticast mode
[   79.956132][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.966712][ T5720] bridge_slave_0: entered promiscuous mode
[   79.980189][ T5720] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.987489][ T5720] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.994865][ T5720] bridge_slave_1: entered allmulticast mode
[   80.001503][ T5720] bridge_slave_1: entered promiscuous mode
[   80.024363][ T5720] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.034929][ T5720] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.057826][ T5720] team0: Port device team_slave_0 added
[   80.064652][ T5720] team0: Port device team_slave_1 added
[   80.083154][ T5720] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.090196][ T5720] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.116228][ T5720] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.132184][ T5720] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.139204][ T5720] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.165196][ T5720] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.228538][ T5720] hsr_slave_0: entered promiscuous mode
[   80.235448][ T5720] hsr_slave_1: entered promiscuous mode
[   80.241503][ T5720] debugfs: 'hsr0' already exists in 'hsr'
[   80.247287][ T5720] Cannot create hsr debugfs directory
[   80.431809][ T5771] loop0: detected capacity change from 0 to 128
[   80.443486][ T5771] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   80.459524][ T5720] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   80.490913][ T5720] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   80.507506][ T3324] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   80.528987][ T5720] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   80.556903][ T5720] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   80.621012][ T5720] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.628197][ T5720] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.635669][ T5720] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.642750][ T5720] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.701527][ T5720] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.721674][ T2008] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.731142][ T2008] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.759325][ T5720] 8021q: adding VLAN 0 to HW filter on device team0
[   80.772626][  T394] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.779792][  T394] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.789596][ T5793] syzkaller0: entered promiscuous mode
[   80.795228][ T5793] syzkaller0: entered allmulticast mode
[   80.810147][ T2008] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.817368][ T2008] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.876588][ T5797] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.907: bad orphan inode 134217728
[   80.887937][ T5797] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.985832][ T5720] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.161123][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.174570][ T5830] EXT4-fs: inline encryption not supported
[   81.180458][ T5830] EXT4-fs: Ignoring removed orlov option
[   81.207142][ T5830] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   81.239541][ T5830] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[   81.248012][ T5830] System zones: 0-1, 3-12
[   81.248060][ T5720] veth0_vlan: entered promiscuous mode
[   81.253651][ T5830] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.289845][ T5720] veth1_vlan: entered promiscuous mode
[   81.298008][ T3324] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.320251][ T1937] bridge_slave_1: left allmulticast mode
[   81.326051][ T1937] bridge_slave_1: left promiscuous mode
[   81.331721][ T1937] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.351874][ T1937] bridge_slave_0: left allmulticast mode
[   81.357701][ T1937] bridge_slave_0: left promiscuous mode
[   81.363573][ T1937] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.420363][ T5836] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   81.450246][   T29] kauditd_printk_skb: 703 callbacks suppressed
[   81.450265][   T29] audit: type=1326 audit(81.422:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[   81.479295][   T29] audit: type=1326 audit(81.422:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[   81.501898][   T29] audit: type=1326 audit(81.422:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[   81.524674][   T29] audit: type=1326 audit(81.422:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[   81.594525][ T1937] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   81.619404][ T1937] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   81.629823][ T3326] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   81.639806][ T1937] bond0 (unregistering): Released all slaves
[   81.648145][   T29] audit: type=1326 audit(81.532:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[   81.670761][   T29] audit: type=1326 audit(81.532:1601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[   81.693657][   T29] audit: type=1326 audit(81.532:1602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[   81.716384][   T29] audit: type=1326 audit(81.532:1603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[   81.738972][   T29] audit: type=1326 audit(81.532:1604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[   81.761835][   T29] audit: type=1326 audit(81.532:1605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[   81.763517][ T5720] veth0_macvtap: entered promiscuous mode
[   81.804524][ T5720] veth1_macvtap: entered promiscuous mode
[   81.813111][ T1937] hsr_slave_0: left promiscuous mode
[   81.821048][ T1937] hsr_slave_1: left promiscuous mode
[   81.879821][ T1937] team0 (unregistering): Port device team_slave_1 removed
[   81.890163][ T1937] team0 (unregistering): Port device team_slave_0 removed
[   81.931398][ T5863] set_capacity_and_notify: 6 callbacks suppressed
[   81.931417][ T5863] loop1: detected capacity change from 0 to 128
[   82.011699][ T5858] syzkaller0: entered promiscuous mode
[   82.017389][ T5858] syzkaller0: entered allmulticast mode
[   82.071038][ T5720] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.088031][ T5720] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.101264][  T394] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.107935][ T5867] netlink: 4 bytes leftover after parsing attributes in process `syz.3.927'.
[   82.156924][ T5867] netlink: 12 bytes leftover after parsing attributes in process `syz.3.927'.
[   82.222017][ T5867] netlink: 3 bytes leftover after parsing attributes in process `syz.3.927'.
[   82.302182][ T5874] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.309626][ T5874] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.550376][ T5874] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   82.560317][ T5874] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   82.569694][ T5880] Invalid argument reading file caps for ./file0
[   82.635108][  T971] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   82.827227][ T5949] loop5: detected capacity change from 0 to 1024
[   82.834503][ T5949] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   82.845758][ T5949] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[   82.855410][ T5949] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   82.867579][ T5949] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #3: comm syz.5.939: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[   82.891685][ T5949] EXT4-fs (loop5): no journal found
[   82.897152][ T5949] EXT4-fs (loop5): can't get journal size
[   82.914885][ T5949] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   82.939703][ T5720] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.959327][ T5955] loop2: detected capacity change from 0 to 1024
[   82.990832][ T5955] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   83.034255][ T5955] EXT4-fs error (device loop2): ext4_map_blocks:825: inode #15: block 3: comm syz.2.941: lblock 3 mapped to illegal pblock 3 (length 3)
[   83.076129][ T5966] loop1: detected capacity change from 0 to 512
[   83.092847][ T5955] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[   83.105378][ T5955] EXT4-fs (loop2): This should not happen!! Data will be lost
[   83.105378][ T5955] 
[   83.122649][ T5966] EXT4-fs: Ignoring removed nobh option
[   83.139041][ T5966] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   83.171074][   T12] EXT4-fs error (device loop2): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:0: lblock 8 mapped to illegal pblock 8 (length 8)
[   83.187143][ T5966] EXT4-fs (loop1): 1 truncate cleaned up
[   83.193313][ T5966] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.216369][   T12] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[   83.228859][   T12] EXT4-fs (loop2): This should not happen!! Data will be lost
[   83.228859][   T12] 
[   83.240104][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   83.337327][ T5959] netlink: 36 bytes leftover after parsing attributes in process `syz.3.942'.
[   83.370488][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.387494][ T5980] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.409600][ T5980] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address
[   83.429107][ T5984] loop5: detected capacity change from 0 to 256
[   83.445249][ T5984] FAT-fs (loop5): Directory bread(block 517) failed
[   83.457746][ T5984] FAT-fs (loop5): Directory bread(block 518) failed
[   83.460262][ T5980] bond0: (slave ip6tnl0): Error -95 calling set_mac_address
[   83.472324][ T5984] FAT-fs (loop5): Directory bread(block 519) failed
[   83.487059][ T5984] FAT-fs (loop5): Directory bread(block 520) failed
[   83.498241][ T5984] FAT-fs (loop5): Directory bread(block 521) failed
[   83.515107][ T5984] FAT-fs (loop5): Directory bread(block 522) failed
[   83.531951][ T5984] FAT-fs (loop5): Directory bread(block 523) failed
[   83.545969][ T5984] FAT-fs (loop5): Directory bread(block 524) failed
[   83.560411][ T5984] FAT-fs (loop5): Directory bread(block 525) failed
[   83.583164][ T5984] FAT-fs (loop5): Directory bread(block 526) failed
[   83.611394][ T5999] veth0: entered promiscuous mode
[   83.623633][ T5999] netlink: 4 bytes leftover after parsing attributes in process `syz.2.963'.
[   83.668109][ T6005] syz.3.954 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   83.689581][ T6005] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   83.702179][ T6007] loop5: detected capacity change from 0 to 128
[   83.764537][ T6011] loop7: detected capacity change from 0 to 16384
[   83.811420][ T6021] loop2: detected capacity change from 0 to 512
[   83.824206][ T6011] loop7: detected capacity change from 16384 to 16383
[   83.837936][ T6021] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.880375][ T6029] loop1: detected capacity change from 0 to 512
[   83.928012][ T6029] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.945640][ T3326] EXT4-fs error (device loop2): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[   83.964201][ T3326] EXT4-fs (loop2): Remounting filesystem read-only
[   83.974145][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.984289][  T394] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   84.016757][  T394] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   84.104322][ T6058] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   84.124901][ T6058] EXT4-fs (loop2): invalid journal inode
[   84.130915][ T6058] EXT4-fs (loop2): can't get journal size
[   84.145150][ T6058] EXT4-fs (loop2): 1 truncate cleaned up
[   84.160059][ T6058] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.390441][ T6073] netlink: 4 bytes leftover after parsing attributes in process `syz.0.972'.
[   84.400175][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.424621][ T6073] netlink: 12 bytes leftover after parsing attributes in process `syz.0.972'.
[   84.445431][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.516582][ T6073] netlink: 3 bytes leftover after parsing attributes in process `syz.0.972'.
[   84.542223][ T6080] EXT4-fs: inline encryption not supported
[   84.596071][ T6080] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[   84.612215][ T6086] IPv4: Oversized IP packet from 127.202.26.0
[   84.619370][ T6080] System zones: 0-1, 3-12
[   84.755182][ T6080] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.506097][ T6097] netlink: 40 bytes leftover after parsing attributes in process `syz.5.976'.
[   85.678897][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.957167][ T6126] netlink: 'syz.0.991': attribute type 4 has an invalid length.
[   85.969851][ T6126] netlink: 'syz.0.991': attribute type 4 has an invalid length.
[   86.007651][ T6115] netlink: 40 bytes leftover after parsing attributes in process `syz.1.986'.
[   86.092320][ T6136] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=6136 comm=syz.1.995
[   86.104974][ T6136] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=6136 comm=syz.1.995
[   86.117810][ T6136] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=6136 comm=syz.1.995
[   86.405058][ T6154] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   86.446066][ T6154] EXT4-fs error (device loop1): ext4_map_blocks:825: inode #15: block 3: comm syz.1.1003: lblock 3 mapped to illegal pblock 3 (length 3)
[   86.460545][ T6154] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[   86.472901][ T6154] EXT4-fs (loop1): This should not happen!! Data will be lost
[   86.472901][ T6154] 
[   86.494029][ T5894] EXT4-fs error (device loop1): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:29: lblock 8 mapped to illegal pblock 8 (length 8)
[   86.511275][ T5894] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[   86.523751][ T5894] EXT4-fs (loop1): This should not happen!! Data will be lost
[   86.523751][ T5894] 
[   86.536783][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   86.538630][ T6165] EXT4-fs: inline encryption not supported
[   86.551977][ T6165] EXT4-fs: Ignoring removed nobh option
[   86.557597][ T6165] EXT4-fs: Ignoring removed bh option
[   86.570364][ T6132] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   86.587576][ T6165] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.618649][ T6165] EXT4-fs error (device loop5): mb_free_blocks:2037: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[   86.638867][ T6132] EXT4-fs (loop3): 1 truncate cleaned up
[   86.655284][ T6132] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.700560][ T5720] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.747087][ T6180] netlink: 'syz.5.1013': attribute type 13 has an invalid length.
[   86.869176][ T6184] netlink: 'syz.5.1014': attribute type 7 has an invalid length.
[   86.877038][ T6184] netlink: 'syz.5.1014': attribute type 8 has an invalid length.
[   86.994028][   T29] kauditd_printk_skb: 118 callbacks suppressed
[   86.994043][   T29] audit: type=1400 audit(86.962:1720): avc:  denied  { mount } for  pid=6187 comm="syz.5.1016" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   87.045640][ T6190] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   87.058957][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.276737][   T29] audit: type=1400 audit(87.252:1721): avc:  denied  { nlmsg_read } for  pid=6199 comm="syz.3.1030" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[   87.296796][   T29] audit: type=1400 audit(87.252:1722): avc:  denied  { audit_write } for  pid=6199 comm="syz.3.1030" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   87.317343][   T29] audit: type=1107 audit(87.252:1723): pid=6199 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[   87.373492][ T6206] set_capacity_and_notify: 6 callbacks suppressed
[   87.373507][ T6206] loop0: detected capacity change from 0 to 256
[   87.387557][ T6206] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   87.399561][   T29] audit: type=1400 audit(87.322:1724): avc:  denied  { name_connect } for  pid=6201 comm="syz.3.1021" dest=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[   87.527938][ T6215] loop2: detected capacity change from 0 to 512
[   87.540649][ T6215] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   87.561704][ T6198] __nla_validate_parse: 5 callbacks suppressed
[   87.561721][ T6198] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1020'.
[   87.569903][ T6215] EXT4-fs (loop2): orphan cleanup on readonly fs
[   87.584786][ T6215] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.1026: Block bitmap for bg 0 marked uninitialized
[   87.618025][   T29] audit: type=1326 audit(87.582:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6218 comm="syz.1.1027" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f028ba3f749 code=0x0
[   87.807102][ T6215] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6689: Corrupt filesystem
[   87.817829][ T6215] EXT4-fs (loop2): 1 orphan inode deleted
[   87.880150][ T6215] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   88.029210][   T29] audit: type=1400 audit(88.002:1726): avc:  denied  { remount } for  pid=6212 comm="syz.2.1026" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   88.048459][ T6215] EXT4-fs: Ignoring removed orlov option
[   88.092532][ T6215] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[   88.102923][ T6228] loop0: detected capacity change from 0 to 4096
[   88.112959][ T6228] EXT4-fs: Ignoring removed mblk_io_submit option
[   88.133034][ T6215] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   88.156960][ T6228] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   88.179625][ T6215] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   88.204411][ T6228] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.224739][   T29] audit: type=1400 audit(88.202:1727): avc:  denied  { add_name } for  pid=6227 comm="syz.0.1029" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   88.255841][ T6235] veth0: entered promiscuous mode
[   88.261586][ T6235] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1033'.
[   88.288508][ T6235] veth0 (unregistering): left promiscuous mode
[   88.300930][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.310842][ T3324] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.353768][   T29] audit: type=1400 audit(88.322:1728): avc:  denied  { mount } for  pid=6236 comm="syz.3.1036" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   88.391181][ T6242] loop0: detected capacity change from 0 to 512
[   88.418110][ T6242] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.510246][ T3324] EXT4-fs error (device loop0): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[   88.527774][ T3324] EXT4-fs (loop0): Remounting filesystem read-only
[   88.551965][ T3324] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.567721][   T29] audit: type=1326 audit(88.532:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6265 comm="syz.1.1047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f028ba3f749 code=0x7ffc0000
[   88.591034][ T5923] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   88.603203][ T5923] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   88.748547][ T6276] Invalid argument reading file caps for ./file0
[   88.811833][ T6280] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1052'.
[   88.844547][ T6282] loop3: detected capacity change from 0 to 128
[   88.854613][ T6282] bio_check_eod: 100 callbacks suppressed
[   88.854682][ T6282] syz.3.1053: attempt to access beyond end of device
[   88.854682][ T6282] loop3: rw=2049, sector=154, nr_sectors = 8 limit=128
[   88.875849][ T6282] syz.3.1053: attempt to access beyond end of device
[   88.875849][ T6282] loop3: rw=8390657, sector=160, nr_sectors = 2 limit=128
[   88.889863][ T6282] Buffer I/O error on dev loop3, logical block 80, lost async page write
[   88.907149][ T6284] syz.3.1053: attempt to access beyond end of device
[   88.907149][ T6284] loop3: rw=8912896, sector=154, nr_sectors = 8 limit=128
[   88.921067][ T6284] syz.3.1053: attempt to access beyond end of device
[   88.921067][ T6284] loop3: rw=8388608, sector=154, nr_sectors = 8 limit=128
[   88.949114][ T6284] syz.3.1053: attempt to access beyond end of device
[   88.949114][ T6284] loop3: rw=8388608, sector=154, nr_sectors = 8 limit=128
[   88.963327][ T6282] syz.3.1053: attempt to access beyond end of device
[   88.963327][ T6282] loop3: rw=2049, sector=162, nr_sectors = 8 limit=128
[   88.977877][ T6284] syz.3.1053: attempt to access beyond end of device
[   88.977877][ T6284] loop3: rw=8388608, sector=154, nr_sectors = 8 limit=128
[   88.991926][ T6284] syz.3.1053: attempt to access beyond end of device
[   88.991926][ T6284] loop3: rw=8388608, sector=154, nr_sectors = 8 limit=128
[   89.006284][ T6285] syz.3.1053: attempt to access beyond end of device
[   89.006284][ T6285] loop3: rw=8388608, sector=154, nr_sectors = 2 limit=128
[   89.020428][ T6284] syz.3.1053: attempt to access beyond end of device
[   89.020428][ T6284] loop3: rw=8388608, sector=154, nr_sectors = 2 limit=128
[   89.034265][ T6284] Buffer I/O error on dev loop3, logical block 77, async page read
[   89.043266][ T6284] Buffer I/O error on dev loop3, logical block 78, async page read
[   89.051565][ T6284] Buffer I/O error on dev loop3, logical block 79, async page read
[   89.060776][ T6284] Buffer I/O error on dev loop3, logical block 80, async page read
[   89.069037][ T6284] Buffer I/O error on dev loop3, logical block 77, async page read
[   89.081607][ T6284] Buffer I/O error on dev loop3, logical block 78, async page read
[   89.104066][ T6284] Buffer I/O error on dev loop3, logical block 79, async page read
[   89.112034][ T6284] Buffer I/O error on dev loop3, logical block 80, async page read
[   89.120121][ T6250] Set syz1 is full, maxelem 65536 reached
[   89.126222][ T6284] Buffer I/O error on dev loop3, logical block 77, async page read
[   89.229541][ T6293] loop2: detected capacity change from 0 to 512
[   89.241508][ T6293] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   89.256468][ T6293] EXT4-fs (loop2): 1 truncate cleaned up
[   89.262778][ T6293] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.289492][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.362172][ T6301] loop5: detected capacity change from 0 to 512
[   89.377146][ T6301] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.426956][ T5720] EXT4-fs error (device loop5): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[   89.442603][ T5720] EXT4-fs (loop5): Remounting filesystem read-only
[   89.458566][ T5720] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.468135][ T5923] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   89.479340][ T5923] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   89.517930][ T6317] netlink: 'syz.5.1058': attribute type 1 has an invalid length.
[   89.550791][ T6317] 8021q: adding VLAN 0 to HW filter on device bond1
[   89.560344][ T6317] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1058'.
[   89.573090][ T6317] bond1 (unregistering): Released all slaves
[   89.604889][ T6324] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[   89.776946][ T6344] netlink: 9 bytes leftover after parsing attributes in process `syz.5.1071'.
[   89.791876][ T6344] netlink: 9 bytes leftover after parsing attributes in process `syz.5.1071'.
[   90.029491][ T6370] loop1: detected capacity change from 0 to 1024
[   90.089233][ T6372] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1081'.
[   90.098203][ T6372] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1081'.
[   90.114714][ T6377] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1084'.
[   90.123786][ T6377] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1084'.
[   90.162286][ T6384] netlink: 'syz.5.1088': attribute type 5 has an invalid length.
[   90.452371][ T6411] SELinux: failed to load policy
[   90.531254][ T6418] loop1: detected capacity change from 0 to 1024
[   90.545654][ T6416] SELinux: ebitmap: truncated map
[   90.555446][ T6416] SELinux: failed to load policy
[   90.564201][ T6418] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.1103: bad orphan inode 134217728
[   90.679335][ T6430] loop5: detected capacity change from 0 to 8192
[   91.003389][ T5720] FAT-fs (loop5): error, invalid access to FAT (entry 0x0000e1b1)
[   91.011353][ T5720] FAT-fs (loop5): Filesystem has been set read-only
[   91.590374][ T6471] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[   92.059909][   T29] kauditd_printk_skb: 232 callbacks suppressed
[   92.059924][   T29] audit: type=1326 audit(92.032:1954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bb8b8f749 code=0x7ffc0000
[   92.109123][   T29] audit: type=1326 audit(92.072:1955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f4bb8b8f749 code=0x7ffc0000
[   92.131904][   T29] audit: type=1326 audit(92.072:1956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bb8b8f749 code=0x7ffc0000
[   92.154790][   T29] audit: type=1326 audit(92.072:1957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f4bb8b8f749 code=0x7ffc0000
[   92.177624][   T29] audit: type=1326 audit(92.072:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bb8b8f749 code=0x7ffc0000
[   92.200554][   T29] audit: type=1326 audit(92.072:1959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f4bb8b8f749 code=0x7ffc0000
[   92.223438][   T29] audit: type=1326 audit(92.072:1960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bb8b8f749 code=0x7ffc0000
[   92.246214][   T29] audit: type=1326 audit(92.072:1961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f4bb8b8f749 code=0x7ffc0000
[   92.269170][   T29] audit: type=1326 audit(92.072:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bb8b8f749 code=0x7ffc0000
[   92.291963][   T29] audit: type=1326 audit(92.072:1963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bb8b8f749 code=0x7ffc0000
[   92.676470][ T6530] set_capacity_and_notify: 1 callbacks suppressed
[   92.676487][ T6530] loop1: detected capacity change from 0 to 1024
[   92.706762][ T6530] EXT4-fs: Ignoring removed nobh option
[   92.712500][ T6530] EXT4-fs: inline encryption not supported
[   92.761845][ T6526] __nla_validate_parse: 6 callbacks suppressed
[   92.761863][ T6526] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1141'.
[   92.777063][ T6526] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1141'.
[   92.788292][ T6530] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.1142: Allocating blocks 385-513 which overlap fs metadata
[   92.815112][ T6528] EXT4-fs (loop1): pa ffff8881075d4460: logic 16, phys. 129, len 24
[   92.823208][ T6528] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8
[   92.901246][ T6543] serio: Serial port ptm1
[   93.029206][ T6543] serio: Serial port ptm1
[   93.335835][ T6570] veth0: entered promiscuous mode
[   93.341040][ T6570] veth0: entered allmulticast mode
[   93.383787][ T6572] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1158'.
[   93.392943][ T6572] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1158'.
[   93.454566][ T3489] IPVS: starting estimator thread 0...
[   93.461333][ T6579] IPVS: lblc: FWM 3 0x00000003 - no destination available
[   93.540455][ T6586] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1163'.
[   93.554286][ T6580] IPVS: using max 2208 ests per chain, 110400 per kthread
[   93.591439][ T6586] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1163'.
[   93.804160][ T6595] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1167'.
[   93.813096][ T6595] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1167'.
[   93.930870][ T6604] loop3: detected capacity change from 0 to 512
[   93.945308][ T6604] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   93.956692][ T6606] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.970811][ T6604] EXT4-fs (loop3): failed to initialize system zone (-117)
[   93.988275][ T6604] EXT4-fs (loop3): mount failed
[   94.002333][ T6606] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.051048][ T6606] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.099328][ T6614] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.1173'.
[   94.120113][ T6606] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.149589][ T6616] loop3: detected capacity change from 0 to 512
[   94.165254][ T6616] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   94.173471][ T6616] System zones: 0-2, 18-18, 34-34
[   94.179745][ T6616] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1174: bg 0: block 248: padding at end of block bitmap is not set
[   94.196147][ T6616] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.1174: Failed to acquire dquot type 1
[   94.208241][ T5894] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.216735][ T5894] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.225639][ T6616] EXT4-fs (loop3): 1 truncate cleaned up
[   94.233198][ T5894] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.243139][ T6616] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[   94.253866][ T5894] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.292570][ T6623] loop5: detected capacity change from 0 to 128
[   94.343593][ T6630] loop3: detected capacity change from 0 to 512
[   94.355776][ T6630] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   94.375364][ T6630] EXT4-fs (loop3): 1 truncate cleaned up
[   94.384873][ T6623] bio_check_eod: 24735 callbacks suppressed
[   94.384893][ T6623] syz.5.1176: attempt to access beyond end of device
[   94.384893][ T6623] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128
[   94.405235][ T6623] syz.5.1176: attempt to access beyond end of device
[   94.405235][ T6623] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128
[   94.419062][ T6623] syz.5.1176: attempt to access beyond end of device
[   94.419062][ T6623] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128
[   94.461744][ T6623] syz.5.1176: attempt to access beyond end of device
[   94.461744][ T6623] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128
[   94.490956][ T6623] syz.5.1176: attempt to access beyond end of device
[   94.490956][ T6623] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128
[   94.508561][ T6623] syz.5.1176: attempt to access beyond end of device
[   94.508561][ T6623] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128
[   94.525574][ T6623] syz.5.1176: attempt to access beyond end of device
[   94.525574][ T6623] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128
[   94.546269][ T6623] syz.5.1176: attempt to access beyond end of device
[   94.546269][ T6623] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128
[   94.572875][ T6623] syz.5.1176: attempt to access beyond end of device
[   94.572875][ T6623] loop5: rw=2049, sector=281, nr_sectors = 8 limit=128
[   94.586436][ T6623] syz.5.1176: attempt to access beyond end of device
[   94.586436][ T6623] loop5: rw=2049, sector=297, nr_sectors = 8 limit=128
[   94.627480][ T6645] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1183'.
[   94.703600][ T6651] loop5: detected capacity change from 0 to 1024
[   94.710802][ T6651] EXT4-fs (loop5): inodes count not valid: 1 vs 32
[   94.801833][ T6655] infiniband syz1: set down
[   94.806476][ T6655] infiniband syz1: added syz_tun
[   94.817453][ T6655] RDS/IB: syz1: added
[   94.821507][ T6655] smc: adding ib device syz1 with port count 1
[   94.828115][ T6655] smc:    ib device syz1 port 1 has no pnetid
[   94.858987][ T6663] loop5: detected capacity change from 0 to 2048
[   95.192021][ T6669] loop1: detected capacity change from 0 to 128
[   95.337526][ T6641] loop2: detected capacity change from 0 to 512
[   95.366546][ T6641] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   95.422432][ T6641] EXT4-fs (loop2): 1 truncate cleaned up
[   95.525372][ T6684] loop1: detected capacity change from 0 to 512
[   95.544190][ T6684] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   95.556993][ T6682] SELinux: failed to load policy
[   95.563088][ T6684] EXT4-fs (loop1): 1 truncate cleaned up
[   96.063479][ T6705] buffer_io_error: 24727 callbacks suppressed
[   96.063496][ T6705] Buffer I/O error on dev loop1, logical block 80, lost async page write
[   96.079642][ T6705] Buffer I/O error on dev loop1, logical block 84, lost async page write
[   96.105633][ T6705] Buffer I/O error on dev loop1, logical block 96, lost async page write
[   96.204449][ T6705] Buffer I/O error on dev loop1, logical block 77, async page read
[   96.212535][ T6705] Buffer I/O error on dev loop1, logical block 78, async page read
[   96.221989][ T6705] Buffer I/O error on dev loop1, logical block 79, async page read
[   96.241084][ T6705] Buffer I/O error on dev loop1, logical block 80, async page read
[   96.256361][ T6705] Buffer I/O error on dev loop1, logical block 77, async page read
[   96.291948][ T6705] Buffer I/O error on dev loop1, logical block 78, async page read
[   96.300320][ T6705] Buffer I/O error on dev loop1, logical block 79, async page read
[   96.327567][ T6716] Unsupported NM flag settings (240)
[   96.354106][ T6716] Unsupported NM flag settings (240)
[   96.484623][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811e251800: rx timeout, send abort
[   96.573575][ T6731] veth0: entered promiscuous mode
[   96.578737][ T6731] veth0: entered allmulticast mode
[   96.697185][ T6743] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   96.707983][ T6744] netlink: 'syz.2.1220': attribute type 4 has an invalid length.
[   96.984932][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811e251600: rx timeout, send abort
[   96.993919][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811e251800: abort rx timeout. Force session deactivation
[   97.111528][ T6737] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   97.144414][ T6737] EXT4-fs (loop3): 1 truncate cleaned up
[   97.268767][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   97.278622][   T10] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   97.296363][ T6780] EXT4-fs: dax option not supported
[   97.306858][   T29] kauditd_printk_skb: 247 callbacks suppressed
[   97.306875][   T29] audit: type=1400 audit(97.242:2209): avc:  denied  { read write } for  pid=6779 comm="syz.1.1235" name="uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   97.336100][   T29] audit: type=1400 audit(97.242:2210): avc:  denied  { open } for  pid=6779 comm="syz.1.1235" path="/dev/uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   97.358831][   T29] audit: type=1400 audit(97.282:2211): avc:  denied  { write } for  pid=6779 comm="syz.1.1235" name="hidraw0" dev="devtmpfs" ino=843 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   97.493790][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811e251600: abort rx timeout. Force session deactivation
[   97.985739][ T6791] __nla_validate_parse: 8 callbacks suppressed
[   97.985753][ T6791] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1238'.
[   98.030833][ T6793] netlink: 'syz.5.1239': attribute type 4 has an invalid length.
[   98.058319][ T6795] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1240'.
[   98.077739][ T6795] ip6gre1: entered allmulticast mode
[   98.224307][ T6807] set_capacity_and_notify: 6 callbacks suppressed
[   98.224329][ T6807] loop1: detected capacity change from 0 to 512
[   98.243761][ T6799] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1242'.
[   98.252760][ T6799] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1242'.
[   98.287110][ T6801] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1243'.
[   98.323276][   T29] audit: type=1326 audit(98.292:2212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6812 comm="syz.5.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[   98.346491][   T29] audit: type=1326 audit(98.292:2213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6812 comm="syz.5.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[   98.369576][   T29] audit: type=1326 audit(98.292:2214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6812 comm="syz.5.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[   98.392336][   T29] audit: type=1326 audit(98.292:2215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6812 comm="syz.5.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[   98.415224][   T29] audit: type=1326 audit(98.292:2216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6812 comm="syz.5.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[   98.438173][   T29] audit: type=1326 audit(98.292:2217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6812 comm="syz.5.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[   98.442395][ T2974] Process accounting resumed
[   98.461376][   T29] audit: type=1326 audit(98.292:2218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6812 comm="syz.5.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[   98.529662][ T6818] netlink: 'syz.5.1248': attribute type 4 has an invalid length.
[   98.538939][ T6818] netlink: 'syz.5.1248': attribute type 4 has an invalid length.
[   98.730375][ T6829] loop1: detected capacity change from 0 to 128
[   98.837593][ T6836] loop1: detected capacity change from 0 to 512
[   98.852386][ T6836] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   98.865273][ T6836] EXT4-fs (loop1): 1 truncate cleaned up
[   99.456116][ T6854] netlink: 'syz.2.1272': attribute type 4 has an invalid length.
[   99.470112][ T6856] veth2: entered promiscuous mode
[   99.475250][ T6856] veth2: entered allmulticast mode
[   99.480904][ T6854] netlink: 'syz.2.1272': attribute type 4 has an invalid length.
[   99.573156][ T6866] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1266'.
[   99.609042][ T6866] gretap0: entered promiscuous mode
[   99.644761][ T6873] loop5: detected capacity change from 0 to 512
[   99.651449][ T6873] ext4: Unknown parameter 'uid>00000000000000000000'
[   99.733393][ T6879] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.795978][ T6875] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1270'.
[   99.804997][ T6875] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1270'.
[   99.839785][ T6879] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.862283][ T6898] loop5: detected capacity change from 0 to 512
[   99.869415][ T6898] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   99.880897][ T6898] EXT4-fs (loop5): 1 truncate cleaned up
[   99.898634][ T6879] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.928493][ T6901] loop3: detected capacity change from 0 to 1024
[   99.988754][ T6879] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.056015][ T5923] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.099659][ T5923] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.123322][ T5923] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.135754][ T5923] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.253016][ T6914] loop2: detected capacity change from 0 to 1024
[  100.272901][ T6914] EXT4-fs: inline encryption not supported
[  100.598481][ T6914] EXT4-fs mount: 32 callbacks suppressed
[  100.598502][ T6914] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.752275][ T6930] batman_adv: batadv0: Adding interface: dummy0
[  100.758661][ T6930] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  100.783953][ T6930] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  100.785323][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.883372][ T6936] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1287'.
[  100.892487][ T6936] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1287'.
[  101.180767][ T6949] loop1: detected capacity change from 0 to 128
[  101.229864][ T6957] syzkaller0: entered allmulticast mode
[  101.249559][ T6957] syzkaller0 (unregistering): left allmulticast mode
[  101.351867][ T6937] loop2: detected capacity change from 0 to 512
[  101.385853][ T6937] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  101.417429][ T6937] EXT4-fs (loop2): 1 truncate cleaned up
[  101.436671][ T6937] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.498186][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.507507][ T6978] loop3: detected capacity change from 0 to 4096
[  101.516665][ T6978] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.541303][ T6983] EXT4-fs: Ignoring removed orlov option
[  101.551721][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.561311][ T6985] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  101.588561][ T6983] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.602899][ T6985] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  101.675686][ T6991] tipc: Started in network mode
[  101.680634][ T6991] tipc: Node identity 4a1d35c59e76, cluster identity 4711
[  101.687845][ T6991] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  101.707316][ T6989] tipc: Resetting bearer <eth:syzkaller0>
[  101.733531][ T6989] tipc: Disabling bearer <eth:syzkaller0>
[  101.876878][ T3324] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.039768][ T7006] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  102.055882][ T7004] veth2: entered promiscuous mode
[  102.060972][ T7004] veth2: entered allmulticast mode
[  102.136842][ T5720] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  102.379281][   T29] kauditd_printk_skb: 72 callbacks suppressed
[  102.379294][   T29] audit: type=1326 audit(102.352:2291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.5.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  102.649876][ T7053] veth6: entered promiscuous mode
[  102.655053][ T7053] veth6: entered allmulticast mode
[  102.760024][ T7060] EXT4-fs: Ignoring removed oldalloc option
[  102.784656][ T7060] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  102.820065][ T7060] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.857827][   T29] audit: type=1400 audit(102.832:2292): avc:  denied  { ioctl } for  pid=7059 comm="syz.1.1339" path="/258/file1/file1" dev="loop1" ino=15 ioctlcmd=0x5839 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  102.921389][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.948503][ T7048] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  102.974714][   T29] audit: type=1400 audit(102.952:2293): avc:  denied  { mount } for  pid=7070 comm="syz.1.1341" name="/" dev="configfs" ino=2051 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  103.020160][   T29] audit: type=1400 audit(102.982:2294): avc:  denied  { search } for  pid=7070 comm="syz.1.1341" name="/" dev="configfs" ino=2051 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  103.026058][ T7048] EXT4-fs (loop2): 1 truncate cleaned up
[  103.041984][   T29] audit: type=1400 audit(102.982:2295): avc:  denied  { search } for  pid=7070 comm="syz.1.1341" name="/" dev="configfs" ino=2051 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  103.042021][   T29] audit: type=1400 audit(102.982:2296): avc:  denied  { read open } for  pid=7070 comm="syz.1.1341" path="/" dev="configfs" ino=2051 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  103.123930][ T7074] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.125788][ T7048] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.137055][ T7069]  loop5: p1 < > p3 p4 < >
[  103.175359][ T7069] loop5: p3 size 33554432 extends beyond EOD, truncated
[  103.206180][ T7069] __nla_validate_parse: 7 callbacks suppressed
[  103.206199][ T7069] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1342'.
[  103.221539][ T7069] bridge_slave_1: left allmulticast mode
[  103.227300][ T7069] bridge_slave_1: left promiscuous mode
[  103.233035][ T7069] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.274520][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.298810][ T7069] bridge_slave_0: left allmulticast mode
[  103.304610][ T7069] bridge_slave_0: left promiscuous mode
[  103.310381][ T7069] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.339484][ T7082] set_capacity_and_notify: 7 callbacks suppressed
[  103.339504][ T7082] loop1: detected capacity change from 0 to 1024
[  103.355275][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.367415][ T7082] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  103.385472][ T7082] EXT4-fs error (device loop1): ext4_free_blocks:6728: comm syz.1.1345: Freeing blocks not in datazone - block = 0, count = 16
[  103.401004][ T7082] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1345: bg 0: block 112: padding at end of block bitmap is not set
[  103.416592][ T7082] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 29 with max blocks 35 with error 117
[  103.429160][ T7082] EXT4-fs (loop1): This should not happen!! Data will be lost
[  103.429160][ T7082] 
[  103.449773][ T5924] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 4 with error 28
[  103.462306][ T5924] EXT4-fs (loop1): This should not happen!! Data will be lost
[  103.462306][ T5924] 
[  103.472973][ T5924] EXT4-fs (loop1): Total free blocks count 0
[  103.479055][ T5924] EXT4-fs (loop1): Free/Dirty block details
[  103.485012][ T5924] EXT4-fs (loop1): free_blocks=0
[  103.489978][ T5924] EXT4-fs (loop1): dirty_blocks=16
[  103.495135][ T5924] EXT4-fs (loop1): Block reservation details
[  103.507842][   T29] audit: type=1400 audit(103.482:2297): avc:  denied  { ioctl } for  pid=7087 comm="syz.3.1348" path="/dev/virtual_nci" dev="devtmpfs" ino=132 ioctlcmd=0x0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  103.532165][   T29] audit: type=1326 audit(103.482:2298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7087 comm="syz.3.1348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[  103.555161][   T29] audit: type=1326 audit(103.482:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7087 comm="syz.3.1348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1496f749 code=0x7ffc0000
[  103.578063][   T29] audit: type=1326 audit(103.482:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7087 comm="syz.3.1348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fba1496df90 code=0x7ffc0000
[  103.631773][ T7100] loop0: detected capacity change from 0 to 1024
[  103.632213][ T7100] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.632229][ T7099] loop1: detected capacity change from 0 to 164
[  103.632503][ T7100] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  103.639108][ T7099] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  103.646943][ T7100] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.732544][ T7108] syzkaller0: entered promiscuous mode
[  103.738232][ T7108] syzkaller0: entered allmulticast mode
[  103.807823][ T7112] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  103.816095][ T7112] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  103.826274][ T3324] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.871318][ T7126] loop2: detected capacity change from 0 to 1024
[  103.878999][ T7126] EXT4-fs: Ignoring removed orlov option
[  103.886839][ T7126] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.944139][ T2974] page_pool_release_retry() stalled pool shutdown: id 24, 1 inflight 60 sec
[  103.965916][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.980590][ T7128] loop1: detected capacity change from 0 to 1024
[  103.987579][ T7128] EXT4-fs: inline encryption not supported
[  104.004600][ T7135] ip6gre0: entered promiscuous mode
[  104.017905][ T7135] team0: Device ip6gre0 is of different type
[  104.060343][ T7128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.099911][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.115937][ T7146] hub 1-0:1.0: USB hub found
[  104.120736][ T7146] hub 1-0:1.0: 8 ports detected
[  104.285945][ T7158] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1370'.
[  104.294950][ T7158] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1370'.
[  104.343766][ T7161] batman_adv: batadv0: Adding interface: dummy0
[  104.350140][ T7161] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  104.380360][ T7161] batman_adv: batadv0: Interface activated: dummy0
[  105.137614][ T7205] loop0: detected capacity change from 0 to 2048
[  105.164454][ T7205] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.816758][ T7276] loop1: detected capacity change from 0 to 1024
[  105.824423][ T7276] EXT4-fs: Ignoring removed bh option
[  105.865044][ T7220] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1381: bg 0: block 345: padding at end of block bitmap is not set
[  105.883424][ T7220] EXT4-fs (loop0): Remounting filesystem read-only
[  105.890140][ T5922] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  105.908869][ T7276] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.972259][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.059201][ T3324] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.085616][ T7291] loop3: detected capacity change from 0 to 1024
[  106.100252][ T7291] EXT4-fs: Ignoring removed orlov option
[  106.109598][ T7295] loop5: detected capacity change from 0 to 1024
[  106.120611][ T7291] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.137945][ T7295] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  106.156627][ T7295] EXT4-fs error (device loop5): ext4_map_blocks:825: inode #15: comm syz.5.1399: lblock 0 mapped to illegal pblock 0 (length 1)
[  106.186360][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.244473][ T5720] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  106.309177][ T7312] loop5: detected capacity change from 0 to 128
[  106.323649][ T7312] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  106.351704][ T7293] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1398'.
[  106.360787][ T7293] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1398'.
[  106.369803][ T7293] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1398'.
[  106.379127][ T7293] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1398'.
[  106.388949][ T7293] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1398'.
[  106.398076][ T7293] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1398'.
[  106.408116][ T7321] FAT-fs (loop5): error, invalid FAT chain (i_pos 548, last_block 8)
[  106.416414][ T7321] FAT-fs (loop5): Filesystem has been set read-only
[  106.426997][ T7321] FAT-fs (loop5): error, corrupted file size (i_pos 548, 522)
[  106.597114][ T7339] netlink: 176 bytes leftover after parsing attributes in process `syz.5.1415'.
[  106.765378][ T7354] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.987161][ T7346] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  107.004797][ T7346] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 8 with error 28
[  107.017225][ T7346] EXT4-fs (loop2): This should not happen!! Data will be lost
[  107.017225][ T7346] 
[  107.026931][ T7346] EXT4-fs (loop2): Total free blocks count 0
[  107.032998][ T7346] EXT4-fs (loop2): Free/Dirty block details
[  107.038964][ T7346] EXT4-fs (loop2): free_blocks=2415919504
[  107.044754][ T7346] EXT4-fs (loop2): dirty_blocks=16
[  107.049906][ T7346] EXT4-fs (loop2): Block reservation details
[  107.055941][ T7346] EXT4-fs (loop2): i_reserved_data_blocks=1
[  107.119307][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.481193][   T29] kauditd_printk_skb: 91 callbacks suppressed
[  107.481281][   T29] audit: type=1400 audit(107.452:2392): avc:  denied  { watch watch_reads } for  pid=7380 comm="syz.2.1432" path="/300" dev="tmpfs" ino=1585 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  107.978786][ T7395] EXT4-fs: Ignoring removed mblk_io_submit option
[  108.053207][ T7395] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  108.145154][ T7395] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.257672][   T29] audit: type=1326 audit(108.232:2393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.5.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  108.281025][   T29] audit: type=1326 audit(108.262:2394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.5.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  108.355827][ T7406] __nla_validate_parse: 3 callbacks suppressed
[  108.355921][ T7406] netlink: 4 bytes leftover after parsing attributes in process `wޣ�'.
[  108.365754][   T29] audit: type=1326 audit(108.282:2395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.5.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  108.379701][ T7406] batman_adv: batadv0: Removing interface: batadv_slave_0
[  108.394064][   T29] audit: type=1326 audit(108.282:2396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.5.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  108.423721][   T29] audit: type=1326 audit(108.282:2397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.5.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  108.446866][   T29] audit: type=1326 audit(108.282:2398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.5.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  108.470056][   T29] audit: type=1326 audit(108.282:2399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.5.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  108.492910][   T29] audit: type=1326 audit(108.282:2400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.5.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  108.515779][   T29] audit: type=1326 audit(108.282:2401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.5.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  108.539373][ T7406] batman_adv: batadv0: Removing interface: batadv_slave_1
[  108.547150][ T7406] batman_adv: batadv0: Removing interface: dummy0
[  108.575506][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.125376][ T7366] set_capacity_and_notify: 3 callbacks suppressed
[  109.125394][ T7366] loop3: detected capacity change from 0 to 512
[  109.138609][ T7366] EXT4-fs: Ignoring removed i_version option
[  109.154821][ T7366] EXT4-fs (loop3): orphan cleanup on readonly fs
[  109.163253][ T7366] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.1426: EA inode hash validation failed
[  109.187022][ T7366] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  109.217767][ T7366] EXT4-fs error (device loop3): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.3.1426: EA inode 11 ref wraparound: ref_count=0 ref_change=-1
[  109.255078][ T7366] EXT4-fs (loop3): Remounting filesystem read-only
[  109.261689][ T7366] EXT4-fs warning (device loop3): ext4_xattr_inode_dec_ref_all:1230: inode #11: comm syz.3.1426: ea_inode dec ref err=-117
[  109.340597][ T7366] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -30)
[  109.368487][ T7366] EXT4-fs (loop3): 1 orphan inode deleted
[  109.384991][ T7366] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  109.451953][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.499455][ T7433] loop2: detected capacity change from 0 to 512
[  109.533224][ T7433] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  109.603956][ T7445] loop1: detected capacity change from 0 to 512
[  109.611440][ T7445] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  109.634462][ T7433] bio_check_eod: 32039 callbacks suppressed
[  109.634480][ T7433] syz.2.1450: attempt to access beyond end of device
[  109.634480][ T7433] loop2: rw=8388608, sector=17179852721, nr_sectors = 1 limit=512
[  109.678207][ T7445] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.721723][ T7433] FAT-fs (loop2): error, invalid access to FAT (entry 0x0fffff00)
[  109.729959][ T7433] FAT-fs (loop2): error, invalid access to FAT (entry 0x0fffff00)
[  109.790158][ T7458] loop5: detected capacity change from 0 to 512
[  109.809998][ T7458] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  109.818851][ T7458] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  109.856342][ T7462] loop2: detected capacity change from 0 to 256
[  109.864455][ T7458] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.1459: Allocating blocks 41-42 which overlap fs metadata
[  109.879588][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.897960][ T7458] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.1459: Allocating blocks 41-42 which overlap fs metadata
[  109.918074][ T7458] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.1459: Failed to acquire dquot type 1
[  109.932746][ T7458] EXT4-fs error (device loop5): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  109.948831][ T7458] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.1459: corrupted inode contents
[  109.962878][ T7458] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #12: comm syz.5.1459: mark_inode_dirty error
[  109.981843][ T7458] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.1459: corrupted inode contents
[  109.995284][ T7458] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.1459: mark_inode_dirty error
[  110.007105][ T7458] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.1459: corrupted inode contents
[  110.038932][ T7458] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  110.051909][ T7474] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  110.060478][ T7458] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.1459: corrupted inode contents
[  110.080507][ T7471] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.080665][ T7471] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.088264][ T7458] EXT4-fs error (device loop5): ext4_truncate:4635: inode #12: comm syz.5.1459: mark_inode_dirty error
[  110.088420][ T7458] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem
[  110.088660][ T7458] EXT4-fs (loop5): 1 truncate cleaned up
[  110.089218][ T7458] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.090146][ T7458] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.099196][ T7471] batman_adv: batadv0: Interface deactivated: dummy0
[  110.197402][ T7471] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  110.208546][ T7471] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  110.270086][ T7471] veth0: left promiscuous mode
[  110.275106][ T7471] veth0: left allmulticast mode
[  110.282092][ T5915] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  110.290796][ T5915] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  110.300497][ T5915] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  110.309558][ T5915] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  110.806682][ T7495] loop3: detected capacity change from 0 to 128
[  110.838562][ T7495] loop3: detected capacity change from 0 to 512
[  110.852375][ T7495] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  110.890292][ T7495] EXT4-fs (loop3): orphan cleanup on readonly fs
[  110.909442][ T7495] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.1472: Block bitmap for bg 0 marked uninitialized
[  110.962012][ T7495] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  111.004320][ T7495] EXT4-fs (loop3): 1 orphan inode deleted
[  111.025950][ T7495] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  111.076432][ T7495] EXT4-fs: Ignoring removed orlov option
[  111.082366][ T7495] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  111.092036][ T7495] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  111.108647][ T7495] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  111.139863][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.618807][ T7538] SELinux: ebitmap: truncated map
[  111.625218][ T7538] SELinux: failed to load policy
[  111.854175][ T7542] team0 (unregistering): Port device team_slave_0 removed
[  111.865589][ T7542] team0 (unregistering): Port device team_slave_1 removed
[  113.013872][ T7578] loop2: detected capacity change from 0 to 512
[  113.022734][ T7578] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  113.031507][ T7578] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  113.046848][ T7578] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.1499: Allocating blocks 41-42 which overlap fs metadata
[  113.047097][   T29] kauditd_printk_skb: 74 callbacks suppressed
[  113.047151][   T29] audit: type=1326 audit(113.022:2472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.5.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  113.092297][ T7578] Quota error (device loop2): write_blk: dquota write failed
[  113.099760][ T7578] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5
[  113.111411][   T29] audit: type=1326 audit(113.052:2473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.5.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  113.134376][   T29] audit: type=1326 audit(113.062:2474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.5.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  113.157209][   T29] audit: type=1326 audit(113.062:2475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.5.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  113.164264][ T7578] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  113.180086][   T29] audit: type=1326 audit(113.062:2476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.5.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  113.212924][   T29] audit: type=1326 audit(113.062:2477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.5.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  113.228020][ T7578] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.1499: Failed to acquire dquot type 1
[  113.235751][   T29] audit: type=1326 audit(113.062:2478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.5.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e3ff9f749 code=0x7ffc0000
[  113.277831][ T7578] EXT4-fs error (device loop2): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  113.310292][ T7578] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.1499: corrupted inode contents
[  113.360182][ T7578] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #12: comm syz.2.1499: mark_inode_dirty error
[  113.394180][ T7578] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.1499: corrupted inode contents
[  113.425458][ T7578] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.1499: mark_inode_dirty error
[  113.446480][ T7578] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.1499: corrupted inode contents
[  113.458932][ T7578] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[  113.467948][ T7578] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.1499: corrupted inode contents
[  113.480724][ T7578] EXT4-fs error (device loop2): ext4_truncate:4635: inode #12: comm syz.2.1499: mark_inode_dirty error
[  113.503758][ T7593] loop5: detected capacity change from 0 to 2048
[  113.510747][ T7578] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[  113.520440][ T7578] EXT4-fs (loop2): 1 truncate cleaned up
[  113.526165][ T7594] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[  113.526191][ T7594] SELinux: failed to load policy
[  113.543607][ T7578] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.558458][ T7593] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.589755][ T7578] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.667821][ T7603] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1507'.
[  113.691614][ T7603] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  113.739429][ T7603] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  113.778263][ T7603] bond0 (unregistering): Released all slaves
[  113.897836][ T7599] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1505: bg 0: block 345: padding at end of block bitmap is not set
[  113.920412][ T7599] EXT4-fs (loop5): Remounting filesystem read-only
[  113.927343][ T5934] EXT4-fs warning (device loop5): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  114.059291][ T5720] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.188522][ T7634] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1520'.
[  114.328985][ T7640] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1530'.
[  114.338033][ T7640] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1530'.
[  114.604301][ T7645] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  114.782087][ T7651] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1523'.
[  114.791063][ T7651] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1523'.
[  114.819617][ T7654] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1525'.
[  114.843478][ T7654] hsr_slave_0: left promiscuous mode
[  114.854505][ T7654] hsr_slave_1: left promiscuous mode
[  114.873213][ T7656] loop3: detected capacity change from 0 to 2048
[  114.887747][ T7656] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.984010][ T7664] serio: Serial port ptm0
[  115.006659][ T7667] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1531'.
[  115.134299][ T7661] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set
[  115.152190][ T7661] EXT4-fs (loop3): Remounting filesystem read-only
[  115.311399][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.492293][ T7687] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1537'.
[  115.501363][ T7687] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1537'.
[  115.865928][ T7692] loop1: detected capacity change from 0 to 512
[  115.906874][ T7692] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  115.941265][ T7696] loop2: detected capacity change from 0 to 764
[  115.950998][ T7692] EXT4-fs (loop1): 1 truncate cleaned up
[  115.958803][ T7696] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  115.992064][ T7692] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.204002][ T7711] loop2: detected capacity change from 0 to 512
[  116.213727][ T7711] EXT4-fs: Ignoring removed i_version option
[  116.233347][ T7711] EXT4-fs (loop2): orphan cleanup on readonly fs
[  116.259344][ T7714] syzkaller0: entered promiscuous mode
[  116.265012][ T7714] syzkaller0: entered allmulticast mode
[  116.276061][ T7711] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.1546: EA inode hash validation failed
[  116.289412][ T7711] EXT4-fs error (device loop2): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.2.1546: EA inode 11 ref wraparound: ref_count=0 ref_change=-1
[  116.339879][ T7711] EXT4-fs (loop2): Remounting filesystem read-only
[  116.346520][ T7711] EXT4-fs warning (device loop2): ext4_xattr_inode_dec_ref_all:1230: inode #11: comm syz.2.1546: ea_inode dec ref err=-117
[  116.395031][ T7723] loop3: detected capacity change from 0 to 1024
[  116.404860][ T7711] EXT4-fs warning (device loop2): ext4_evict_inode:273: xattr delete (err -30)
[  116.435220][ T7723] EXT4-fs: Ignoring removed nomblk_io_submit option
[  116.439680][ T7711] EXT4-fs (loop2): 1 orphan inode deleted
[  116.455317][ T7711] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  116.476367][ T7723] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.517516][ T7723] netlink: 'syz.3.1549': attribute type 39 has an invalid length.
[  116.548629][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.616139][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.658378][ T7743] tipc: New replicast peer: 255.255.255.255
[  116.665155][ T7743] tipc: Enabled bearer <udp:syz2>, priority 10
[  116.707179][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.777781][ T7755] SELinux: failed to load policy
[  117.169284][ T7768] loop3: detected capacity change from 0 to 512
[  117.178814][ T7768] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  117.195473][ T7768] EXT4-fs (loop3): 1 truncate cleaned up
[  117.204709][ T7768] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.683609][ T7782] loop2: detected capacity change from 0 to 512
[  117.698849][ T7782] EXT4-fs: Ignoring removed i_version option
[  117.718202][ T7782] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.978749][ T7788] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  117.986994][ T7788] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.033317][ T7788] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.040912][ T7788] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.067409][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.116314][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.132396][   T29] kauditd_printk_skb: 514 callbacks suppressed
[  118.132414][   T29] audit: type=1400 audit(118.102:2993): avc:  denied  { create } for  pid=7789 comm="syz.3.1571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  118.195499][   T29] audit: type=1400 audit(118.162:2994): avc:  denied  { execute } for  pid=7791 comm="syz.3.1573" path="/307/file0" dev="tmpfs" ino=1610 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  118.314385][ T5934] Bluetooth: hci0: Frame reassembly failed (-84)
[  118.341730][   T29] audit: type=1400 audit(118.312:2995): avc:  denied  { create } for  pid=7800 comm="syz.0.1575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  118.384299][   T29] audit: type=1400 audit(118.312:2996): avc:  denied  { ioctl } for  pid=7800 comm="syz.0.1575" path="socket:[20522]" dev="sockfs" ino=20522 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  118.408395][   T29] audit: type=1400 audit(118.312:2997): avc:  denied  { write } for  pid=7800 comm="syz.0.1575" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  118.427954][   T29] audit: type=1400 audit(118.332:2998): avc:  denied  { read } for  pid=7800 comm="syz.0.1575" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  118.494264][   T29] audit: type=1326 audit(118.412:2999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7803 comm="syz.1.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f028ba3f749 code=0x7ffc0000
[  118.517204][   T29] audit: type=1326 audit(118.422:3000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7803 comm="syz.1.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f028ba3f749 code=0x7ffc0000
[  118.540010][   T29] audit: type=1326 audit(118.422:3001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7803 comm="syz.1.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f028ba3f749 code=0x7ffc0000
[  118.562844][   T29] audit: type=1326 audit(118.432:3002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7803 comm="syz.1.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f028ba3f749 code=0x7ffc0000
[  118.737760][ T7815] loop2: detected capacity change from 0 to 2048
[  118.755491][ T7815] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.808312][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.861672][ T7821] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  118.988538][ T7819] loop5: detected capacity change from 0 to 512
[  119.007086][ T7819] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  119.032018][ T7819] EXT4-fs (loop5): 1 truncate cleaned up
[  119.047261][ T7819] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.097593][ T5720] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.130161][ T7826] smc: net device bond0 applied user defined pnetid SYZ0
[  119.204976][ T7830] SET target dimension over the limit!
[  119.350141][ T7840] __nla_validate_parse: 7 callbacks suppressed
[  119.350180][ T7840] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1589'.
[  119.365323][ T7840] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1589'.
[  119.625483][ T7863] loop2: detected capacity change from 0 to 128
[  119.657269][ T7863] EXT4-fs (loop2): shut down requested (0)
[  119.689727][ T7869] syzkaller0: entered promiscuous mode
[  119.695558][ T7869] syzkaller0: entered allmulticast mode
[  119.865574][ T7852] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  119.893937][ T7852] EXT4-fs (loop0): 1 truncate cleaned up
[  119.941524][ T7884] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1606'.
[  119.950555][ T7884] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1606'.
[  120.024608][ T7897] set_capacity_and_notify: 1 callbacks suppressed
[  120.024690][ T7897] loop1: detected capacity change from 0 to 512
[  120.045431][ T7897] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #3: comm syz.1.1609: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  120.064694][ T7897] EXT4-fs error (device loop1): ext4_quota_enable:7180: comm syz.1.1609: Bad quota inode: 3, type: 0
[  120.075987][ T7897] EXT4-fs warning (device loop1): ext4_enable_quotas:7221: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  120.093631][ T7897] EXT4-fs (loop1): mount failed
[  120.128489][ T7905] loop0: detected capacity change from 0 to 1024
[  120.354313][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  120.360479][ T3538] Bluetooth: hci0: command 0x1003 tx timeout
[  120.397466][ T7922] syzkaller0: entered promiscuous mode
[  120.403025][ T7922] syzkaller0: entered allmulticast mode
[  120.686409][ T7924] loop3: detected capacity change from 0 to 512
[  120.788979][ T7924] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  120.817667][ T7929] syzkaller0: entered promiscuous mode
[  120.823226][ T7929] syzkaller0: entered allmulticast mode
[  120.881997][ T7924] EXT4-fs (loop3): 1 truncate cleaned up
[  121.202665][ T7951] netlink: 'syz.0.1626': attribute type 3 has an invalid length.
[  121.213880][ T7950] loop1: detected capacity change from 0 to 2048
[  121.266382][ T7950] Alternate GPT is invalid, using primary GPT.
[  121.272894][ T7950]  loop1: p2 p3 p7
[  121.386271][ T7967] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1633'.
[  121.386273][ T7963] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1629'.
[  121.404347][ T7963] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1629'.
[  121.420514][ T7971] loop1: detected capacity change from 0 to 128
[  121.623582][ T5915] kworker/u8:47: attempt to access beyond end of device
[  121.623582][ T5915] loop1: rw=1, sector=129, nr_sectors = 16 limit=128
[  121.641870][ T7980] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.652399][ T5915] kworker/u8:47: attempt to access beyond end of device
[  121.652399][ T5915] loop1: rw=1, sector=153, nr_sectors = 8 limit=128
[  121.667323][ T5915] kworker/u8:47: attempt to access beyond end of device
[  121.667323][ T5915] loop1: rw=1, sector=169, nr_sectors = 8 limit=128
[  121.681349][ T5915] kworker/u8:47: attempt to access beyond end of device
[  121.681349][ T5915] loop1: rw=1, sector=185, nr_sectors = 8 limit=128
[  121.694902][ T5915] kworker/u8:47: attempt to access beyond end of device
[  121.694902][ T5915] loop1: rw=1, sector=201, nr_sectors = 8 limit=128
[  121.708401][ T5915] kworker/u8:47: attempt to access beyond end of device
[  121.708401][ T5915] loop1: rw=1, sector=217, nr_sectors = 8 limit=128
[  121.722050][ T5915] kworker/u8:47: attempt to access beyond end of device
[  121.722050][ T5915] loop1: rw=1, sector=233, nr_sectors = 8 limit=128
[  121.879594][ T5915] kworker/u8:47: attempt to access beyond end of device
[  121.879594][ T5915] loop1: rw=1, sector=249, nr_sectors = 8 limit=128
[  121.893603][ T5915] kworker/u8:47: attempt to access beyond end of device
[  121.893603][ T5915] loop1: rw=1, sector=265, nr_sectors = 8 limit=128
[  121.907494][ T5915] kworker/u8:47: attempt to access beyond end of device
[  121.907494][ T5915] loop1: rw=1, sector=281, nr_sectors = 8 limit=128
[  121.936118][ T7980] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.019688][ T7980] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.078483][ T7980] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.150690][ T5915] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.174901][ T5915] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.193439][ T5915] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.217362][ T5915] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.297828][ T7998] dvmrp1: entered allmulticast mode
[  122.319699][ T7998] loop3: detected capacity change from 0 to 512
[  122.411092][   T10] IPVS: starting estimator thread 0...
[  122.435270][ T8005] netlink: 'syz.0.1644': attribute type 4 has an invalid length.
[  122.524198][ T8002] IPVS: using max 2208 ests per chain, 110400 per kthread
[  122.718068][ T8009] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1646'.
[  122.727091][ T8009] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1646'.
[  122.885466][ T8020] 8021q: VLANs not supported on ipvlan0
[  122.917062][ T5915] Bluetooth: hci0: Frame reassembly failed (-84)
[  123.056474][ T8027] loop0: detected capacity change from 0 to 128
[  123.179775][ T7996] dvmrp1: left allmulticast mode
[  123.212183][ T8033] syzkaller0: entered promiscuous mode
[  123.217783][ T8033] syzkaller0: entered allmulticast mode
[  123.542856][ T8038] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.696629][ T8038] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.785743][ T8038] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.821577][ T8043] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1658'.
[  123.833242][ T8038] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.985689][ T5934] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.001728][ T5934] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.016323][ T8050] loop2: detected capacity change from 0 to 1024
[  124.025098][   T29] kauditd_printk_skb: 98 callbacks suppressed
[  124.025113][   T29] audit: type=1400 audit(124.002:3101): avc:  denied  { read write } for  pid=8051 comm="syz.5.1661" name="uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  124.054236][ T5934] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.054277][ T5934] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.062427][   T29] audit: type=1400 audit(124.002:3102): avc:  denied  { open } for  pid=8051 comm="syz.5.1661" path="/dev/uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  124.071807][ T8050] EXT4-fs: inline encryption not supported
[  124.117874][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  124.126417][   T10] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  124.136950][ T8052] loop5: detected capacity change from 0 to 2048
[  124.149706][   T29] audit: type=1400 audit(124.122:3103): avc:  denied  { remove_name } for  pid=8049 comm="syz.2.1660" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  124.193116][   T29] audit: type=1400 audit(124.122:3104): avc:  denied  { rename } for  pid=8049 comm="syz.2.1660" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  124.235808][   T29] audit: type=1400 audit(124.122:3105): avc:  denied  { unlink } for  pid=8049 comm="syz.2.1660" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  124.306645][   T29] audit: type=1400 audit(124.282:3106): avc:  denied  { mount } for  pid=8064 comm="syz.2.1665" name="/" dev="mqueue" ino=1758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  124.370145][ T8070] loop2: detected capacity change from 0 to 128
[  124.386462][   T29] audit: type=1400 audit(124.362:3107): avc:  denied  { setattr } for  pid=8069 comm="syz.2.1667" path="/352/file1/file1" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  124.984096][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  124.990380][ T3538] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  125.005647][ T8022] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  125.619251][ T8097] netlink: 'syz.2.1675': attribute type 1 has an invalid length.
[  125.730117][ T8097] 8021q: adding VLAN 0 to HW filter on device bond1
[  125.830036][ T8107] loop5: detected capacity change from 0 to 128
[  126.011593][ T8116] netlink: 'syz.2.1682': attribute type 1 has an invalid length.
[  126.019514][ T8116] netlink: 'syz.2.1682': attribute type 4 has an invalid length.
[  126.027326][ T8116] __nla_validate_parse: 2 callbacks suppressed
[  126.027342][ T8116] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.1682'.
[  126.069287][ T8116] netlink: 'syz.2.1682': attribute type 1 has an invalid length.
[  126.077187][ T8116] netlink: 'syz.2.1682': attribute type 4 has an invalid length.
[  126.085036][ T8116] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.1682'.
[  126.160789][ T8121] syzkaller0: entered promiscuous mode
[  126.166409][ T8121] syzkaller0: entered allmulticast mode
[  126.218934][   T29] audit: type=1400 audit(126.192:3108): avc:  denied  { create } for  pid=8122 comm="syz.1.1686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  126.241122][   T29] audit: type=1400 audit(126.202:3109): avc:  denied  { write } for  pid=8122 comm="syz.1.1686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  126.266509][   T29] audit: type=1400 audit(126.242:3110): avc:  denied  { create } for  pid=8124 comm="syz.5.1685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  126.398031][ T8125] loop5: detected capacity change from 0 to 512
[  126.411582][ T8125] EXT4-fs: Ignoring removed i_version option
[  126.424748][ T8125] EXT4-fs (loop5): orphan cleanup on readonly fs
[  126.438753][ T8125] EXT4-fs warning (device loop5): ext4_xattr_inode_get:560: inode #11: comm syz.5.1685: EA inode hash validation failed
[  126.461969][ T8125] EXT4-fs error (device loop5): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.5.1685: EA inode 11 ref wraparound: ref_count=0 ref_change=-1
[  126.477663][ T8125] EXT4-fs (loop5): Remounting filesystem read-only
[  126.484287][ T8125] EXT4-fs warning (device loop5): ext4_xattr_inode_dec_ref_all:1230: inode #11: comm syz.5.1685: ea_inode dec ref err=-117
[  126.497249][ T8125] EXT4-fs warning (device loop5): ext4_evict_inode:273: xattr delete (err -30)
[  126.506445][ T8125] EXT4-fs (loop5): 1 orphan inode deleted
[  126.596151][ T8135] loop5: detected capacity change from 0 to 1024
[  126.604995][ T8135] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.1689: bad orphan inode 134217728
[  126.771279][ T8088] loop0: detected capacity change from 0 to 512
[  126.777929][ T8088] EXT4-fs: Ignoring removed i_version option
[  126.785721][ T8088] EXT4-fs (loop0): orphan cleanup on readonly fs
[  126.792755][ T8088] EXT4-fs warning (device loop0): ext4_xattr_inode_get:560: inode #11: comm syz.0.1673: EA inode hash validation failed
[  126.805589][ T8088] EXT4-fs error (device loop0): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.0.1673: EA inode 11 ref wraparound: ref_count=0 ref_change=-1
[  126.820837][ T8088] EXT4-fs (loop0): Remounting filesystem read-only
[  126.827471][ T8088] EXT4-fs warning (device loop0): ext4_xattr_inode_dec_ref_all:1230: inode #11: comm syz.0.1673: ea_inode dec ref err=-117
[  126.840579][ T8088] EXT4-fs warning (device loop0): ext4_evict_inode:273: xattr delete (err -30)
[  126.849789][ T8088] EXT4-fs (loop0): 1 orphan inode deleted
[  126.877911][ T8140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.886526][ T8140] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  127.079749][ T8144] netlink: 29 bytes leftover after parsing attributes in process `syz.5.1692'.
[  127.187487][ T8150] hub 2-0:1.0: USB hub found
[  127.192248][ T8150] hub 2-0:1.0: 8 ports detected
[  127.370592][ T8178] batman_adv: batadv0: Removing interface: dummy0
[  127.378979][ T8178] bridge_slave_0: left allmulticast mode
[  127.384876][ T8178] bridge_slave_0: left promiscuous mode
[  127.390697][ T8178] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.399867][ T8178] bridge_slave_1: left allmulticast mode
[  127.405597][ T8178] bridge_slave_1: left promiscuous mode
[  127.411386][ T8178] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.420867][ T8178] bond0: (slave bond_slave_0): Releasing backup interface
[  127.429984][ T8178] bond0: (slave bond_slave_1): Releasing backup interface
[  127.439124][ T8178] team0: Port device team_slave_0 removed
[  127.446919][ T8178] team0: Port device team_slave_1 removed
[  127.452947][ T8178] batman_adv: batadv0: Removing interface: batadv_slave_0
[  127.461305][ T8178] batman_adv: batadv0: Removing interface: batadv_slave_1
[  127.497325][ T8180] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  127.504960][ T8180] vhci_hcd vhci_hcd.2: invalid port number 96
[  127.511066][ T8180] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  127.764402][ T8201] loop2: detected capacity change from 0 to 512
[  127.836127][ T8205] syzkaller0: entered promiscuous mode
[  127.841681][ T8205] syzkaller0: entered allmulticast mode
[  127.894490][ T8210] loop2: detected capacity change from 0 to 128
[  127.942047][ T8213] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  128.000814][ T8217] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.068265][ T8210] bio_check_eod: 208 callbacks suppressed
[  128.068286][ T8210] syz.2.1710: attempt to access beyond end of device
[  128.068286][ T8210] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128
[  128.096773][ T8217] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.108603][ T8210] syz.2.1710: attempt to access beyond end of device
[  128.108603][ T8210] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128
[  128.125083][ T8210] syz.2.1710: attempt to access beyond end of device
[  128.125083][ T8210] loop2: rw=2049, sector=177, nr_sectors = 8 limit=128
[  128.139400][ T8210] syz.2.1710: attempt to access beyond end of device
[  128.139400][ T8210] loop2: rw=2049, sector=193, nr_sectors = 8 limit=128
[  128.155143][ T8210] syz.2.1710: attempt to access beyond end of device
[  128.155143][ T8210] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128
[  128.176354][ T8217] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.199207][ T8210] syz.2.1710: attempt to access beyond end of device
[  128.199207][ T8210] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128
[  128.213544][ T8210] syz.2.1710: attempt to access beyond end of device
[  128.213544][ T8210] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128
[  128.228247][ T8210] syz.2.1710: attempt to access beyond end of device
[  128.228247][ T8210] loop2: rw=2049, sector=257, nr_sectors = 8 limit=128
[  128.247571][ T8217] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.257883][ T8210] syz.2.1710: attempt to access beyond end of device
[  128.257883][ T8210] loop2: rw=2049, sector=273, nr_sectors = 8 limit=128
[  128.273004][ T8210] syz.2.1710: attempt to access beyond end of device
[  128.273004][ T8210] loop2: rw=2049, sector=289, nr_sectors = 8 limit=128
[  128.327656][ T5897] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.342007][ T5897] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.364346][ T5897] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.390138][ T5897] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.405986][ T8224] loop5: detected capacity change from 0 to 2048
[  128.432442][ T8226] SELinux: failed to load policy
[  128.467728][ T8224] Alternate GPT is invalid, using primary GPT.
[  128.474230][ T8224]  loop5: p2 p3 p7
[  128.639290][ T8233] loop5: detected capacity change from 0 to 512
[  128.646024][ T8233] EXT4-fs: Ignoring removed i_version option
[  128.652076][ T8233] EXT4-fs: Ignoring removed bh option
[  128.702764][ T8239] loop3: detected capacity change from 0 to 512
[  128.740426][ T8245] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8245 comm=syz.2.1719
[  128.760896][ T8244] loop0: detected capacity change from 0 to 512
[  128.777847][ T8244] EXT4-fs: Ignoring removed nomblk_io_submit option
[  128.794599][ T8244] EXT4-fs: test_dummy_encryption option not supported
[  129.322096][ T8270] syzkaller0: entered promiscuous mode
[  129.327807][ T8270] syzkaller0: entered allmulticast mode
[  129.517755][ T8250] ==================================================================
[  129.525911][ T8250] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[  129.533098][ T8250] 
[  129.535467][ T8250] write to 0xffff88811ac8e5cc of 4 bytes by task 8239 on cpu 0:
[  129.543131][ T8250]  xas_set_mark+0x12b/0x140
[  129.547685][ T8250]  __folio_start_writeback+0x155/0x340
[  129.553202][ T8250]  ext4_bio_write_folio+0x5ad/0x9f0
[  129.558451][ T8250]  mpage_process_page_bufs+0x4a1/0x620
[  129.563951][ T8250]  mpage_prepare_extent_to_map+0x7a3/0xc20
[  129.569808][ T8250]  ext4_do_writepages+0x6fe/0x27e0
[  129.574971][ T8250]  ext4_writepages+0x179/0x300
[  129.579775][ T8250]  do_writepages+0x1c6/0x310
[  129.584438][ T8250]  file_write_and_wait_range+0x156/0x2c0
[  129.590088][ T8250]  generic_buffers_fsync_noflush+0x45/0x130
[  129.596011][ T8250]  ext4_sync_file+0x1ab/0x690
[  129.600706][ T8250]  vfs_fsync_range+0x10d/0x130
[  129.605508][ T8250]  ext4_buffered_write_iter+0x34f/0x3c0
[  129.611088][ T8250]  ext4_file_write_iter+0x387/0xf60
[  129.616321][ T8250]  iter_file_splice_write+0x66b/0xa20
[  129.621723][ T8250]  direct_splice_actor+0x156/0x2a0
[  129.626861][ T8250]  splice_direct_to_actor+0x312/0x680
[  129.632254][ T8250]  do_splice_direct+0xda/0x150
[  129.637035][ T8250]  do_sendfile+0x380/0x650
[  129.641484][ T8250]  __x64_sys_sendfile64+0x105/0x150
[  129.646706][ T8250]  x64_sys_call+0x2db1/0x3000
[  129.651426][ T8250]  do_syscall_64+0xca/0x2b0
[  129.655962][ T8250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.661880][ T8250] 
[  129.664218][ T8250] read to 0xffff88811ac8e5cc of 4 bytes by task 8250 on cpu 1:
[  129.671770][ T8250]  xas_find_marked+0x5dc/0x620
[  129.676567][ T8250]  find_get_entry+0x5d/0x380
[  129.681183][ T8250]  filemap_get_folios_tag+0x92/0x210
[  129.686493][ T8250]  filemap_fdatawait_range+0x88/0x1d0
[  129.691902][ T8250]  __writeback_single_inode+0xdb/0x7c0
[  129.697394][ T8250]  writeback_single_inode+0x16d/0x3f0
[  129.702792][ T8250]  sync_inode_metadata+0x5b/0x90
[  129.707757][ T8250]  generic_buffers_fsync_noflush+0xee/0x130
[  129.713698][ T8250]  ext4_sync_file+0x1ab/0x690
[  129.718421][ T8250]  vfs_fsync_range+0x10d/0x130
[  129.723210][ T8250]  ext4_buffered_write_iter+0x34f/0x3c0
[  129.728799][ T8250]  ext4_file_write_iter+0x387/0xf60
[  129.734046][ T8250]  iter_file_splice_write+0x66b/0xa20
[  129.739457][ T8250]  direct_splice_actor+0x156/0x2a0
[  129.744604][ T8250]  splice_direct_to_actor+0x312/0x680
[  129.750009][ T8250]  do_splice_direct+0xda/0x150
[  129.754796][ T8250]  do_sendfile+0x380/0x650
[  129.759245][ T8250]  __x64_sys_sendfile64+0x105/0x150
[  129.764477][ T8250]  x64_sys_call+0x2db1/0x3000
[  129.769186][ T8250]  do_syscall_64+0xca/0x2b0
[  129.773728][ T8250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.779649][ T8250] 
[  129.781995][ T8250] value changed: 0x0a000021 -> 0x00000021
[  129.787729][ T8250] 
[  129.790067][ T8250] Reported by Kernel Concurrency Sanitizer on:
[  129.796254][ T8250] CPU: 1 UID: 0 PID: 8250 Comm: syz.3.1720 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  129.807571][ T8250] Tainted: [W]=WARN
[  129.811391][ T8250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  129.821494][ T8250] ==================================================================