last executing test programs:

1m56.332304501s ago: executing program 3 (id=687):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)

1m56.208006023s ago: executing program 3 (id=694):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)

1m56.126917115s ago: executing program 3 (id=699):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r2, 0x0, 0x8000000000000001}, 0x18)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)

1m56.118405455s ago: executing program 3 (id=701):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x555, &(0x7f0000000640)="$eJzs3U9oHNUfAPDvzDb59U9+JhURWxQDHipIt9larHpqe7GHggU9iHhoaDY1ZNOEJAUTemjBi1BB1KuHXgTP3iV3byKoN48iVJGIJyEyu7PJmuwmIWSdNPP5wOy+N2+T9747vMx7M/NIAKU1mr2kEaci4kYSMdxRdiTywtHW51b/uHsz25JYW3vr9ySSfF/780n+fiLPHI2I765EPFnZWu/C0vL0eKNRn8/z5xZn5s4tLC2fnZoZv1W/Vb9dO//qhYtjr9Uu1PYt1gdfffbL1WtvPvvxh++/Mvl942wSl2IoL+uMY7+Mxuj6d9Ip+14v7ndlBank8XSLk4OvffwGIuLpGI5K3uszwzH1oNDGAX21VolYA0oq0f+hpNrjgPbcvh/z4IPs0eXWBGhr/Eda10biaHNudHw16ZgZtea7I/tQf1bH33dPf5Ft0afrENu5dz8inukWf9Js20jzKk4Wf/qv+NOIGMvfs/3n91j/6Kb84xT/pY74r+yx/qLjB6CcVi63TuRbz3/p+vgnuox/hrqcu/ai6PNf7/HfRvyVHuO/67us4+ePrn7aq6xz/JdtWf3tseB/4dH9iNNd40/W40+6xJ+Ne27sso43fvjtaq+youNfexhxpuv8Z+OOVrL9/clzk1ON+ljrtWsd33z73pe96i86/uz4H+8R/3bHP9s3t8s6vr7+cKZX2c7xp78OJm83U4P5ng/GFxfnaxGDybWt+3eYiLQ/0/4dWfwvvrB9/+8W/7Fs7rDL+OfemV7de/z9lcU/scfj/8ku6/jr3TvP9SorOn4AAAAAAAA4TNLmsxxJWl1Pp2m12lrD+1QcTxuzC4svTc7euT3ReuZjJAbS9p3u4VY+yfK1/HnYdv78pvzLEXEyIj6vHGvmqzdnGxNFBw8AAAAAAAAAAAAAAAAAAAAHxIlN6///rLTW/wMlcaToBgCF0f+hvPR/KC/9H8pL/4fy0v+hvPR/KC/9H8pL/4fy0v+hvPR/AAAAADiUTj6/8lMSEfdeP9bcMoN52UChLQP6LS26AUBhKkU3ACiMW/9QXub4QLJD+dFeBSs7/SQAAAAAAAAAAAAAsF/OnLL+H8rK+n8oL+v/obys/4fyMscHrP8HAAAAAAAAAAAAgINvqLklaTVfCzwUaVqtRvw/IkZiIJmcatTHIuKJiPixMvC/LF8rutEAAAAAAAAAAAAAAAAAAABwyCwsLU+PNxr1eQkJCYn1RNF/mQAAAAAAAAAAAAAAAAAAoHw2Fv0W3RIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKM7G///vX6LoGAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAx9M/AQAA///6OSBl")
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xb85802, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f00000002c0)='./file0/../file0\x00', &(0x7f0000000440)='./file0/../file0\x00')

1m56.043481466s ago: executing program 3 (id=702):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x60}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='kfree\x00', r0}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f0000000c40)={{0x80}, 'port0\x00', 0x0, 0x100c42, 0x5, 0x6, 0x2, 0x40, 0x3, 0x0, 0x1, 0x5})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x28, 0x1b1878, 0x4, 0x2, 0x3e4, 0x0, 0x4, 0x0, 0x7, 0x3})

1m55.848781989s ago: executing program 3 (id=711):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000020000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x1000}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'geneve0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

1m55.83792842s ago: executing program 32 (id=711):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000020000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x1000}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'geneve0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

1m13.875835558s ago: executing program 5 (id=2095):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r2, 0x29, 0x16, &(0x7f0000000000), 0x4)
setsockopt$inet6_int(r2, 0x29, 0x16, &(0x7f0000fcb000)=0xfffffffc, 0x4)

1m13.874509638s ago: executing program 5 (id=2097):
unshare(0x66000080)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000740)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x300, 0x14}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x3c, 0x28, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, {{0x2200, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}, 0x36)

1m13.74375652s ago: executing program 5 (id=2100):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r1, 0x0, 0xfffffffffffffff4}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c000240"], 0xdc}}, 0x0)

1m13.742807771s ago: executing program 5 (id=2101):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000140)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@lazytime}, {@quota}, {@quota}]}, 0x3, 0x443, &(0x7f0000000940)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r0 = syz_io_uring_setup(0x497, &(0x7f0000000000)={0x0, 0xf62c, 0x800, 0x3, 0x37d}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

1m13.599231123s ago: executing program 5 (id=2104):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000018c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000100)="12", 0x1}], 0x1}}], 0x1, 0x4008000)
shutdown(r0, 0x2)
poll(&(0x7f0000000500)=[{}, {0xffffffffffffffff, 0x40}, {0xffffffffffffffff, 0x40}, {r0, 0x1040}, {0xffffffffffffffff, 0x102}], 0x5, 0x49e2)

1m12.795503526s ago: executing program 5 (id=2132):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100feffffff0000000005000000180001801400020073797a5f74756e000000000000000000240003801c0003800c00018008000100000000000c0401800800010000000000040001"], 0x50}, 0x1, 0x0, 0x0, 0x20008804}, 0x0)

1m12.794967496s ago: executing program 33 (id=2132):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100feffffff0000000005000000180001801400020073797a5f74756e000000000000000000240003801c0003800c00018008000100000000000c0401800800010000000000040001"], 0x50}, 0x1, 0x0, 0x0, 0x20008804}, 0x0)

1m7.168174378s ago: executing program 0 (id=2307):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000002020000000900010073797a310000000014000200626f6e641000"/46], 0x34}}, 0xc800)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000940)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000c000000200003801c000380180001800a0002007770616e30000000070001000400000018000180140002007665746830"], 0x4c}}, 0x880)
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x39, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1511, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0x2}, 0x0, 0x10000, 0x9, 0x1, 0x8, 0x6, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)=ANY=[@ANYRESDEC=r3], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7, 0x0, 0xfffffffffffffffc}, 0x18)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, 0x0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r5, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000a00000005000400020000000900020073797a32000000001400078008001340ffffffff0800060000000000050005000200000005000100060000000d000300686173683a6e6574"], 0x5c}}, 0x80)
r8 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
fcntl$dupfd(r8, 0x406, r8)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r9, @ANYRES8=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x24040010}, 0x0)
r11 = socket$inet(0x10, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000300)={'bond0\x00', <r12=>0x0})
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x48, 0x10, 0x401, 0x4, 0x0, {0x0, 0x0, 0x0, 0x0, 0xfd5d}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x10, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}}]}}}, @IFLA_LINK={0x8, 0x5, r12}]}, 0x48}, 0x1, 0x0, 0x0, 0x50}, 0x0)

1m6.685830596s ago: executing program 0 (id=2317):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000140)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x8016, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x1400, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef)

1m6.562892158s ago: executing program 0 (id=2321):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00')
r2 = socket(0x18, 0x4, 0x0)
connect$pppoe(r2, &(0x7f0000000100)={0x18, 0x0, {0x2, @empty, 'vxcan1\x00'}}, 0x1e)
sendfile(r2, r1, 0x0, 0x8)

1m6.504278629s ago: executing program 0 (id=2323):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)

1m6.239695753s ago: executing program 0 (id=2333):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {0x1a}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

1m5.694518173s ago: executing program 0 (id=2347):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x13, &(0x7f00000000c0)=@raw=[@ringbuf_query, @tail_call, @btf_id={0x18, 0x8, 0x3, 0x0, 0x2}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}], 0x0, 0x9, 0x0, 0x0, 0x41100, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x94)
r1 = socket$inet(0x2, 0x1, 0x0)
dup3(0xffffffffffffffff, r0, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000140)=ANY=[@ANYBLOB="e0000001ac1414aa0000000003"], 0x1c)
syz_emit_ethernet(0x2a, &(0x7f0000000e80)={@link_local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x2, 0x0, 0xfe, 0x11, 0x0, @local, @multicast1}, {0x0, 0x4e25, 0x8}}}}}, 0x0)

1m5.689193883s ago: executing program 34 (id=2347):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x13, &(0x7f00000000c0)=@raw=[@ringbuf_query, @tail_call, @btf_id={0x18, 0x8, 0x3, 0x0, 0x2}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}], 0x0, 0x9, 0x0, 0x0, 0x41100, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x94)
r1 = socket$inet(0x2, 0x1, 0x0)
dup3(0xffffffffffffffff, r0, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000140)=ANY=[@ANYBLOB="e0000001ac1414aa0000000003"], 0x1c)
syz_emit_ethernet(0x2a, &(0x7f0000000e80)={@link_local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x2, 0x0, 0xfe, 0x11, 0x0, @local, @multicast1}, {0x0, 0x4e25, 0x8}}}}}, 0x0)

56.409508275s ago: executing program 6 (id=2674):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x488c0}, 0x4008010)
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x18)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

56.363418036s ago: executing program 6 (id=2676):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000003}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e0000000000000000001800028014000380"], 0x44}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)

56.352785736s ago: executing program 6 (id=2679):
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
socket$rds(0x15, 0x5, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xf0, 0xd215)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

56.299297937s ago: executing program 6 (id=2681):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)

56.205051838s ago: executing program 6 (id=2685):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000002c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0)
truncate(&(0x7f0000000100)='./file0/file0\x00', 0x5)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c3a42, 0x0)

55.628954448s ago: executing program 6 (id=2700):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000001007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'wg1\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000000)=0xf41, 0x4)
sendto$packet(r2, &(0x7f0000000240)='\x00', 0x1, 0x800, &(0x7f0000000080)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xfc}}, 0x14)

55.628575188s ago: executing program 35 (id=2700):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000001007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'wg1\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000000)=0xf41, 0x4)
sendto$packet(r2, &(0x7f0000000240)='\x00', 0x1, 0x800, &(0x7f0000000080)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xfc}}, 0x14)

9.548657183s ago: executing program 2 (id=4055):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000000)=0x6ab7, 0x1)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000180)=0x42000000, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

9.365531547s ago: executing program 2 (id=4058):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x24, 0x2, 0x1, 0x701, 0x0, 0x0, {0xa, 0x0, 0x8}, [@CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x81}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x400}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000004}, 0x20000004)

8.669434268s ago: executing program 2 (id=4073):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x18)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000580)={@cgroup=r0, 0xffffffffffffffff, 0x2f, 0x2020, 0x4}, 0x20)
r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev(r3, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)

8.594614559s ago: executing program 2 (id=4078):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10dc43, 0x0)

8.518605061s ago: executing program 2 (id=4081):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r3], 0x2c}}, 0x0)

8.271990595s ago: executing program 2 (id=4091):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x8, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
recvmmsg(r0, &(0x7f0000001a80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/11, 0xb}}], 0x1, 0x142, 0x0)

8.270999645s ago: executing program 36 (id=4091):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x8, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
recvmmsg(r0, &(0x7f0000001a80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/11, 0xb}}], 0x1, 0x142, 0x0)

1.734424772s ago: executing program 8 (id=4237):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000ac0)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r2, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r0}, 0x20)
recvmmsg(r0, &(0x7f0000000b80)=[{{0x0, 0xffffffffffffff6c, 0x0, 0x0, 0x0, 0x52}, 0xa}], 0x360, 0x120, 0x0)
recvfrom$inet6(r0, &(0x7f0000000180)=""/67, 0x43, 0x142, 0x0, 0x0)

1.687804803s ago: executing program 7 (id=4238):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94)
close(0x3)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r2 = dup(r0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, 0x8)

1.686832213s ago: executing program 8 (id=4240):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000002000095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x94)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r4=>0x0})
r5 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r4, 0x25, 0x0, @val=@netfilter}, 0x40)
close_range(r1, r5, 0x0)

1.672544603s ago: executing program 8 (id=4241):
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet(0x2, 0x5, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
r1 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
write$selinux_validatetrans(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="73717374656d5f753a6f626a6563745f723a6c6f67696e5f657865775f743a73302073797374656d5f753a6f626a6563745f723a73736864635f743a733020303030303030303030303030303030300e303036202f7573722f7362696e2f63757073640000000000e24d20e2fda0252ee138ff75d9b4bc7d1d36824cd2a3f4c612d156794d54385c9560a073dab010ff3f14209bcc0a1fc751b01c24d4d7a3ff4a96c9e243"], 0x68)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f00000004c0)=0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r3, &(0x7f0000000100)='ns/uts\x00')
get_robust_list(r3, &(0x7f0000000380)=&(0x7f0000000340), &(0x7f00000003c0)=0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000400)=[{0x7, 0x6, 0xfe, 0x7ffc0002}]})
flistxattr(r2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r4, 0x10e, 0xa, &(0x7f00000004c0)=0x7, 0x4)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x1000, 0x2, 0x0, 0x0, 0x8000002, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x3, 0x0, 0x1, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, 0x9, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4fd, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x7e98263b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0xd819ac9, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x10, 0x20, 0x4, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x4, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x20000040, 0xffffffff, 0x400, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9c, 0x1, 0x0, 0x0, 0x0, 0x300000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000180)={0x400000000000000, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="020ffd000200000000000048920441220000000000"], 0x10}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)

1.450297167s ago: executing program 1 (id=4250):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x2)
capset(&(0x7f0000000ac0)={0x19980330}, &(0x7f0000000180)={0x0, 0x10000, 0xc898, 0x0, 0x0, 0x2})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)

1.397550857s ago: executing program 4 (id=4251):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x8, 0x3, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x42}, 0x94)
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0xc0}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000640)=<r2=>0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x8, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x20, 0x0, 0x0, 0x0)

1.362756578s ago: executing program 4 (id=4253):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000000480)={0x10, 0x0, 0x25dfdbfb, 0x808b9027}, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x80, 0x0, 0x0)

1.301112939s ago: executing program 1 (id=4255):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x2, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r2 = syz_open_pts(r0, 0x8182)
dup3(r2, r0, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000a00)={0x2, 0x8, 0x7, 0x0, 0x3, "eb3464edc88e2fd8ba4229c216a102171c7eb6"})

1.300171629s ago: executing program 4 (id=4256):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000780)={[{@data_err_ignore}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@delalloc}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}, {@quota}]}, 0x41, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)='%pS    \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f0000000080))

1.22118816s ago: executing program 1 (id=4259):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000280)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r3], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r4}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

1.158235732s ago: executing program 1 (id=4261):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_devices(r1, &(0x7f0000000200)='devices.allow\x00', 0x2, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
socket$kcm(0x11, 0x200000000000002, 0x300)
close_range(r2, 0xffffffffffffffff, 0x0)

1.157892461s ago: executing program 4 (id=4262):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x881)
r1 = dup(r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000440)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x106}}, 0x20)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000180)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf)

1.083141142s ago: executing program 9 (id=4267):
socket$kcm(0x2, 0x1000000000000002, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000040)={r2, 0x1, 0x1, @broadcast}, 0x10)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000000)={r2, 0x1, 0x0, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

1.011770014s ago: executing program 9 (id=4268):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0x100}, 0x18)
write$tun(r0, &(0x7f0000000600)=ANY=[@ANYBLOB="7f7215b6"], 0x32)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x5], 0x0, 0x0, 0x1}}, 0x40)

877.284846ms ago: executing program 7 (id=4269):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x9, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xbd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x40, 0x6, 0x0, 0x38159f4e, 0x4d299, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x4}, 0x100882, 0x7ff, 0x9, 0x0, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syncfs(0xffffffffffffffff)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)

876.793006ms ago: executing program 9 (id=4270):
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfec9, 0x0, 0x0, 0x3b1}, 0x0, 0x0)
r0 = syz_io_uring_setup(0x24ff, &(0x7f0000000300)={0x0, 0xf36b, 0x10100, 0x0, 0x155}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x2d, 0x0, @fd, 0x40, 0x0, 0x6, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x2936, 0x0, 0x0, 0x0)

854.957916ms ago: executing program 9 (id=4271):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x20000004)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0x60044004)

829.307817ms ago: executing program 9 (id=4272):
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x1)
mincore(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0)

828.373647ms ago: executing program 7 (id=4273):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext, 0x104c48, 0xffff, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newtfilter={0x58, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xfff2, 0x4}, {}, {0xe, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x28, 0x2, [@TCA_FLOW_EMATCHES={0x24, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}]}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054)

789.380087ms ago: executing program 8 (id=4274):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0xfd, 0x0, 0x0, 0xd2, 0x0, 0x0, 0x60300, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x8000, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="8fedcb790700117df37538e486dd6317ce22001100000000000000000000000000007fc5f603ff65ec5deb000071673fa79d93014b8e7781"], 0xfdef)

771.516168ms ago: executing program 8 (id=4275):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = memfd_create(&(0x7f0000001040)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1\x8c.?}jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
write$binfmt_script(r2, &(0x7f0000000300)={'#! ', './file0'}, 0x17)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

729.474638ms ago: executing program 8 (id=4276):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000140)={0x80, 0x6, 0x303, 0xfff, 0x0, 0x0, 0x0})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@journal_dev={'journal_dev', 0x3d, 0x2d353}}, {@nobh}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tcuTEXE1f9tURHztyxHfTA7Gbe7sri/WatWtvFxp1TcrzZ3d62v1xdXqanVjfn7ujYU3F15fmM1yT9TOUi/zky99/vanv/W7G3++9u12tT73kShEXztOUrfphc626Glvo63TCDYCE3l7CqOuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymsxKP7lU45f6myawfHTiLh6AvFhnN1p9z9vDfr+pfFS53Xw928yT09qeP+X5pGf7/Rzg/qfZw+srT4wxgv3flYZGv9WxAuTg/ufXv+bDIn/8oG1/SvLsoMxvvH13d1h8bMfR8wM/P1JHotVadU3K82d3etr9cXV6mp1Y35+7o2FNxdeX5itrKzVqvnfgTG+97GfPzys/VcGxP/tb7r972Htf2XYSvv8597N+x/qZguD4l97eeDv71QMiZ/mv32fzPPt+TO9/F43v9+LP7374mHtXx6y/Y/6/K8ds/2vfvW7vz/mogDAGWju7K4v1mrVrUMyU8dY5mnM/GLqXFTj/8xk3+l+cuelPu83095bfTSl16pzULF9mezMYk3EOWny/zIj7ZYAAIBT8Ginf9Q1AQAAAAAAAAAAAAAAAAAAgPF1FrcT64+5N5qmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAc6r8BAAD//0wa4Aw=")

728.890529ms ago: executing program 7 (id=4277):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000000900)={{0x80}, 'port0\x00', 0xf3, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x2, 0xf8})
close_range(r2, 0xffffffffffffffff, 0x0)

727.880309ms ago: executing program 7 (id=4278):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100cb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/crypto\x00', 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
sendfile(r2, r1, 0x0, 0x20000023893)

704.240529ms ago: executing program 7 (id=4279):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x100)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

300.655125ms ago: executing program 1 (id=4280):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x7, 0x4, 0x100, 0x1, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)

299.669895ms ago: executing program 4 (id=4281):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
listen(0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x204010, &(0x7f0000000100), 0xfe, 0x46e, &(0x7f00000007c0)="$eJzs3MtvVFUYAPDvTjst5WEr4gMEra9IfLS0PGThBqOJC01MdIFxNZZCkIEaWhMgRNEYXBoS98aliX+BG3Fj1JWJW90bE0LYSFxdc2fuHcYyM+20U0aZ3y+55Zy5Zzjnu+ce5sw53AYwsCazH0nE1oj4LSLG69l/F5is/3HzxlhEXJxLIk3fvJ7Uyv114+JcUbR435Z6Jh3qUO/ldyIq1er82Tw/vXT6/enF8xeeP3m6cmL+xPyZ2cOHD+zfM3Jo9mBP4tyWtXXXhwu7d7769pXX545eefenb7L2bs3PN8fRK5P1q9vSU9mPUq9r7J9tTelkuI8NoSvZGM26q1wb/+MxFGONc+Pxyid9bRywodK0lI62P30pTdN0U60ccPdJjG0YUMUHffb9tzhWP3vYut7pR99dOxKNdYyb+VE/M9z4el7ewPonI+Lopb+/zI7YoHUIAIBmV49ExHOt5n+leKCp3D353tBERNwbEdsj4r6I2BER90fUyj4YEQ91Wf/yHZLb5z/p+JoCW6Vs/vdibW9r+fyvsTkzMZTnttXiT+L4yer8vvya7I3yaJaf6VDH9y//+nm7c83zv+zI6i/mgnk7/hxetkB3rFKurCfmZtc+johkokX8SRTbONn8eGdE7Ory7y72hE4+8/XudmVWjr+DHuwzpV9FPF3v/0uxLP5C0nZ/cuaFQ7MHpzdFdX7fdHFX3O7nXy6/0a7+dcXfA9euprG55f3fiH8i2RSxeP7Cqdp+7WL3dVz+/bO232nWdv8vVUaSt2rpkfy1c5WlpbMzESPJa7e/PnvrvUX+XGVpJGbq9//eJ1qP/+1x60o8HBHZTbwnIh6JiEfztj8WEY9HxKcd4v/xpSff6z7+DqvyPZTFf2yl/o/m/u8ycb1SHTr1w7fdx1/I+v9ALbU3fyXr/5XiWm0D13PtAAAA4P+iVNvFT0pTjXSpNDVV/z/8O2JzqbqwuPTs8YUPzhyr7/ZPRLlUrHTV14PLSbH+OdGUn12W35+vG38xNFbLT80tVLtdKwZ6a0ub8Z/5o9MDPMDdwfNaMLiMfxhcxj8MLuMfBpfxD4Or1fj/qA/tAO68FT7/x+5UO4A7z/wfBpfxD4PL+IeB1PbZ+NLaH/mXaJEYXemC9ybx3ciGV5EnotT3q1qOiP9E5642UYy6duG0fNfwqn+ZxRoToy1P9e/fJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF76JwAA///jGNH6")

6.47598ms ago: executing program 4 (id=4282):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x2, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r2 = syz_open_pts(r0, 0x8182)
dup3(r2, r0, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000a00)={0x2, 0x8, 0x7, 0x0, 0x3, "eb3464edc88e2fd8ba4229c216a102171c7eb6"})

444.67µs ago: executing program 1 (id=4292):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=@newtfilter={0x54, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xf, 0x10000}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_EMATCHES={0x20, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x3, 0x0, 0x0, {{0x95, 0x2, 0xc}, {0x101, 0x0, 0x2}}}]}]}]}}]}, 0x54}}, 0x0)

0s ago: executing program 9 (id=4283):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x20, r3, 0xc4fc9e906872338b, 0x70bd2a, 0x0, {{0x15}, {@void, @val={0xc, 0x99, {0xc7, 0x3a}}}}}, 0x20}}, 0x0)

kernel console output (not intermixed with test programs):

7
[  130.414340][T11305] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  130.423936][T11314] loop8: detected capacity change from 0 to 128
[  130.430216][T11299] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3173: bg 0: block 40: padding at end of block bitmap is not set
[  130.448600][T11314] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  130.461100][T11299] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  130.470631][T11299] EXT4-fs (loop4): 1 truncate cleaned up
[  130.471477][T11311] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.499614][T11299] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  130.512593][T11311] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3179: bg 0: block 328: padding at end of block bitmap is not set
[  130.531285][T11299] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  130.559303][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.571384][ T9236] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.642276][T11326] loop2: detected capacity change from 0 to 512
[  130.649882][T11326] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  130.665966][T11326] EXT4-fs (loop2): orphan cleanup on readonly fs
[  130.701135][T11326] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.3185: Block bitmap for bg 0 marked uninitialized
[  130.721803][T11326] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  130.731944][T11326] EXT4-fs (loop2): 1 orphan inode deleted
[  130.740283][T11326] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  130.792422][T11337] macvtap0: entered promiscuous mode
[  130.804747][T11337] macvtap0: left promiscuous mode
[  130.823760][T11341] loop4: detected capacity change from 0 to 128
[  130.830418][T11341] EXT4-fs: Ignoring removed nobh option
[  130.839013][T11341] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  130.883857][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.075774][T11350] loop2: detected capacity change from 0 to 1024
[  131.085547][T11350] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.108316][T11350] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 47 with max blocks 1 with error 28
[  131.120680][T11350] EXT4-fs (loop2): This should not happen!! Data will be lost
[  131.120680][T11350] 
[  131.130543][T11350] EXT4-fs (loop2): Total free blocks count 0
[  131.136605][T11350] EXT4-fs (loop2): Free/Dirty block details
[  131.142527][T11350] EXT4-fs (loop2): free_blocks=0
[  131.147516][T11350] EXT4-fs (loop2): dirty_blocks=0
[  131.152645][T11350] EXT4-fs (loop2): Block reservation details
[  131.158676][T11350] EXT4-fs (loop2): i_reserved_data_blocks=0
[  131.216768][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.304198][T11362] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  131.311627][T11362] vhci_hcd: default hub control req: 1f07 v0017 i0001 l0
[  131.400718][ T3306] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  131.414096][T11369] loop1: detected capacity change from 0 to 2048
[  131.463048][T11378] loop7: detected capacity change from 0 to 1024
[  131.470478][T11369]  loop1: p1 < > p4
[  131.475518][T11369] loop1: p4 size 8388608 extends beyond EOD, truncated
[  131.487367][T11378] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.517270][T11378] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 47 with max blocks 1 with error 28
[  131.529868][T11378] EXT4-fs (loop7): This should not happen!! Data will be lost
[  131.529868][T11378] 
[  131.539790][T11378] EXT4-fs (loop7): Total free blocks count 0
[  131.545848][T11378] EXT4-fs (loop7): Free/Dirty block details
[  131.551797][T11378] EXT4-fs (loop7): free_blocks=0
[  131.556858][T11378] EXT4-fs (loop7): dirty_blocks=0
[  131.561910][T11378] EXT4-fs (loop7): Block reservation details
[  131.567978][T11378] EXT4-fs (loop7): i_reserved_data_blocks=0
[  131.654194][ T9236] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.692403][T11393] netlink: 'syz.7.3213': attribute type 1 has an invalid length.
[  131.780045][T11393] netlink: 'syz.7.3213': attribute type 9 has an invalid length.
[  131.804842][T11393] macvlan3: entered promiscuous mode
[  131.811388][T11393] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  131.819829][T11400] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3216'.
[  131.829001][T11400] netem: change failed
[  132.005479][T11418] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  132.046066][T11421] loop1: detected capacity change from 0 to 2048
[  132.061216][T11421] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.077600][T11421] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.3224: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  132.107092][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.133256][T11425] loop1: detected capacity change from 0 to 1024
[  132.147935][T11425] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.218704][T11432] loop4: detected capacity change from 0 to 512
[  132.246386][T11432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.265622][T11432] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3227: bg 0: block 328: padding at end of block bitmap is not set
[  132.305916][T11439] netlink: 'syz.2.3229': attribute type 1 has an invalid length.
[  132.350979][T11425] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.3225: Allocating blocks 497-513 which overlap fs metadata
[  132.384148][T11424] EXT4-fs (loop1): pa ffff8881071dca80: logic 272, phys. 385, len 8
[  132.384689][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.392174][T11424] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  132.413141][T11439] netlink: 'syz.2.3229': attribute type 9 has an invalid length.
[  132.416245][T11445] loop8: detected capacity change from 0 to 512
[  132.424863][T11439] macvlan9: entered promiscuous mode
[  132.433570][T11439] 8021q: adding VLAN 0 to HW filter on device macvlan9
[  132.451430][T11445] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.468496][T11445] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  132.477669][T11445] EXT4-fs error (device loop8): __ext4_remount:6736: comm syz.8.3233: Abort forced by user
[  132.489312][T11445] EXT4-fs (loop8): Remounting filesystem read-only
[  132.496123][T11445] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000.
[  132.508330][T11451] loop4: detected capacity change from 0 to 512
[  132.516277][T11451] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  132.516780][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.547364][T10109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.559823][T11451] EXT4-fs (loop4): 1 truncate cleaned up
[  132.566345][T11451] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.568896][T11454] loop2: detected capacity change from 0 to 512
[  132.596341][T11454] EXT4-fs (loop2): too many log groups per flexible block group
[  132.604332][T11454] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  132.611870][T11459] loop8: detected capacity change from 0 to 1024
[  132.621514][T11460] loop1: detected capacity change from 0 to 512
[  132.630664][T11460] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  132.630686][T11454] EXT4-fs (loop2): mount failed
[  132.641303][T11459] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.650422][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.673336][T11460] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.691924][T11459] EXT4-fs error (device loop8): ext4_map_blocks:816: inode #15: block 1: comm syz.8.3236: lblock 1 mapped to illegal pblock 1 (length 7)
[  132.721762][T11468] sg_write: data in/out 219/120 bytes for SCSI command 0x0-- guessing data in;
[  132.721762][T11468]    program syz.4.3238 not setting count and/or reply_len properly
[  132.758189][T11459] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 7 with error 117
[  132.770614][T11459] EXT4-fs (loop8): This should not happen!! Data will be lost
[  132.770614][T11459] 
[  132.844009][ T6585] EXT4-fs error (device loop8): ext4_validate_block_bitmap:432: comm kworker/u8:21: bg 0: block 3: invalid block bitmap
[  132.869747][ T6585] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 4 with error 117
[  132.882245][ T6585] EXT4-fs (loop8): This should not happen!! Data will be lost
[  132.882245][ T6585] 
[  132.894347][T10109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.904755][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.920791][T11486] vhci_hcd: invalid port number 96
[  132.925989][T11486] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  133.538917][   T29] kauditd_printk_skb: 319 callbacks suppressed
[  133.538935][   T29] audit: type=1400 audit(133.523:9089): avc:  denied  { map } for  pid=11534 comm="syz.4.3266" path="socket:[31013]" dev="sockfs" ino=31013 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  133.896071][T11547] loop7: detected capacity change from 0 to 128
[  133.947739][T11547] syz.7.3270: attempt to access beyond end of device
[  133.947739][T11547] loop7: rw=0, sector=97, nr_sectors = 120 limit=128
[  133.986428][ T6585] kworker/u8:21: attempt to access beyond end of device
[  133.986428][ T6585] loop7: rw=1, sector=217, nr_sectors = 824 limit=128
[  134.069717][T11564] loop1: detected capacity change from 0 to 512
[  134.085564][T11564] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0
[  134.096041][T11564] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  134.105473][T11564] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3278: Failed to acquire dquot type 1
[  134.117440][T11564] EXT4-fs (loop1): 1 truncate cleaned up
[  134.123728][T11564] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.148488][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.233747][T11573] vhci_hcd: invalid port number 96
[  134.238921][T11573] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  134.265039][T11575] loop1: detected capacity change from 0 to 512
[  134.275708][T11575] EXT4-fs (loop1): too many log groups per flexible block group
[  134.283530][T11575] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  134.290346][T11575] EXT4-fs (loop1): mount failed
[  134.317125][T11581] sg_write: data in/out 219/120 bytes for SCSI command 0x0-- guessing data in;
[  134.317125][T11581]    program syz.1.3282 not setting count and/or reply_len properly
[  134.357773][T11584] loop4: detected capacity change from 0 to 164
[  134.367215][T11584] Unsupported NM flag settings (8)
[  134.397173][T11591] loop1: detected capacity change from 0 to 512
[  134.407499][T11591] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  134.419837][T11591] EXT4-fs (loop1): 1 truncate cleaned up
[  134.426233][T11591] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.453380][   T29] audit: type=1326 audit(134.433:9090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11588 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  134.478442][   T29] audit: type=1326 audit(134.463:9091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11588 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  134.501540][   T29] audit: type=1326 audit(134.463:9092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11588 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  134.517207][T11593] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  134.524554][   T29] audit: type=1326 audit(134.463:9093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11588 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  134.554728][   T29] audit: type=1326 audit(134.463:9094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11588 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  134.577812][   T29] audit: type=1326 audit(134.463:9095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11588 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  134.603007][   T29] audit: type=1326 audit(134.493:9096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11594 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff51b661265 code=0x7ffc0000
[  134.629403][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.678307][T11599] netlink: 'syz.1.3290': attribute type 1 has an invalid length.
[  134.837800][T11619] loop2: detected capacity change from 0 to 512
[  134.850778][T11621] syzkaller1: entered promiscuous mode
[  134.856380][T11621] syzkaller1: entered allmulticast mode
[  134.885862][T11619] loop2: detected capacity change from 0 to 4096
[  134.894660][T11619] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.908686][T11619] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  134.917344][T11619] EXT4-fs (loop2): stripe (248) is not aligned with cluster size (16), stripe is disabled
[  134.927944][T11619] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[  134.955104][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.075038][T11635] loop2: detected capacity change from 0 to 164
[  135.094213][T11635] Unsupported NM flag settings (8)
[  135.146914][T11642] loop7: detected capacity change from 0 to 1024
[  135.155338][T11644] loop2: detected capacity change from 0 to 128
[  135.164520][T11644] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  135.165528][T11642] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.172464][T11644] FAT-fs (loop2): Filesystem has been set read-only
[  135.191334][T11644] syz.2.3311: attempt to access beyond end of device
[  135.191334][T11644] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  135.205266][T11644] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  135.213116][T11644] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  135.221685][T11644] syz.2.3311: attempt to access beyond end of device
[  135.221685][T11644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.236918][T11644] syz.2.3311: attempt to access beyond end of device
[  135.236918][T11644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.248546][T11642] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4113: comm syz.7.3310: Allocating blocks 465-513 which overlap fs metadata
[  135.261103][T11644] syz.2.3311: attempt to access beyond end of device
[  135.261103][T11644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.277522][T11644] syz.2.3311: attempt to access beyond end of device
[  135.277522][T11644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.291982][T11642] EXT4-fs (loop7): pa ffff8881057ea4d0: logic 256, phys. 369, len 9
[  135.299859][T11644] syz.2.3311: attempt to access beyond end of device
[  135.299859][T11644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.300128][T11642] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  135.313419][T11644] syz.2.3311: attempt to access beyond end of device
[  135.313419][T11644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.327016][T11642] EXT4-fs error (device loop7): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  135.339141][T11644] syz.2.3311: attempt to access beyond end of device
[  135.339141][T11644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.392368][ T9236] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.449950][T11654] netlink: 3 bytes leftover after parsing attributes in process `syz.4.3314'.
[  135.464153][T11654] batadv1: entered promiscuous mode
[  135.469418][T11654] batadv1: entered allmulticast mode
[  135.551618][T11661] loop8: detected capacity change from 0 to 128
[  135.590682][T11665] loop8: detected capacity change from 0 to 1024
[  135.635373][T11668] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3319'.
[  135.687464][T11675] netlink: 'syz.7.3322': attribute type 10 has an invalid length.
[  135.695671][T11675] veth1_macvtap: left promiscuous mode
[  135.718564][T11675] batman_adv: batadv0: Adding interface: macsec0
[  135.725105][T11675] batman_adv: batadv0: The MTU of interface macsec0 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  135.750612][T11675] batman_adv: batadv0: Not using interface macsec0 (retrying later): interface not active
[  135.784971][T11665] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.802415][T11665] EXT4-fs (loop8): shut down requested (0)
[  135.827465][T10109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.870273][T11682] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  136.141634][T11731] netlink: 'syz.4.3347': attribute type 10 has an invalid length.
[  136.149932][T11731] ipvlan0: entered allmulticast mode
[  136.155327][T11731] veth0_vlan: entered allmulticast mode
[  136.162334][T11731] team0: Device ipvlan0 failed to register rx_handler
[  136.211181][T11741] netlink: 88 bytes leftover after parsing attributes in process `syz.4.3352'.
[  136.324289][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.332692][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.340335][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.348444][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.356085][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.363677][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.371176][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.378701][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.386225][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.393857][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.401446][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.408963][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.416529][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.424057][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.431671][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.439186][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.446677][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.454225][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.461813][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.469475][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.477125][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.486384][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.494060][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.501633][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.509189][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.516748][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.524289][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.531970][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.539582][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.547232][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.554764][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.562305][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.569922][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.577557][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.585102][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.592744][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.600289][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.607975][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.615506][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.623016][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.630564][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.638085][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.645853][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.653405][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.661005][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.668552][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.676078][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.683606][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.691156][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.698765][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.706279][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.713844][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.721326][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.731129][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.738745][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.746393][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.754085][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.761924][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.769531][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.777255][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.784893][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.793043][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.800620][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.808481][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.816052][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.823651][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.832421][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.841667][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.849360][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.857084][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.864828][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.872420][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.880155][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.887765][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.895550][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.903232][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.910905][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.918515][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.926260][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.933908][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.941492][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.949183][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.956884][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.964618][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.972287][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.979920][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.987549][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  136.995290][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.002891][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.010571][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.018374][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.026034][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.033745][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.041387][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.049057][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.056635][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.064335][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.071968][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.079628][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.087248][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.094973][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.102681][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.110361][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.133514][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.141346][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.149059][T11761] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  137.241991][T11787] SELinux:  unknown common 
[  137.255735][T11787] SELinux: failed to load policy
[  137.436293][T11826] loop7: detected capacity change from 0 to 4096
[  137.446467][T11826] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.622805][ T9236] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.703877][T11845] netlink: 68 bytes leftover after parsing attributes in process `syz.7.3398'.
[  137.715641][T11847] loop8: detected capacity change from 0 to 164
[  137.722890][T11847] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  137.955427][T11874] netlink: 5 bytes leftover after parsing attributes in process `syz.8.3411'.
[  138.289511][T11888] SELinux:  unknown common 
[  138.295511][T11888] SELinux: failed to load policy
[  138.373345][T11889] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  138.837732][T11917] netlink: 5 bytes leftover after parsing attributes in process `syz.2.3431'.
[  138.899258][T11919] atomic_op ffff88813206a928 conn xmit_atomic 0000000000000000
[  138.940472][T11923] loop2: detected capacity change from 0 to 1024
[  138.955173][T11923] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.980168][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.998525][T11927] random: crng reseeded on system resumption
[  139.059234][T11933] program syz.2.3438 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  139.136532][   T29] kauditd_printk_skb: 235 callbacks suppressed
[  139.136567][   T29] audit: type=1326 audit(139.123:9332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.2.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  139.150444][T11938] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  139.167249][   T29] audit: type=1326 audit(139.123:9333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.2.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  139.196102][   T29] audit: type=1326 audit(139.123:9334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.2.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  139.219099][   T29] audit: type=1326 audit(139.123:9335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.2.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  139.242074][   T29] audit: type=1326 audit(139.123:9336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.2.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  139.242467][T11937] loop8: detected capacity change from 0 to 4096
[  139.265318][   T29] audit: type=1326 audit(139.123:9337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.2.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  139.294627][   T29] audit: type=1326 audit(139.123:9338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.2.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  139.317542][   T29] audit: type=1326 audit(139.123:9339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11939 comm="syz.2.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f60c5561265 code=0x7ffc0000
[  139.330962][T11937] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.340457][   T29] audit: type=1326 audit(139.123:9340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.2.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  139.375918][   T29] audit: type=1326 audit(139.123:9341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.2.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  139.508779][T11950] loop7: detected capacity change from 0 to 512
[  139.517183][T11947] SELinux:  unknown common 
[  139.522700][T11950] EXT4-fs: Ignoring removed i_version option
[  139.531467][T11947] SELinux: failed to load policy
[  139.540591][T11950] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  139.558903][T11950] EXT4-fs (loop7): 1 truncate cleaned up
[  139.566842][T11950] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.671178][ T9236] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.701250][T10109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.831205][T11975] netlink: 'syz.8.3456': attribute type 1 has an invalid length.
[  139.914919][T11975] netlink: 'syz.8.3456': attribute type 9 has an invalid length.
[  139.925973][T11975] macvlan6: entered promiscuous mode
[  139.932471][T11975] 8021q: adding VLAN 0 to HW filter on device macvlan6
[  140.102113][T11996] bridge: RTM_NEWNEIGH with invalid state 0x31
[  140.158675][T12006] sd 0:0:1:0: device reset
[  140.192432][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.199952][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.212195][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.219822][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.227327][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.234774][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.242191][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.249640][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.257171][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.264649][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.272065][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.279608][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.287092][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.294550][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.301943][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.309396][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.316970][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.324454][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.330239][T12016] loop7: detected capacity change from 0 to 512
[  140.331837][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.345586][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.353078][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.360535][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.368079][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.375521][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.383062][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.390562][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.398023][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.405458][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.412869][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.420341][ T6084] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  140.437329][ T6084] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  140.452685][T12016] EXT4-fs (loop7): 1 orphan inode deleted
[  140.460376][T12016] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.469894][T12012] netlink: 'syz.8.3473': attribute type 1 has an invalid length.
[  140.480727][T12022] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  140.480728][   T51] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  140.500849][T12012] netlink: 'syz.8.3473': attribute type 9 has an invalid length.
[  140.502242][T12016] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.521061][T12012] macvlan7: entered promiscuous mode
[  140.528959][T12012] 8021q: adding VLAN 0 to HW filter on device macvlan7
[  140.660495][T12044] sd 0:0:1:0: device reset
[  140.778617][T12064] netlink: 'syz.7.3493': attribute type 1 has an invalid length.
[  140.859650][T12064] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3493'.
[  140.870619][T12064] netlink: 'syz.7.3493': attribute type 9 has an invalid length.
[  140.885870][T12064] macvlan4: entered promiscuous mode
[  140.892375][T12064] 8021q: adding VLAN 0 to HW filter on device macvlan4
[  140.956124][T12079] serio: Serial port ptm0
[  140.972883][T12081] loop2: detected capacity change from 0 to 512
[  140.979715][T12081] EXT4-fs: Ignoring removed i_version option
[  140.986652][T12081] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  140.997909][T12081] EXT4-fs (loop2): 1 truncate cleaned up
[  141.004362][T12081] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.036020][T12085] sd 0:0:1:0: device reset
[  141.103080][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.124853][T12091] pim6reg1: entered allmulticast mode
[  141.231608][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.239181][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.246684][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.254239][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.261650][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.269146][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.276790][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.284213][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.291591][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.299087][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.306591][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.314232][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.321626][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.326541][T12102] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  141.329038][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.343839][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.352070][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.359531][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.366995][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.374420][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.381817][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.389280][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.396918][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.404418][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.411820][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.419435][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.426866][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.434352][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.441759][ T6056] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  141.449712][ T6056] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  141.677630][T12127] netlink: 'syz.1.3528': attribute type 1 has an invalid length.
[  141.751520][T12127] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3528'.
[  141.762786][T12127] netlink: 'syz.1.3528': attribute type 9 has an invalid length.
[  141.786792][T12127] macvlan14: entered promiscuous mode
[  141.793959][T12127] 8021q: adding VLAN 0 to HW filter on device macvlan14
[  141.876732][T12150] loop8: detected capacity change from 0 to 2048
[  141.924244][T12150]  loop8: p1 < > p4
[  141.928574][T12150] loop8: p4 size 8388608 extends beyond EOD, truncated
[  142.108803][T12164] can0: slcan on ttyS3.
[  142.164278][T12164] can0 (unregistered): slcan off ttyS3.
[  142.170020][T12164] Falling back ldisc for ttyS3.
[  142.299563][T12176] loop8: detected capacity change from 0 to 512
[  142.316745][T12176] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.350967][T10109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.748508][T12217] netlink: 96 bytes leftover after parsing attributes in process `syz.8.3559'.
[  142.938413][T12239] smc: net device bond0 applied user defined pnetid SYZ0
[  142.947844][T12239] smc: net device bond0 erased user defined pnetid SYZ0
[  142.977453][T12246] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3571'.
[  142.991016][T12248] loop4: detected capacity change from 0 to 512
[  142.998114][T12248] ext4: Unknown parameter 'obj_type'
[  143.011733][T12250] sd 0:0:1:0: device reset
[  143.079213][T12259] loop4: detected capacity change from 0 to 2048
[  143.096091][T12259] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.208575][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.705908][T12281] loop4: detected capacity change from 0 to 1024
[  143.712399][T12285] loop7: detected capacity change from 0 to 512
[  143.716982][T12281] EXT4-fs: Ignoring removed nomblk_io_submit option
[  143.736721][T12281] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.768747][T12285] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.825072][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.855315][ T9236] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.889950][T12301] sd 0:0:1:0: device reset
[  143.899954][T12300] loop4: detected capacity change from 0 to 512
[  143.917039][T12300] EXT4-fs: Ignoring removed mblk_io_submit option
[  143.944442][T12300] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  143.978355][T12305] netlink: 'syz.2.3593': attribute type 6 has an invalid length.
[  143.986473][T12300] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  143.995083][T12300] EXT4-fs (loop4): orphan cleanup on readonly fs
[  144.002437][T12300] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.3590: Invalid block bitmap block 0 in block_group 0
[  144.018844][T12300] EXT4-fs (loop4): Remounting filesystem read-only
[  144.028931][T12300] EXT4-fs (loop4): 1 orphan inode deleted
[  144.044002][T12300] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  144.088814][T12310] loop7: detected capacity change from 0 to 512
[  144.108252][T12310] EXT4-fs error (device loop7): ext4_iget_extra_inode:5035: inode #15: comm syz.7.3595: corrupted in-inode xattr: invalid ea_ino
[  144.130991][T12308] loop2: detected capacity change from 0 to 8192
[  144.137897][T12310] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.3595: couldn't read orphan inode 15 (err -117)
[  144.150679][T12310] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.163326][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.219516][ T9236] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.245814][T12317] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  144.273936][T12322] pim6reg1: entered promiscuous mode
[  144.279468][T12322] pim6reg1: entered allmulticast mode
[  144.296522][T12325] netlink: 'syz.4.3602': attribute type 1 has an invalid length.
[  144.355157][T12331] 9pnet: p9_errstr2errno: server reported unknown error 184467440
[  144.371357][T12336] macvlan8: entered promiscuous mode
[  144.378500][T12336] 8021q: adding VLAN 0 to HW filter on device macvlan8
[  144.396366][T12339] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3608'.
[  144.456178][T12344] ALSA: seq fatal error: cannot create timer (-22)
[  144.508560][T12347] loop1: detected capacity change from 0 to 1764
[  144.521163][T12349] loop2: detected capacity change from 0 to 2048
[  144.555367][T12349] ext2: Unknown parameter 'smackfsroot'
[  144.568037][   T29] kauditd_printk_skb: 196 callbacks suppressed
[  144.568081][   T29] audit: type=1326 audit(144.553:9534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12350 comm="syz.4.3612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  144.597340][   T29] audit: type=1326 audit(144.553:9535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12350 comm="syz.4.3612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  144.620285][   T29] audit: type=1326 audit(144.553:9536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12350 comm="syz.4.3612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  144.643411][   T29] audit: type=1326 audit(144.553:9537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12350 comm="syz.4.3612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  144.666362][   T29] audit: type=1326 audit(144.553:9538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12350 comm="syz.4.3612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  144.689326][   T29] audit: type=1326 audit(144.553:9539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12350 comm="syz.4.3612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  144.712184][   T29] audit: type=1326 audit(144.553:9540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12350 comm="syz.4.3612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  144.735355][   T29] audit: type=1326 audit(144.553:9541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12350 comm="syz.4.3612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  144.758263][   T29] audit: type=1326 audit(144.553:9542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12350 comm="syz.4.3612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  144.781240][   T29] audit: type=1326 audit(144.553:9543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12350 comm="syz.4.3612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  144.823714][T12349] loop2: detected capacity change from 0 to 512
[  144.881875][T12349] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.913359][T12349] EXT4-fs (loop2): shut down requested (0)
[  144.930671][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.087939][T12376] smc: net device bond0 applied user defined pnetid SYZ0
[  145.099862][T12376] smc: net device bond0 erased user defined pnetid SYZ0
[  145.130479][T12382] loop2: detected capacity change from 0 to 1024
[  145.137167][T12384] validate_nla: 1 callbacks suppressed
[  145.137183][T12384] netlink: 'syz.1.3627': attribute type 1 has an invalid length.
[  145.150609][T12384] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3627'.
[  145.165324][T12382] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 2 with error 28
[  145.177687][T12382] EXT4-fs (loop2): This should not happen!! Data will be lost
[  145.177687][T12382] 
[  145.187426][T12382] EXT4-fs (loop2): Total free blocks count 0
[  145.193463][T12382] EXT4-fs (loop2): Free/Dirty block details
[  145.199457][T12382] EXT4-fs (loop2): free_blocks=0
[  145.204446][T12382] EXT4-fs (loop2): dirty_blocks=0
[  145.209592][T12382] EXT4-fs (loop2): Block reservation details
[  145.215618][T12382] EXT4-fs (loop2): i_reserved_data_blocks=0
[  145.228138][T12392] loop1: detected capacity change from 0 to 512
[  145.234876][T12392] ext4: Unknown parameter 'obj_type'
[  145.252117][T12394] sd 0:0:1:0: device reset
[  145.343984][T12407] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  145.391503][T12413] smc: net device bond0 applied user defined pnetid SYZ0
[  145.399081][T12413] smc: net device bond0 erased user defined pnetid SYZ0
[  145.427235][T12416] can0: slcan on ttyS3.
[  145.442966][T12418] loop2: detected capacity change from 0 to 512
[  145.449652][T12418] EXT4-fs: Ignoring removed mblk_io_submit option
[  145.456993][T12418] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  145.467625][T12418] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  145.475638][T12416] can0 (unregistered): slcan off ttyS3.
[  145.475756][T12418] EXT4-fs (loop2): orphan cleanup on readonly fs
[  145.481415][T12416] Falling back ldisc for ttyS3.
[  145.488773][T12418] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.3639: Invalid block bitmap block 0 in block_group 0
[  145.507043][T12418] EXT4-fs (loop2): Remounting filesystem read-only
[  145.515104][T12418] EXT4-fs (loop2): 1 orphan inode deleted
[  145.554897][T12423] pim6reg1: entered promiscuous mode
[  145.555964][T12425] ALSA: seq fatal error: cannot create timer (-22)
[  145.560368][T12423] pim6reg1: entered allmulticast mode
[  145.603857][T12429] loop4: detected capacity change from 0 to 128
[  145.610499][T12429] EXT4-fs: Ignoring removed nobh option
[  145.678725][T12434] loop2: detected capacity change from 0 to 1764
[  145.728894][T12441] loop2: detected capacity change from 0 to 512
[  145.736817][T12441] EXT4-fs (loop2): orphan cleanup on readonly fs
[  145.745364][T12441] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3649: bg 0: block 248: padding at end of block bitmap is not set
[  145.760258][T12441] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3649: Failed to acquire dquot type 1
[  145.772549][T12441] EXT4-fs (loop2): 1 truncate cleaned up
[  145.780316][T12441] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  145.800379][T12441] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  145.850116][T12452] loop8: detected capacity change from 0 to 1024
[  145.857132][T12452] EXT4-fs: Ignoring removed nomblk_io_submit option
[  145.878744][T12454] 9pnet: p9_errstr2errno: server reported unknown error 184467440
[  146.008413][T12465] loop7: detected capacity change from 0 to 1764
[  146.030028][T12470] loop1: detected capacity change from 0 to 1024
[  146.036973][T12470] EXT4-fs: Ignoring removed nobh option
[  146.042608][T12470] EXT4-fs: Ignoring removed bh option
[  146.053322][T12472] SELinux:  Context /usr/sbin/cupsd is not valid (left unmapped).
[  146.065503][T12477] loop4: detected capacity change from 0 to 1024
[  146.087629][T12479] loop7: detected capacity change from 0 to 1024
[  146.111100][T12479] EXT4-fs: dax option not supported
[  146.121888][T12487] loop2: detected capacity change from 0 to 1024
[  146.128974][T12487] EXT4-fs: Ignoring removed nomblk_io_submit option
[  146.143843][T12489] 9pnet: p9_errstr2errno: server reported unknown error 184467440
[  146.204626][T12502] netlink: 'syz.1.3673': attribute type 1 has an invalid length.
[  146.232473][T12495] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  146.267512][T12507] loop7: detected capacity change from 0 to 2048
[  146.299453][T12502] netlink: 'syz.1.3673': attribute type 9 has an invalid length.
[  146.310182][T12502] macvlan15: entered promiscuous mode
[  146.317339][T12502] 8021q: adding VLAN 0 to HW filter on device macvlan15
[  146.539917][T12523] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.589774][T12523] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.649535][T12523] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.687217][T12523] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.753740][T12535] loop7: detected capacity change from 0 to 1024
[  146.771899][T12535] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 2 with error 28
[  146.784326][T12535] EXT4-fs (loop7): This should not happen!! Data will be lost
[  146.784326][T12535] 
[  146.794007][T12535] EXT4-fs (loop7): Total free blocks count 0
[  146.800002][T12535] EXT4-fs (loop7): Free/Dirty block details
[  146.805999][T12535] EXT4-fs (loop7): free_blocks=0
[  146.811021][T12535] EXT4-fs (loop7): dirty_blocks=0
[  146.816138][T12535] EXT4-fs (loop7): Block reservation details
[  146.822162][T12535] EXT4-fs (loop7): i_reserved_data_blocks=0
[  146.839661][T12523] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.851891][T12523] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.865519][T12523] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.877949][T12523] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.011817][T12542] loop1: detected capacity change from 0 to 736
[  147.044720][T12544] netlink: 'syz.8.3687': attribute type 1 has an invalid length.
[  147.102560][T12542] rock: directory entry would overflow storage
[  147.109790][T12542] rock: sig=0x3b10, size=4, remaining=3
[  147.118586][T12545] netlink: 'syz.8.3687': attribute type 9 has an invalid length.
[  147.149907][T12545] macvlan8: entered promiscuous mode
[  147.163580][T12545] 8021q: adding VLAN 0 to HW filter on device macvlan8
[  147.287916][T12553] syzkaller0: entered promiscuous mode
[  147.293550][T12553] syzkaller0: entered allmulticast mode
[  147.317398][T12556] loop4: detected capacity change from 0 to 512
[  147.326302][T12556] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.3692: corrupted in-inode xattr: invalid ea_ino
[  147.347410][T12556] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.3692: couldn't read orphan inode 15 (err -117)
[  147.447767][T12573] loop1: detected capacity change from 0 to 512
[  147.454770][T12573] EXT4-fs: Ignoring removed nomblk_io_submit option
[  147.493299][T12577] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  147.525237][T12585] netlink: 'syz.2.3703': attribute type 1 has an invalid length.
[  147.617474][T12585] netlink: 'syz.2.3703': attribute type 9 has an invalid length.
[  147.645133][T12585] macvlan10: entered promiscuous mode
[  147.649739][T12593] loop1: detected capacity change from 0 to 1024
[  147.651375][T12585] 8021q: adding VLAN 0 to HW filter on device macvlan10
[  147.670158][T12595] loop8: detected capacity change from 0 to 512
[  147.679016][T12595] EXT4-fs error (device loop8): ext4_iget_extra_inode:5035: inode #15: comm syz.8.3707: corrupted in-inode xattr: invalid ea_ino
[  147.694266][T12593] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 2 with error 28
[  147.694340][T12597] loop4: detected capacity change from 0 to 1024
[  147.706588][T12593] EXT4-fs (loop1): This should not happen!! Data will be lost
[  147.706588][T12593] 
[  147.714045][T12597] EXT4-fs: Ignoring removed nobh option
[  147.722597][T12593] EXT4-fs (loop1): Total free blocks count 0
[  147.728154][T12597] EXT4-fs: Ignoring removed bh option
[  147.734159][T12593] EXT4-fs (loop1): Free/Dirty block details
[  147.734172][T12593] EXT4-fs (loop1): free_blocks=0
[  147.734183][T12593] EXT4-fs (loop1): dirty_blocks=0
[  147.734194][T12593] EXT4-fs (loop1): Block reservation details
[  147.740720][T12595] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.3707: couldn't read orphan inode 15 (err -117)
[  147.745473][T12593] EXT4-fs (loop1): i_reserved_data_blocks=0
[  147.810203][T12604] hub 9-0:1.0: USB hub found
[  147.822318][T12604] hub 9-0:1.0: 8 ports detected
[  147.897307][T12616] serio: Serial port ptm0
[  147.901446][T12614] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  148.028612][T12635] netlink: 'syz.1.3722': attribute type 1 has an invalid length.
[  148.045548][   T23] kernel write not supported for file /1649/attr/exec (pid: 23 comm: kworker/1:0)
[  148.077611][T12637] loop8: detected capacity change from 0 to 1024
[  148.104793][T12637] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  148.117139][T12637] EXT4-fs (loop8): This should not happen!! Data will be lost
[  148.117139][T12637] 
[  148.126875][T12637] EXT4-fs (loop8): Total free blocks count 0
[  148.132871][T12637] EXT4-fs (loop8): Free/Dirty block details
[  148.138863][T12637] EXT4-fs (loop8): free_blocks=0
[  148.143847][T12637] EXT4-fs (loop8): dirty_blocks=0
[  148.148893][T12637] EXT4-fs (loop8): Block reservation details
[  148.155055][T12637] EXT4-fs (loop8): i_reserved_data_blocks=0
[  148.187287][T12635] netlink: 'syz.1.3722': attribute type 9 has an invalid length.
[  148.200841][T12635] macvlan16: entered promiscuous mode
[  148.207897][T12635] 8021q: adding VLAN 0 to HW filter on device macvlan16
[  148.560758][T12662] syzkaller0: entered promiscuous mode
[  148.566418][T12662] syzkaller0: entered allmulticast mode
[  148.687552][T12667] loop8: detected capacity change from 0 to 736
[  148.741542][T12667] rock: directory entry would overflow storage
[  148.748301][T12667] rock: sig=0x3b10, size=4, remaining=3
[  148.779420][T12673] serio: Serial port ptm0
[  148.910022][T12679] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  148.955340][T12682] hub 9-0:1.0: USB hub found
[  148.960194][T12682] hub 9-0:1.0: 8 ports detected
[  149.022204][T12688] loop2: detected capacity change from 0 to 2048
[  149.050238][T12688] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.3744: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  149.066894][T12688] EXT4-fs (loop2): Remounting filesystem read-only
[  149.107048][T12697] loop2: detected capacity change from 0 to 2048
[  149.165867][T12700] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  149.192494][T12706] serio: Serial port ptm0
[  149.344105][T12719] hub 9-0:1.0: USB hub found
[  149.348841][T12719] hub 9-0:1.0: 8 ports detected
[  149.393229][T12723] loop2: detected capacity change from 0 to 1024
[  149.408455][T12723] EXT4-fs: Ignoring removed nomblk_io_submit option
[  149.419667][T12727] wg2: entered promiscuous mode
[  149.424628][T12727] wg2: entered allmulticast mode
[  149.546610][T12737] loop1: detected capacity change from 0 to 2048
[  149.574545][T12746] loop7: detected capacity change from 0 to 512
[  149.584105][T12746] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a04fc128, mo2=0002]
[  149.596087][T12746] System zones: 1-12
[  149.600686][T12746] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.3764: invalid indirect mapped block 11 (level 0)
[  149.645808][T12749] loop2: detected capacity change from 0 to 736
[  149.654617][T12746] EXT4-fs (loop7): Remounting filesystem read-only
[  149.661743][T12746] EXT4-fs (loop7): 1 truncate cleaned up
[  149.678268][   T29] kauditd_printk_skb: 391 callbacks suppressed
[  149.678285][   T29] audit: type=1400 audit(149.663:9929): avc:  denied  { create } for  pid=12745 comm="syz.7.3764" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[  149.731047][T12752] hub 9-0:1.0: USB hub found
[  149.740048][T12749] rock: directory entry would overflow storage
[  149.747049][T12749] rock: sig=0x3b10, size=4, remaining=3
[  149.759972][T12752] hub 9-0:1.0: 8 ports detected
[  149.799323][T12758] loop1: detected capacity change from 0 to 1024
[  149.890081][   T31] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 393: padding at end of block bitmap is not set
[  149.916738][   T31] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2035 with error 117
[  149.929427][   T31] EXT4-fs (loop1): This should not happen!! Data will be lost
[  149.929427][   T31] 
[  149.966017][T12769] loop7: detected capacity change from 0 to 8192
[  150.257457][T12790] loop4: detected capacity change from 0 to 736
[  150.326404][T12790] rock: directory entry would overflow storage
[  150.333106][T12790] rock: sig=0x3b10, size=4, remaining=3
[  150.439066][T12793] syzkaller1: entered promiscuous mode
[  150.444660][T12793] syzkaller1: entered allmulticast mode
[  150.569654][T12795] loop4: detected capacity change from 0 to 2048
[  150.593360][T12795] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.3783: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  150.610048][T12795] EXT4-fs (loop4): Remounting filesystem read-only
[  150.647472][   T29] audit: type=1400 audit(150.633:9930): avc:  denied  { map } for  pid=12798 comm="syz.2.3784" path="socket:[34662]" dev="sockfs" ino=34662 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  150.670109][   T29] audit: type=1400 audit(150.633:9931): avc:  denied  { read } for  pid=12798 comm="syz.2.3784" path="socket:[34662]" dev="sockfs" ino=34662 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  150.758140][   T29] audit: type=1326 audit(150.743:9932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12807 comm="syz.2.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  150.803589][   T29] audit: type=1326 audit(150.743:9933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12807 comm="syz.2.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  150.826887][   T29] audit: type=1326 audit(150.743:9934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12807 comm="syz.2.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  150.849911][   T29] audit: type=1326 audit(150.743:9935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12807 comm="syz.2.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  150.872851][   T29] audit: type=1326 audit(150.743:9936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12807 comm="syz.2.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  150.890457][T12811] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  150.895927][   T29] audit: type=1326 audit(150.743:9937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12807 comm="syz.2.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  150.926222][   T29] audit: type=1326 audit(150.743:9938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12807 comm="syz.2.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60c552e9a9 code=0x7ffc0000
[  150.968435][T12814] loop2: detected capacity change from 0 to 512
[  151.000832][T12814] EXT4-fs (loop2): orphan cleanup on readonly fs
[  151.001557][T12809] syzkaller1: entered promiscuous mode
[  151.012986][T12809] syzkaller1: entered allmulticast mode
[  151.016861][T12814] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.3791: bad orphan inode 13
[  151.034390][T12814] ext4_test_bit(bit=12, block=18) = 1
[  151.039830][T12814] is_bad_inode(inode)=0
[  151.044114][T12814] NEXT_ORPHAN(inode)=2130706432
[  151.049195][T12814] max_ino=32
[  151.052413][T12814] i_nlink=1
[  151.082742][T12821] bridge0: port 3(batadv1) entered blocking state
[  151.089397][T12821] bridge0: port 3(batadv1) entered disabled state
[  151.097081][T12821] batadv1: entered allmulticast mode
[  151.105635][T12821] batadv1: entered promiscuous mode
[  151.111819][T12825] loop7: detected capacity change from 0 to 512
[  151.119070][T12825] EXT4-fs: Ignoring removed nomblk_io_submit option
[  151.277706][T12842] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3799'.
[  151.289313][T12837] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3799'.
[  151.305779][T12847] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3805'.
[  151.335144][T12849] macvtap0: entered promiscuous mode
[  151.341183][T12849] macvtap0: left promiscuous mode
[  151.349163][T12844] loop8: detected capacity change from 0 to 8192
[  151.360356][T12851] sd 0:0:1:0: device reset
[  151.424034][T12857] loop2: detected capacity change from 0 to 1024
[  151.520138][T12867] loop7: detected capacity change from 0 to 256
[  151.548764][ T6580] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:16: bg 0: block 393: padding at end of block bitmap is not set
[  151.565395][ T6580] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2035 with error 117
[  151.578052][ T6580] EXT4-fs (loop2): This should not happen!! Data will be lost
[  151.578052][ T6580] 
[  151.583598][   T51] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  151.597218][   T51] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  151.602095][T12867] bio_check_eod: 14786 callbacks suppressed
[  151.602112][T12867] syz.7.3812: attempt to access beyond end of device
[  151.602112][T12867] loop7: rw=2049, sector=256, nr_sectors = 12 limit=256
[  151.667200][T12874] loop4: detected capacity change from 0 to 256
[  151.700417][T12874] FAT-fs (loop4): Directory bread(block 64) failed
[  151.712813][T12874] FAT-fs (loop4): Directory bread(block 65) failed
[  151.721959][T12874] FAT-fs (loop4): Directory bread(block 66) failed
[  151.728842][T12874] FAT-fs (loop4): Directory bread(block 67) failed
[  151.735835][T12874] FAT-fs (loop4): Directory bread(block 68) failed
[  151.742592][T12874] FAT-fs (loop4): Directory bread(block 69) failed
[  151.749854][T12874] FAT-fs (loop4): Directory bread(block 70) failed
[  151.756576][T12874] FAT-fs (loop4): Directory bread(block 71) failed
[  151.763377][T12874] FAT-fs (loop4): Directory bread(block 72) failed
[  151.797887][T12874] FAT-fs (loop4): Directory bread(block 73) failed
[  151.894553][T12886] syzkaller1: entered promiscuous mode
[  151.900082][T12886] syzkaller1: entered allmulticast mode
[  151.977432][T12890] pim6reg1: entered promiscuous mode
[  151.982850][T12890] pim6reg1: entered allmulticast mode
[  152.080888][T12894] loop4: detected capacity change from 0 to 512
[  152.091266][T12894] EXT4-fs (loop4): orphan cleanup on readonly fs
[  152.098400][T12894] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.3824: bad orphan inode 13
[  152.110136][T12894] ext4_test_bit(bit=12, block=18) = 1
[  152.115660][T12894] is_bad_inode(inode)=0
[  152.119885][T12894] NEXT_ORPHAN(inode)=2130706432
[  152.124787][T12894] max_ino=32
[  152.128005][T12894] i_nlink=1
[  152.199689][T12899] loop2: detected capacity change from 0 to 512
[  152.206460][T12899] EXT4-fs: Ignoring removed nomblk_io_submit option
[  152.218353][T12901] sd 0:0:1:0: device reset
[  152.231874][T12905] loop8: detected capacity change from 0 to 1024
[  152.239400][T12905] EXT4-fs: Ignoring removed nomblk_io_submit option
[  152.402049][T12926] loop1: detected capacity change from 0 to 2048
[  152.431110][T12926] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  152.456810][T12926] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[  152.469369][T12926] EXT4-fs (loop1): This should not happen!! Data will be lost
[  152.469369][T12926] 
[  152.479055][T12926] EXT4-fs (loop1): Total free blocks count 0
[  152.485107][T12926] EXT4-fs (loop1): Free/Dirty block details
[  152.491024][T12926] EXT4-fs (loop1): free_blocks=2415919104
[  152.496808][T12926] EXT4-fs (loop1): dirty_blocks=16
[  152.501943][T12926] EXT4-fs (loop1): Block reservation details
[  152.507992][T12926] EXT4-fs (loop1): i_reserved_data_blocks=1
[  152.542383][T12940] loop1: detected capacity change from 0 to 1024
[  152.549496][T12940] EXT4-fs: Ignoring removed oldalloc option
[  152.555489][T12940] EXT4-fs: Ignoring removed bh option
[  152.616618][T12954] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3844'.
[  152.625763][T12954] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3844'.
[  152.764802][T12940] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.3841: Allocating blocks 1-17 which overlap fs metadata
[  152.779619][T12955] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.3841: Allocating blocks 1-17 which overlap fs metadata
[  152.860905][T12977] loop8: detected capacity change from 0 to 1024
[  152.869764][T12977] EXT4-fs: Ignoring removed bh option
[  152.877155][T12977] EXT4-fs: inline encryption not supported
[  152.878679][T12979] loop7: detected capacity change from 0 to 1024
[  152.883664][T12977] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  152.892003][T12979] EXT4-fs: Ignoring removed orlov option
[  152.904284][T12977] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  152.906115][T12979] EXT4-fs (loop7): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  152.928971][T12982] loop1: detected capacity change from 0 to 256
[  152.933571][T12977] EXT4-fs error (device loop8): ext4_map_blocks:780: inode #3: block 2: comm syz.8.3853: lblock 2 mapped to illegal pblock 2 (length 1)
[  152.949914][T12977] EXT4-fs error (device loop8): ext4_map_blocks:780: inode #3: block 48: comm syz.8.3853: lblock 0 mapped to illegal pblock 48 (length 1)
[  152.957167][T12979] EXT4-fs error (device loop7): ext4_check_all_de:659: inode #12: block 7: comm syz.7.3854: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  152.984266][T12977] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.3853: Failed to acquire dquot type 0
[  153.004083][T12977] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  153.007199][T12982] FAT-fs (loop1): Directory bread(block 64) failed
[  153.016941][T12977] EXT4-fs error (device loop8): ext4_evict_inode:254: inode #11: comm syz.8.3853: mark_inode_dirty error
[  153.026155][T12982] FAT-fs (loop1): Directory bread(block 65) failed
[  153.031474][T12977] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  153.039294][T12982] FAT-fs (loop1): Directory bread(block 66) failed
[  153.048122][T12977] EXT4-fs (loop8): 1 orphan inode deleted
[  153.060851][T12982] FAT-fs (loop1): Directory bread(block 67) failed
[  153.067577][   T31] EXT4-fs error (device loop8): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  153.083306][T12982] FAT-fs (loop1): Directory bread(block 68) failed
[  153.090512][T12982] FAT-fs (loop1): Directory bread(block 69) failed
[  153.098499][T12982] FAT-fs (loop1): Directory bread(block 70) failed
[  153.105779][T12982] FAT-fs (loop1): Directory bread(block 71) failed
[  153.112540][T12982] FAT-fs (loop1): Directory bread(block 72) failed
[  153.113852][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 0
[  153.119318][T12982] FAT-fs (loop1): Directory bread(block 73) failed
[  153.148183][T12977] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  153.225853][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x4
[  153.233616][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x2
[  153.258147][T13000] netlink: 'syz.1.3863': attribute type 1 has an invalid length.
[  153.267498][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.275364][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.283062][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.290972][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.298873][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.306578][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.314273][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.322025][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.329756][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.337510][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.345229][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.352895][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.360609][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.368308][ T6083] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0
[  153.376638][ T6083] hid-generic 0000:3000000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  153.428144][T13010] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3867'.
[  153.482768][T13015] pim6reg1: entered promiscuous mode
[  153.488185][T13015] pim6reg1: entered allmulticast mode
[  153.557589][T13023] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  153.651699][T13035] netlink: 'syz.8.3878': attribute type 1 has an invalid length.
[  153.656235][T13037] netlink: 'syz.4.3879': attribute type 6 has an invalid length.
[  153.667302][T13037] netlink: 'syz.4.3879': attribute type 7 has an invalid length.
[  153.675096][T13037] netlink: 12846 bytes leftover after parsing attributes in process `syz.4.3879'.
[  153.725616][T13041] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  153.772951][T13048] smc: net device bond0 applied user defined pnetid SYZ0
[  153.780341][T13048] smc: net device bond0 erased user defined pnetid SYZ0
[  153.868610][T13060] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3890'.
[  153.877687][T13060] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3890'.
[  153.978609][T13065] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3892'.
[  154.106473][T13067] syzkaller0: entered promiscuous mode
[  154.111974][T13067] syzkaller0: entered allmulticast mode
[  154.409537][T13077] netlink: 'syz.1.3898': attribute type 1 has an invalid length.
[  154.571700][T13080] smc: net device bond0 applied user defined pnetid SYZ2
[  154.692569][T13093] loop2: detected capacity change from 0 to 1024
[  154.701652][T13093] EXT4-fs: Ignoring removed orlov option
[  154.707779][T13093] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  154.720055][   T29] kauditd_printk_skb: 123 callbacks suppressed
[  154.720069][   T29] audit: type=1400 audit(154.703:10059): avc:  denied  { read } for  pid=13099 comm="syz.8.3906" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  154.750191][   T29] audit: type=1400 audit(154.703:10060): avc:  denied  { open } for  pid=13099 comm="syz.8.3906" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  154.780503][T13098] loop7: detected capacity change from 0 to 512
[  154.788085][T13093] EXT4-fs error (device loop2): ext4_check_all_de:659: inode #12: block 7: comm syz.2.3903: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  154.828629][T13098] EXT4-fs (loop7): orphan cleanup on readonly fs
[  154.847317][T13098] Quota error (device loop7): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  154.857835][T13098] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0
[  154.867593][T13098] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.3905: Failed to acquire dquot type 1
[  154.893583][T13098] EXT4-fs (loop7): 1 truncate cleaned up
[  154.923049][T13119] random: crng reseeded on system resumption
[  154.927232][T13098] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended
[  154.944309][T13098] EXT4-fs warning (device loop7): read_mmp_block:115: Error -117 while reading MMP block 8
[  154.947171][T13114] SELinux: failed to load policy
[  154.979590][   T29] audit: type=1326 audit(154.963:10061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13117 comm="syz.8.3913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5416dce9a9 code=0x7ffc0000
[  155.002748][   T29] audit: type=1326 audit(154.963:10062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13117 comm="syz.8.3913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f5416dce9a9 code=0x7ffc0000
[  155.013886][T13120] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  155.025743][   T29] audit: type=1326 audit(154.963:10063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13117 comm="syz.8.3913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5416dce9a9 code=0x7ffc0000
[  155.056064][   T29] audit: type=1326 audit(154.963:10064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13117 comm="syz.8.3913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f5416dce9a9 code=0x7ffc0000
[  155.079689][   T29] audit: type=1326 audit(154.963:10065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13117 comm="syz.8.3913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5416dce9a9 code=0x7ffc0000
[  155.104015][   T29] audit: type=1326 audit(154.963:10066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13117 comm="syz.8.3913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f5416dce9a9 code=0x7ffc0000
[  155.134490][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x4
[  155.142198][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x2
[  155.178320][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.186185][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.193891][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.201682][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.209539][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.217348][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.225056][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.232739][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.240506][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.248184][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.255886][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.263596][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.271344][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.279040][ T6083] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0
[  155.281229][T13130] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  155.287903][ T6083] hid-generic 0000:3000000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  155.332532][T13136] xt_CT: You must specify a L4 protocol and not use inversions on it
[  155.387767][T13141] hub 9-0:1.0: USB hub found
[  155.392478][T13141] hub 9-0:1.0: 8 ports detected
[  155.576675][T13156] netlink: 'syz.1.3927': attribute type 1 has an invalid length.
[  155.665773][T13158] netlink: 'syz.1.3927': attribute type 9 has an invalid length.
[  155.697671][T13160] loop2: detected capacity change from 0 to 1024
[  155.705342][T13160] EXT4-fs: Ignoring removed nobh option
[  155.711153][T13160] EXT4-fs: Ignoring removed nomblk_io_submit option
[  155.823825][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x4
[  155.825812][T13167] SELinux: failed to load policy
[  155.831542][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x2
[  155.862191][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.869975][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.877691][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.885407][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.893144][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.900835][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.908581][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.916329][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.924109][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.931818][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.939493][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.947201][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.954932][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.962665][ T6085] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0
[  155.975654][ T6085] hid-generic 0000:3000000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  156.038408][T13184] loop4: detected capacity change from 0 to 512
[  156.059329][T13187] loop1: detected capacity change from 0 to 512
[  156.068275][T13187] EXT4-fs: Ignoring removed nobh option
[  156.070992][T13184] EXT4-fs (loop4): orphan cleanup on readonly fs
[  156.082631][T13184] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.3936: Failed to acquire dquot type 1
[  156.096949][T13184] EXT4-fs (loop4): 1 truncate cleaned up
[  156.107358][T13184] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  156.118069][T13187] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.3938: corrupted inode contents
[  156.130028][T13184] EXT4-fs warning (device loop4): read_mmp_block:115: Error -117 while reading MMP block 8
[  156.131495][T13187] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #3: comm syz.1.3938: mark_inode_dirty error
[  156.162599][T13197] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  156.172042][T13187] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.3938: corrupted inode contents
[  156.187112][T13187] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.3938: mark_inode_dirty error
[  156.199976][T13187] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3938: Failed to acquire dquot type 0
[  156.220400][T13187] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.3938: corrupted inode contents
[  156.232841][T13187] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #16: comm syz.1.3938: mark_inode_dirty error
[  156.253829][T13187] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.3938: corrupted inode contents
[  156.266270][T13187] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.3938: mark_inode_dirty error
[  156.277931][T13187] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.3938: corrupted inode contents
[  156.291812][T13187] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  156.300642][T13187] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.3938: corrupted inode contents
[  156.306140][T13207] syzkaller1: entered promiscuous mode
[  156.318219][T13207] syzkaller1: entered allmulticast mode
[  156.325256][T13187] EXT4-fs error (device loop1): ext4_truncate:4597: inode #16: comm syz.1.3938: mark_inode_dirty error
[  156.336798][T13187] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  156.349610][T13187] EXT4-fs (loop1): 1 truncate cleaned up
[  156.406543][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x4
[  156.414293][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x2
[  156.433858][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.441607][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.449357][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.457149][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.464865][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.466397][ T6083] hid-generic 0003:0004:0000.000F: unknown main item tag 0x0
[  156.472525][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.479974][ T6083] hid-generic 0003:0004:0000.000F: unknown main item tag 0x0
[  156.480001][ T6083] hid-generic 0003:0004:0000.000F: unknown main item tag 0x0
[  156.488942][ T6083] hid-generic 0003:0004:0000.000F: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  156.495794][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.519737][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.527721][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.535491][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.543384][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.551187][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.558978][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.566707][ T2960] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x0
[  156.591841][ T2960] hid-generic 0000:3000000:0000.000E: hidraw1: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  156.652106][T13230] loop8: detected capacity change from 0 to 512
[  156.658848][T13230] EXT4-fs: Ignoring removed nobh option
[  156.675005][T13230] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #3: comm syz.8.3964: corrupted inode contents
[  156.687645][T13230] EXT4-fs error (device loop8): ext4_dirty_inode:6459: inode #3: comm syz.8.3964: mark_inode_dirty error
[  156.696498][T13236] loop4: detected capacity change from 0 to 128
[  156.699405][T13230] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #3: comm syz.8.3964: corrupted inode contents
[  156.726059][T13230] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #3: comm syz.8.3964: mark_inode_dirty error
[  156.737941][T13230] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.3964: Failed to acquire dquot type 0
[  156.751585][T13230] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.3964: corrupted inode contents
[  156.764155][T13239] __nla_validate_parse: 1 callbacks suppressed
[  156.764168][T13239] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3959'.
[  156.767464][T13230] EXT4-fs error (device loop8): ext4_dirty_inode:6459: inode #16: comm syz.8.3964: mark_inode_dirty error
[  156.792365][T13230] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.3964: corrupted inode contents
[  156.792639][T13239] sch_tbf: burst 88 is lower than device veth5 mtu (1514) !
[  156.817210][T13230] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #16: comm syz.8.3964: mark_inode_dirty error
[  156.828770][T13230] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.3964: corrupted inode contents
[  156.841944][T13244] loop9: detected capacity change from 0 to 7
[  156.842649][T13230] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem
[  156.848658][T13244] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.859407][T13230] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.3964: corrupted inode contents
[  156.865056][T13244] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.880635][T13230] EXT4-fs error (device loop8): ext4_truncate:4597: inode #16: comm syz.8.3964: mark_inode_dirty error
[  156.884326][T13244]  loop9: unable to read partition table
[  156.898044][T13230] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem
[  156.904205][T13244] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  156.904205][T13244] 
) failed (rc=-5)
[  156.911234][T13230] EXT4-fs (loop8): 1 truncate cleaned up
[  157.000700][T13252] loop7: detected capacity change from 0 to 7
[  157.007187][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  157.016362][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.024606][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  157.033804][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.041802][T13252]  loop7: unable to read partition table
[  157.047686][T13252] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  157.071464][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  157.080680][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.086009][T13258] loop1: detected capacity change from 0 to 512
[  157.093526][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  157.104153][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.113354][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  157.121516][T13260] loop4: detected capacity change from 0 to 512
[  157.122534][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.139544][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  157.148747][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.158419][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  157.167623][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.176844][T13258] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.3967: casefold flag without casefold feature
[  157.189915][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  157.199118][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.207639][T13258] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.3967: couldn't read orphan inode 15 (err -117)
[  157.277329][T13273] loop1: detected capacity change from 0 to 1024
[  157.498489][T13289] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  157.605910][T13305] wg2: left promiscuous mode
[  157.610581][T13305] wg2: left allmulticast mode
[  157.619758][T13305] wg2: entered promiscuous mode
[  157.624855][T13305] wg2: entered allmulticast mode
[  157.831194][T13320] veth1_macvtap: left promiscuous mode
[  157.836765][T13320] macsec0: entered allmulticast mode
[  157.894307][T13322] syzkaller1: entered promiscuous mode
[  157.899841][T13322] syzkaller1: entered allmulticast mode
[  157.928309][T13324] loop7: detected capacity change from 0 to 128
[  157.959643][T13329] loop8: detected capacity change from 0 to 512
[  157.968444][T13329] EXT4-fs error (device loop8): ext4_orphan_get:1393: inode #15: comm syz.8.3997: casefold flag without casefold feature
[  157.982943][T13329] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.3997: couldn't read orphan inode 15 (err -117)
[  158.123366][T13342] loop8: detected capacity change from 0 to 512
[  158.177254][T13350] loop2: detected capacity change from 0 to 2048
[  158.202285][T13349] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  158.301014][T13369] netlink: 'syz.1.4011': attribute type 1 has an invalid length.
[  158.301761][T13370] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4012'.
[  158.402349][T13380] loop8: detected capacity change from 0 to 512
[  158.412711][T13381] loop2: detected capacity change from 0 to 1024
[  158.422306][T13380] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  158.520436][T13389] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  158.583773][T13392] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  158.600381][T13395] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4021'.
[  158.658595][T13401] veth1_macvtap: left promiscuous mode
[  158.664337][T13401] macsec0: entered allmulticast mode
[  158.859372][T13412] syzkaller1: entered promiscuous mode
[  158.865015][T13412] syzkaller1: entered allmulticast mode
[  158.912506][T13417] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  158.921161][T13417] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  158.978036][T13425] loop7: detected capacity change from 0 to 512
[  159.130088][T13443] syzkaller1: entered promiscuous mode
[  159.135729][T13443] syzkaller1: entered allmulticast mode
[  159.160148][T13446] loop4: detected capacity change from 0 to 2048
[  159.166995][T13446] EXT4-fs: Ignoring removed nobh option
[  159.227416][T13457] netlink: 'syz.7.4048': attribute type 1 has an invalid length.
[  159.250057][T13461] loop4: detected capacity change from 0 to 764
[  159.292290][T13461] Symlink component flag not implemented
[  159.297993][T13461] Symlink component flag not implemented
[  159.305701][T13461] Symlink component flag not implemented (129)
[  159.311906][T13461] Symlink component flag not implemented (6)
[  159.318655][T13461] rock: directory entry would overflow storage
[  159.324969][T13461] rock: sig=0x4f50, size=4, remaining=3
[  159.330628][T13461] iso9660: Corrupted directory entry in block 6 of inode 1792
[  159.358653][T13465] macvlan5: entered promiscuous mode
[  159.375127][T13465] 8021q: adding VLAN 0 to HW filter on device macvlan5
[  159.548647][T13478] netlink: 'syz.7.4066': attribute type 1 has an invalid length.
[  159.571448][T13480] loop1: detected capacity change from 0 to 1024
[  159.606266][T13480] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (12806!=20869)
[  159.618754][T13485] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4059'.
[  159.618988][T13480] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002]
[  159.638390][T13480] System zones: 0-1, 3-36
[  159.643267][T13480] EXT4-fs (loop1): orphan cleanup on readonly fs
[  159.652012][T13480] EXT4-fs (loop1): 1 orphan inode deleted
[  159.661442][T13478] macvlan6: entered promiscuous mode
[  159.673546][T13478] 8021q: adding VLAN 0 to HW filter on device macvlan6
[  159.701203][T13485] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  159.825987][   T29] kauditd_printk_skb: 460 callbacks suppressed
[  159.826001][   T29] audit: type=1404 audit(159.813:10521): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  159.847368][   T29] audit: type=1400 audit(159.813:10522): avc:  denied  { open } for  pid=13493 comm="syz.4.4061" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  159.866234][   T29] audit: type=1400 audit(159.813:10523): avc:  denied  { prog_load } for  pid=13494 comm="syz.1.4060" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  159.884920][   T29] audit: type=1400 audit(159.813:10524): avc:  denied  { create } for  pid=13494 comm="syz.1.4060" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  159.904219][   T29] audit: type=1400 audit(159.813:10525): avc:  denied  { create } for  pid=13494 comm="syz.1.4060" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  159.929570][   T29] audit: type=1400 audit(159.833:10526): avc:  denied  { read write } for  pid=3305 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  159.953762][   T29] audit: type=1400 audit(159.853:10527): avc:  denied  { prog_load } for  pid=13497 comm="syz.1.4063" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  159.972439][   T29] audit: type=1400 audit(159.853:10528): avc:  denied  { read write } for  pid=13497 comm="syz.1.4063" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=0
[  159.995850][   T29] audit: type=1400 audit(159.853:10529): avc:  denied  { read write } for  pid=3305 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  160.019581][   T29] audit: type=1400 audit(159.873:10530): avc:  denied  { read write } for  pid=13499 comm="syz.1.4064" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  160.129838][T13508] loop1: detected capacity change from 0 to 164
[  160.147592][T13508] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  160.161646][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881221a0600: rx timeout, send abort
[  160.169969][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881221a0200: rx timeout, send abort
[  160.178305][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8881221a0600: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  160.192657][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8881221a0200: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  160.245015][T13513] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4069'.
[  160.318506][T13521] loop7: detected capacity change from 0 to 1024
[  160.341764][T13521] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (12806!=20869)
[  160.359302][T13521] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002]
[  160.367826][T13521] System zones: 0-1, 3-36
[  160.372387][T13521] EXT4-fs (loop7): orphan cleanup on readonly fs
[  160.380697][T13521] EXT4-fs (loop7): 1 orphan inode deleted
[  160.393911][T13521] EXT4-fs mount: 104 callbacks suppressed
[  160.393977][T13521] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  160.438899][T13530] syzkaller0: entered promiscuous mode
[  160.444487][T13530] syzkaller0: entered allmulticast mode
[  160.472022][ T9236] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.546882][T13548] loop8: detected capacity change from 0 to 164
[  160.558147][T13548] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  160.568722][T13548] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  160.577197][T13548] Symlink component flag not implemented
[  160.583122][T13548] Symlink component flag not implemented
[  160.590991][T13548] Symlink component flag not implemented (7)
[  160.597133][T13548] Symlink component flag not implemented (116)
[  160.616317][   T51] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  160.663369][T13559] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4095'.
[  160.680600][T13561] loop7: detected capacity change from 0 to 2048
[  160.696880][T13561] EXT4-fs: Ignoring removed nobh option
[  160.706140][   T51] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  160.727509][T13561] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.750175][T13564] futex_wake_op: syz.8.4097 tries to shift op by -1; fix this program
[  160.770669][   T51] bond0: (slave netdevsim1): Releasing backup interface
[  160.780663][ T9236] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.801347][   T51] netdevsim netdevsim2 netdevsim1 (unregistering): left promiscuous mode
[  160.828283][   T51] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  160.844068][T13579] @: renamed from vlan0 (while UP)
[  160.864939][   T51] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  160.903616][T13589] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4104'.
[  160.937087][T13589] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  160.985866][   T51] dummy0: left allmulticast mode
[  160.990976][   T51] bridge0: port 3(dummy0) entered disabled state
[  160.998044][   T51] bridge_slave_1: left allmulticast mode
[  161.003998][   T51] bridge_slave_1: left promiscuous mode
[  161.009914][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.017917][   T51] bridge_slave_0: left allmulticast mode
[  161.023651][   T51] bridge_slave_0: left promiscuous mode
[  161.029369][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.067155][   T51] erspan0 (unregistering): left promiscuous mode
[  161.079275][   T51] gretap0 (unregistering): left promiscuous mode
[  161.111738][T13608] SELinux: ebitmap: truncated map
[  161.119653][T13608] SELinux: failed to load policy
[  161.128640][T13611] loop2: detected capacity change from 0 to 7
[  161.135136][T13611]  loop2: p1
[  161.138506][T13611] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  161.148921][   T51] bond0 (unregistering): left promiscuous mode
[  161.151103][T13613] vhci_hcd: invalid port number 96
[  161.155172][   T51] bond_slave_0: left promiscuous mode
[  161.160285][T13613] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  161.166352][   T51] bond_slave_1: left promiscuous mode
[  161.226172][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  161.238062][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  161.252859][   T51] bond0 (unregistering): Released all slaves
[  161.279314][T13624] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4114'.
[  161.309422][   T51] tipc: Disabling bearer <udp:ree>
[  161.314674][   T51] tipc: Left network mode
[  161.354527][   T51] hsr_slave_0: left promiscuous mode
[  161.360209][   T51] hsr_slave_1: left promiscuous mode
[  161.365963][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.373508][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  161.418271][   T51] team0 (unregistering): Port device team_slave_1 removed
[  161.441044][   T51] team0 (unregistering): Port device team_slave_0 removed
[  161.469308][T13639] ALSA: seq fatal error: cannot create timer (-16)
[  161.498379][T13641] loop8: detected capacity change from 0 to 512
[  161.507192][T13641] EXT4-fs: Ignoring removed nomblk_io_submit option
[  161.515114][T13643] netlink: 2048 bytes leftover after parsing attributes in process `syz.1.4121'.
[  161.515162][T13641] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  161.524326][T13643] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4121'.
[  161.544886][T13641] EXT4-fs (loop8): 1 truncate cleaned up
[  161.551241][T13641] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.556118][T13569] chnl_net:caif_netlink_parms(): no params data found
[  161.603247][T10109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.649243][T13657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  161.657915][T13657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  161.666635][T13569] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.673907][T13569] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.681053][T13569] bridge_slave_0: entered allmulticast mode
[  161.687777][T13569] bridge_slave_0: entered promiscuous mode
[  161.695078][T13569] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.702197][T13569] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.709493][T13569] bridge_slave_1: entered allmulticast mode
[  161.715996][T13569] bridge_slave_1: entered promiscuous mode
[  161.736458][T13569] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  161.747078][T13569] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  161.768480][T13569] team0: Port device team_slave_0 added
[  161.777591][T13569] team0: Port device team_slave_1 added
[  161.788980][T13659] SELinux: failed to load policy
[  161.795769][T13569] batman_adv: batadv0: Adding interface: batadv_slave_0
[  161.802814][T13569] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.828838][T13569] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  161.840550][T13569] batman_adv: batadv0: Adding interface: batadv_slave_1
[  161.847606][T13569] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.873669][T13569] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  161.888288][   T51] IPVS: stop unused estimator thread 0...
[  161.915467][T13663] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  161.926969][T13569] hsr_slave_0: entered promiscuous mode
[  161.933212][T13569] hsr_slave_1: entered promiscuous mode
[  161.940656][T13569] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  161.949099][T13569] Cannot create hsr debugfs directory
[  161.992533][T13670] loop2: detected capacity change from 0 to 7
[  162.000071][T13670]  loop2: p1
[  162.003338][T13670] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  162.030505][T13672] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4134'.
[  162.043394][T13569] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  162.052511][T13569] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  162.061485][T13569] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  162.070583][T13569] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  162.086384][T13569] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.093566][T13569] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.100965][T13569] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.108040][T13569] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.136764][T13569] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.149481][ T6585] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.157231][ T6585] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.169342][T13569] 8021q: adding VLAN 0 to HW filter on device team0
[  162.179457][ T6585] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.186588][ T6585] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.199434][ T6585] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.206556][ T6585] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.232853][T13569] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  162.243464][T13569] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  162.312646][T13569] 8021q: adding VLAN 0 to HW filter on device batadv0
[  162.360388][T13694] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4138'.
[  162.458295][T13569] veth0_vlan: entered promiscuous mode
[  162.464388][T13715] hub 9-0:1.0: USB hub found
[  162.471220][T13569] veth1_vlan: entered promiscuous mode
[  162.473752][T13715] hub 9-0:1.0: 8 ports detected
[  162.497556][T13569] veth0_macvtap: entered promiscuous mode
[  162.510072][T13569] veth1_macvtap: entered promiscuous mode
[  162.521846][T13569] batman_adv: batadv0: Interface activated: batadv_slave_0
[  162.531030][T13569] batman_adv: batadv0: Interface activated: batadv_slave_1
[  162.546056][T13569] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  162.554973][T13569] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  162.564190][T13569] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  162.573170][T13569] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  162.584179][T13720] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4144'.
[  162.652999][T13722] loop1: detected capacity change from 0 to 1024
[  162.693865][T13722] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.748168][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.877405][T13750] loop1: detected capacity change from 0 to 128
[  162.884535][T13750] EXT4-fs: Ignoring removed nobh option
[  162.891843][T13750] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  162.920466][ T3305] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  163.131014][T13763] infiniband syz2: set down
[  163.135739][T13763] infiniband syz2: added syzkaller0
[  163.149458][T13763] RDS/IB: syz2: added
[  163.154511][T13763] smc: adding ib device syz2 with port count 1
[  163.160845][T13763] smc:    ib device syz2 port 1 has pnetid SYZ2 (user defined)
[  163.417112][ T6580] smc: removing ib device syz2
[  163.613770][T13781] loop9: detected capacity change from 0 to 512
[  163.667488][T13781] EXT4-fs error (device loop9): ext4_get_branch:178: inode #11: block 4294967295: comm syz.9.4166: invalid block
[  163.725494][T13781] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #11: comm syz.9.4166: invalid indirect mapped block 4294967295 (level 1)
[  163.794949][T13781] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #11: comm syz.9.4166: invalid indirect mapped block 4294967295 (level 1)
[  163.851351][T13781] EXT4-fs (loop9): 2 truncates cleaned up
[  163.866746][T13781] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.909175][T13569] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.103814][T13796] loop9: detected capacity change from 0 to 1024
[  164.110723][T13796] EXT4-fs: Ignoring removed orlov option
[  164.137194][T13796] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  164.169870][T13796] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  164.205643][T13796] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e01c, mo2=0000]
[  164.223620][T13796] System zones: 0-1, 3-12
[  164.266669][T13796] EXT4-fs error (device loop9): ext4_map_blocks:816: inode #3: block 1: comm syz.9.4173: lblock 1 mapped to illegal pblock 1 (length 1)
[  164.305184][T13808] loop8: detected capacity change from 0 to 512
[  164.314136][T13796] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.4173: Failed to acquire dquot type 0
[  164.346000][T13808] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  164.361106][T13796] EXT4-fs error (device loop9): ext4_free_blocks:6587: comm syz.9.4173: Freeing blocks not in datazone - block = 0, count = 4096
[  164.388792][T13808] EXT4-fs (loop8): 1 truncate cleaned up
[  164.396172][T13808] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.398091][T13810] ALSA: seq fatal error: cannot create timer (-16)
[  164.414153][T13796] EXT4-fs error (device loop9): ext4_read_inode_bitmap:139: comm syz.9.4173: Invalid inode bitmap blk 0 in block_group 0
[  164.434024][ T6638] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:64: lblock 1 mapped to illegal pblock 1 (length 1)
[  164.469487][T13796] EXT4-fs error (device loop9) in ext4_free_inode:361: Corrupt filesystem
[  164.488099][ T6638] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:64: Failed to release dquot type 0
[  164.509259][T13806] loop1: detected capacity change from 0 to 8192
[  164.529491][T13796] EXT4-fs (loop9): 1 orphan inode deleted
[  164.547527][T13796] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.570735][T10109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.616945][T13569] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.666322][T13817] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  164.850102][T13821] loop9: detected capacity change from 0 to 8192
[  164.928983][   T29] kauditd_printk_skb: 327 callbacks suppressed
[  164.928998][   T29] audit: type=1400 audit(164.913:10855): avc:  denied  { unmount } for  pid=13569 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  164.980112][   T29] audit: type=1400 audit(164.963:10856): avc:  denied  { connect } for  pid=13823 comm="syz.4.4185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  165.161011][   T29] audit: type=1326 audit(165.143:10857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  165.184201][   T29] audit: type=1326 audit(165.143:10858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  165.207267][   T29] audit: type=1326 audit(165.143:10859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  165.230297][   T29] audit: type=1326 audit(165.143:10860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  165.253304][   T29] audit: type=1326 audit(165.143:10861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  165.276462][   T29] audit: type=1326 audit(165.143:10862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  165.299670][   T29] audit: type=1326 audit(165.143:10863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  165.322839][   T29] audit: type=1326 audit(165.143:10864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51b62e9a9 code=0x7ffc0000
[  165.478970][T13834] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  165.503567][T13803] syz.7.4176 (13803) used greatest stack depth: 6952 bytes left
[  165.592911][T13836] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4190'.
[  165.718957][T13859] loop1: detected capacity change from 0 to 512
[  165.744604][T13859] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4200: bg 0: block 288: padding at end of block bitmap is not set
[  165.785069][T13859] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  165.796756][T13865] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4202'.
[  165.833703][T13859] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.4200: attempt to clear invalid blocks 1024 len 1
[  165.894019][T13859] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4200: invalid indirect mapped block 1819239214 (level 0)
[  165.936172][T13859] EXT4-fs (loop1): 1 truncate cleaned up
[  165.942698][T13872] hub 9-0:1.0: USB hub found
[  165.952545][T13859] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.953582][T13872] hub 9-0:1.0: 8 ports detected
[  166.025964][T13880] program syz.8.4208 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  166.065664][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.136422][T13891] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4210'.
[  166.473639][T13901] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4215'.
[  166.483480][    C0] vcan0: j1939_xtp_rx_dat: no tx connection found
[  166.490053][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.497913][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  166.505750][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.513608][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  166.521427][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.529296][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  166.537413][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.545276][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  166.553199][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.561088][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  166.569042][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.576913][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  166.584776][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.592645][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  166.600508][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.608392][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  166.616227][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.624171][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  166.631991][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.639869][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  166.647748][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.655608][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  166.663475][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  166.856077][T13905] loop7: detected capacity change from 0 to 8192
[  166.937281][T13909] loop7: detected capacity change from 0 to 512
[  166.945931][T13909] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  166.957275][T13909] EXT4-fs (loop7): 1 truncate cleaned up
[  166.963925][T13909] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.995456][ T9236] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.033117][T13916] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  167.312296][T13955] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4243'.
[  167.331083][T13962] loop1: detected capacity change from 0 to 128
[  167.418857][T13963] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  167.432302][T13968] ������: renamed from vlan0
[  167.451653][T13972] loop9: detected capacity change from 0 to 512
[  167.462517][T13972] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.4248: bg 0: block 288: padding at end of block bitmap is not set
[  167.485938][T13972] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  167.496000][T13976] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4249'.
[  167.505558][T13972] EXT4-fs error (device loop9): ext4_clear_blocks:876: inode #13: comm syz.9.4248: attempt to clear invalid blocks 1024 len 1
[  167.520815][T13972] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.4248: invalid indirect mapped block 1819239214 (level 0)
[  167.538168][T13972] EXT4-fs (loop9): 1 truncate cleaned up
[  167.545145][T13972] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.571206][T13569] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.625351][T13987] netlink: 14 bytes leftover after parsing attributes in process `syz.9.4254'.
[  167.647646][T13990] loop4: detected capacity change from 0 to 1024
[  167.654581][T13990] EXT4-fs: Ignoring removed nobh option
[  167.660309][T13990] EXT4-fs: Ignoring removed bh option
[  167.676101][T13990] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.705881][T13990] EXT4-fs (loop4): shut down requested (0)
[  167.719977][T13996] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4259'.
[  167.751315][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.832578][T14012] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4266'.
[  167.858427][T14014] batadv_slave_1: entered promiscuous mode
[  167.865171][T14014] batadv_slave_1: left promiscuous mode
[  168.064704][T14021] netlink: 14 bytes leftover after parsing attributes in process `syz.7.4269'.
[  168.084204][T14023] netlink: 'syz.9.4271': attribute type 1 has an invalid length.
[  168.252980][T14045] loop8: detected capacity change from 0 to 512
[  168.266169][T14045] EXT4-fs: Ignoring removed nobh option
[  168.289938][T14044] loop7: detected capacity change from 0 to 8192
[  168.301080][T14045] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #3: comm syz.8.4276: corrupted inode contents
[  168.321307][T14045] EXT4-fs error (device loop8): ext4_dirty_inode:6459: inode #3: comm syz.8.4276: mark_inode_dirty error
[  168.340812][T14045] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #3: comm syz.8.4276: corrupted inode contents
[  168.353299][T14045] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #3: comm syz.8.4276: mark_inode_dirty error
[  168.406964][T14045] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.4276: Failed to acquire dquot type 0
[  168.456675][T14045] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.4276: corrupted inode contents
[  168.505710][T14045] EXT4-fs error (device loop8): ext4_dirty_inode:6459: inode #16: comm syz.8.4276: mark_inode_dirty error
[  168.526968][T14045] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.4276: corrupted inode contents
[  168.542563][T14045] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #16: comm syz.8.4276: mark_inode_dirty error
[  168.561674][T14045] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.4276: corrupted inode contents
[  168.581321][T14045] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem
[  168.591965][T14045] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.4276: corrupted inode contents
[  168.605958][T14045] EXT4-fs error (device loop8): ext4_truncate:4597: inode #16: comm syz.8.4276: mark_inode_dirty error
[  168.642571][T14045] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem
[  168.659204][T14045] EXT4-fs (loop8): 1 truncate cleaned up
[  168.666742][T14045] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.691641][T14052] loop4: detected capacity change from 0 to 512
[  168.740812][T14052] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4281: bg 0: block 288: padding at end of block bitmap is not set
[  168.809192][T14052] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  168.852791][T14052] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.4281: attempt to clear invalid blocks 1024 len 1
[  168.866787][T14052] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.4281: invalid indirect mapped block 1819239214 (level 0)
[  168.883161][T14052] EXT4-fs (loop4): 1 truncate cleaned up
[  168.889978][T14052] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.928388][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.952835][ T3306] ==================================================================
[  168.960963][ T3306] BUG: KCSAN: data-race in find_get_block_common / has_bh_in_lru
[  168.968732][ T3306] 
[  168.971077][ T3306] read-write to 0xffff888237d26f18 of 8 bytes by task 14048 on cpu 1:
[  168.979262][ T3306]  find_get_block_common+0x50e/0x960
[  168.984613][ T3306]  bdev_getblk+0x83/0x3d0
[  168.988984][ T3306]  fat_mirror_bhs+0x149/0x320
[  168.993688][ T3306]  fat_alloc_clusters+0x98b/0xa80
[  168.998749][ T3306]  fat_get_block+0x258/0x5e0
[  169.003372][ T3306]  __block_write_begin_int+0x3fd/0xf90
[  169.008865][ T3306]  cont_write_begin+0x5fc/0x970
[  169.013757][ T3306]  fat_write_begin+0x4f/0xe0
[  169.018386][ T3306]  generic_perform_write+0x181/0x490
[  169.023688][ T3306]  __generic_file_write_iter+0x9e/0x120
[  169.029264][ T3306]  generic_file_write_iter+0x8d/0x2f0
[  169.034651][ T3306]  vfs_write+0x49d/0x8e0
[  169.038942][ T3306]  __x64_sys_pwrite64+0xfd/0x150
[  169.043914][ T3306]  x64_sys_call+0xe45/0x2fb0
[  169.048535][ T3306]  do_syscall_64+0xd2/0x200
[  169.053054][ T3306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.058964][ T3306] 
[  169.061308][ T3306] read to 0xffff888237d26f18 of 8 bytes by task 3306 on cpu 0:
[  169.068867][ T3306]  has_bh_in_lru+0x54/0x1f0
[  169.073485][ T3306]  __lru_add_drain_all+0x234/0x3f0
[  169.078625][ T3306]  lru_add_drain_all+0x10/0x20
[  169.083413][ T3306]  invalidate_bdev+0x47/0x70
[  169.088040][ T3306]  ext4_put_super+0x624/0x7d0
[  169.092736][ T3306]  generic_shutdown_super+0xe6/0x210
[  169.098042][ T3306]  kill_block_super+0x2a/0x70
[  169.102759][ T3306]  ext4_kill_sb+0x42/0x80
[  169.107102][ T3306]  deactivate_locked_super+0x75/0x1c0
[  169.112496][ T3306]  deactivate_super+0x97/0xa0
[  169.117204][ T3306]  cleanup_mnt+0x269/0x2e0
[  169.121632][ T3306]  __cleanup_mnt+0x19/0x20
[  169.126058][ T3306]  task_work_run+0x131/0x1a0
[  169.130667][ T3306]  exit_to_user_mode_loop+0xe4/0x100
[  169.135974][ T3306]  do_syscall_64+0x1d6/0x200
[  169.140581][ T3306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.146488][ T3306] 
[  169.148818][ T3306] value changed: 0x0000000000000000 -> 0xffff888141c24208
[  169.155933][ T3306] 
[  169.158270][ T3306] Reported by Kernel Concurrency Sanitizer on:
[  169.164440][ T3306] CPU: 0 UID: 0 PID: 3306 Comm: syz-executor Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[  169.177048][ T3306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  169.187122][ T3306] ==================================================================
[  169.246744][T10109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.257969][T14059] netdevsim netdevsim9: loading /lib/firmware/. failed with error -22
[  169.266240][T14059] netdevsim netdevsim9: Direct firmware load for . failed with error -22