last executing test programs:

2m23.466792251s ago: executing program 32 (id=912):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r0 = openat$random(0xffffffffffffff9c, &(0x7f000000fe80), 0x40800, 0x0)
ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f000000fec0)=ANY=[@ANYBLOB="04000000000010"])
syz_emit_ethernet(0x5a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0xe, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x5, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, {[@timestamp_addr={0x44, 0x14, 0x6, 0x3, 0x0, [{@empty}, {@dev={0xac, 0x14, 0x14, 0x2e}, 0x3fff}]}, @ssrr={0x89, 0xb, 0xce, [@rand_addr, @empty]}, @ssrr={0x89, 0x3, 0x15}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10}}}}}}, 0x0)

2m7.321572839s ago: executing program 5 (id=1522):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000000}}, {@data_err_ignore}, {@usrjquota}, {@oldalloc}, {@oldalloc}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0xb7d4, 0x1001f0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
sendfile(r2, r1, 0x0, 0x7ffff000)

2m6.915952176s ago: executing program 5 (id=1539):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000640)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615, 0x63449}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x44}}, 0x0)

2m6.818953807s ago: executing program 5 (id=1542):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x7f, 0x7ffc0002}]})
iopl(0x3)

2m6.761158498s ago: executing program 5 (id=1543):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x3000000, &(0x7f0000000080), 0x1, 0x519, &(0x7f0000000340)="$eJzs3W1rY1kdAPD/TZpuZ6ZrsyoyLri7uCszi07Sbt3dKrK7guirBXV9P9Y2LaVpU5p0nJZBO/gBBBEV/AC+EfwAgsxHEGFA34uKIjqjL3Wu3OQG+5C0oU0ns+nvB6c55z6c/zmX5uY+HO4N4NJ6JSLei4hiRLweETP59EKeYr+TsuUeP7q3lKUk0vSDfySR5NO6dWXliYi4lq82FRHf/FrEd5LjcZu7e+uL9XptOy9XWxtb1ebu3q21jcXV2mptc35+7q2FtxfeXJhNc+fqZzki3vnKX37yw1989Z3ffO67f7z9t5vfy5r1pU902h0RS+cK0Een7lJ7W3Rl22j7IoKNSNafUnHUrQAAYBDZMf5HI+LT7eP/mSi2j+YAAACAcZK+Ox3/SSJSAAAAYGwVImI6kkIlHwswHYVCpdIZw/vxuFqoN5qtz640djaXs3kR5SgVVtbqtdl8rHA5SklWnsvH2HbLbxwpz0fECxHx45kr7XJlqVFfHvXFDwAAALgkrr18+Pz/3zOFdh4AAAAYM+W+BQAAAGBcOOUHAACA8ef8HwAAAMba199/P0tp9z3ey3d2d9Ybd24t15rrlY2dpcpSY3urstporLaf2bdxWn31RmPr87G5c7faqjVb1ebu3u2Nxs5m6/baoVdgAwAAAE/RCy8/+EMSEftfvNJOkT8HEOCQP4+6AcAwFUfdAGBkJkbdAGBkSqcuYQ8B4y45Zf7xwTuda4Xx24tpDwAAMHw3Pnn8/v9kPu/0awPAh5mxPgBw+bi7B5dX6awjAK8PuyXAqHyk8/Fcv/l9H94xwP3/zjWGND1TwwAAgKGZbqekUMmP06ejUKhUIp5vvxaglKys1Wuz+fnB72dKz2XlufaayaljhgEAAAAAAAAAAAAAAAAAAAAAAACAjjRNIgUAAADGWkThr0n7af4RN2Zemz58deDIW79+/sFP7y62WttzEZPJP2eySZMR0fpZPv2N1CsBAAAA4BnQOU/PP+dG3RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxs3jR/eWuulpxv37lyOi3Cv+REy1P6eiFBFX/5XExIH1kogoDiH+/v2IuN4rfhJP0jQt563oFf/KBccvtzdN7/iFiLg2hPhwmT3I9j/v9fr+FeKV9mfv799Ens6ru/+bzMsH43f3f8U++5/nj5T7efHhr6p949+PeHGi9/6nGz/pxD8UIiu8OmAfv/2tvb2eMw5U2Sv+wVjV1sZWtbm7d2ttY3G1tlrbnJ+fe2vh7YU3F2arK2v1Wv63Z5gfferXT07q/9U+8cuH+39s+782UO/T+O/Du48+1imUesW/+Wrv39/rfeIX8t++z+T5bP6Nbn6/kz/opV/+7qWT+r/cp/9Tp/T/5kD9jy+8/o0f/KnnnGNbAwB4Gpq7e+uL9Xpt+4TM1ADLDJwpDqWed4fWnmclE89GM0aVSb/f+X88Xz3nXP1YJj3P6hMxhGZMHvueFuOsFSYR+1ldA/5DAgAAY+b/B/0n3UECAAAAAAAAAAAAAAAAAAAALtIZH0s2FREDL3w05v5ougoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKL/BQAA///w6cuT")
creat(&(0x7f0000000340)='./bus\x00', 0x32)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x42)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x1b, 0x0, "ef359f41a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4eb4b78c66ee677df701905b9aafab4ffffffff00", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a0040000000000000000000f27c0000e8ff00", [0x0, 0xffffffffffffffff]})
stat(&(0x7f0000000200)='./file0\x00', 0x0)

2m6.492681022s ago: executing program 5 (id=1544):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1, &(0x7f0000000640)=ANY=[@ANYRES32=0x0, @ANYBLOB="8e29b5c6d59d9a8fa9f1222c", @ANYRES32=0x0, @ANYBLOB="d90f55b2fe87bccaae179697e871353358a10c2f9b664f24e6a9112c9e2e2e3003fa09469b1b", @ANYBLOB], 0x8, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0xffffff7f, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

2m6.195183717s ago: executing program 2 (id=1547):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r2=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r2}}], 0x20, 0x2400e044}, 0x0)

2m6.195026077s ago: executing program 5 (id=1548):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

2m6.156210197s ago: executing program 33 (id=1548):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

2m5.071015414s ago: executing program 2 (id=1564):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854529f45826cb35be51682e30944313e2ca73845d177d601880221daeccfda56b75cfe2bad94f000066b2ddab614fec2236da7d88ea07c9ee"}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r3, &(0x7f0000000180)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)

2m5.031730505s ago: executing program 2 (id=1553):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vcan0\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f00000002c0)={0x1d, r2}, 0x10)
bind$can_raw(r1, &(0x7f0000000800), 0x10)

2m4.958694265s ago: executing program 2 (id=1556):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x3000000, &(0x7f0000000080), 0x1, 0x519, &(0x7f0000000340)="$eJzs3W1rY1kdAPD/TZpuZ6ZrsyoyLri7uCszi07Sbt3dKrK7guirBXV9P9Y2LaVpU5p0nJZBO/gBBBEV/AC+EfwAgsxHEGFA34uKIjqjL3Wu3OQG+5C0oU0ns+nvB6c55z6c/zmX5uY+HO4N4NJ6JSLei4hiRLweETP59EKeYr+TsuUeP7q3lKUk0vSDfySR5NO6dWXliYi4lq82FRHf/FrEd5LjcZu7e+uL9XptOy9XWxtb1ebu3q21jcXV2mptc35+7q2FtxfeXJhNc+fqZzki3vnKX37yw1989Z3ffO67f7z9t5vfy5r1pU902h0RS+cK0Een7lJ7W3Rl22j7IoKNSNafUnHUrQAAYBDZMf5HI+LT7eP/mSi2j+YAAACAcZK+Ox3/SSJSAAAAYGwVImI6kkIlHwswHYVCpdIZw/vxuFqoN5qtz640djaXs3kR5SgVVtbqtdl8rHA5SklWnsvH2HbLbxwpz0fECxHx45kr7XJlqVFfHvXFDwAAALgkrr18+Pz/3zOFdh4AAAAYM+W+BQAAAGBcOOUHAACA8ef8HwAAAMba199/P0tp9z3ey3d2d9Ybd24t15rrlY2dpcpSY3urstporLaf2bdxWn31RmPr87G5c7faqjVb1ebu3u2Nxs5m6/baoVdgAwAAAE/RCy8/+EMSEftfvNJOkT8HEOCQP4+6AcAwFUfdAGBkJkbdAGBkSqcuYQ8B4y45Zf7xwTuda4Xx24tpDwAAMHw3Pnn8/v9kPu/0awPAh5mxPgBw+bi7B5dX6awjAK8PuyXAqHyk8/Fcv/l9H94xwP3/zjWGND1TwwAAgKGZbqekUMmP06ejUKhUIp5vvxaglKys1Wuz+fnB72dKz2XlufaayaljhgEAAAAAAAAAAAAAAAAAAAAAAACAjjRNIgUAAADGWkThr0n7af4RN2Zemz58deDIW79+/sFP7y62WttzEZPJP2eySZMR0fpZPv2N1CsBAAAA4BnQOU/PP+dG3RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxs3jR/eWuulpxv37lyOi3Cv+REy1P6eiFBFX/5XExIH1kogoDiH+/v2IuN4rfhJP0jQt563oFf/KBccvtzdN7/iFiLg2hPhwmT3I9j/v9fr+FeKV9mfv799Ens6ru/+bzMsH43f3f8U++5/nj5T7efHhr6p949+PeHGi9/6nGz/pxD8UIiu8OmAfv/2tvb2eMw5U2Sv+wVjV1sZWtbm7d2ttY3G1tlrbnJ+fe2vh7YU3F2arK2v1Wv63Z5gfferXT07q/9U+8cuH+39s+782UO/T+O/Du48+1imUesW/+Wrv39/rfeIX8t++z+T5bP6Nbn6/kz/opV/+7qWT+r/cp/9Tp/T/5kD9jy+8/o0f/KnnnGNbAwB4Gpq7e+uL9Xpt+4TM1ADLDJwpDqWed4fWnmclE89GM0aVSb/f+X88Xz3nXP1YJj3P6hMxhGZMHvueFuOsFSYR+1ldA/5DAgAAY+b/B/0n3UECAAAAAAAAAAAAAAAAAAAALtIZH0s2FREDL3w05v5ougoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKL/BQAA///w6cuT")
creat(&(0x7f0000000340)='./bus\x00', 0x32)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x42)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x1b, 0x0, "ef359f41a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4eb4b78c66ee677df701905b9aafab4ffffffff00", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a0040000000000000000000f27c0000e8ff00", [0x0, 0xffffffffffffffff]})
stat(&(0x7f0000000200)='./file0\x00', 0x0)

2m4.732492919s ago: executing program 2 (id=1566):
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x65, 0xff, 0x5e, 0x8, 0x0, 0x3, 0x8b008, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x1, @perf_bp={0x0, 0x8}, 0x1a, 0x7, 0x800, 0x4, 0x8, 0x4002}, 0x0, 0x4000000001, 0xffffffffffffffff, 0x1)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
write$UHID_DESTROY(r0, &(0x7f0000000080), 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x101}, 0x18)

2m4.478535973s ago: executing program 2 (id=1571):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

2m4.477422883s ago: executing program 34 (id=1571):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

2m3.194928823s ago: executing program 4 (id=1599):
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x65, 0xff, 0x5e, 0x8, 0x0, 0x3, 0x8b008, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x1, @perf_bp={0x0, 0x8}, 0x1a, 0x7, 0x800, 0x4, 0x8, 0x4002}, 0x0, 0x4000000001, 0xffffffffffffffff, 0x1)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
write$UHID_DESTROY(r0, &(0x7f0000000080), 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x101}, 0x18)

2m2.925790457s ago: executing program 4 (id=1600):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=ANY=[@ANYBLOB="600000001800dd8d000000000000000002000000ff0000060000000008000700ac1414bb08001e006907000008000700ac1e010108000b00ffffffff0800", @ANYRES8=r0], 0x60}}, 0x44000)

2m2.73815588s ago: executing program 4 (id=1602):
setresuid(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000d40)={0x0, 0x7000003, &(0x7f00000023c0)=[{&(0x7f0000000b40)='?', 0x1}, {0x0, 0x1}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x20001)

2m2.716722s ago: executing program 4 (id=1603):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x3000000, &(0x7f0000000080), 0x1, 0x519, &(0x7f0000000340)="$eJzs3W1rY1kdAPD/TZpuZ6ZrsyoyLri7uCszi07Sbt3dKrK7guirBXV9P9Y2LaVpU5p0nJZBO/gBBBEV/AC+EfwAgsxHEGFA34uKIjqjL3Wu3OQG+5C0oU0ns+nvB6c55z6c/zmX5uY+HO4N4NJ6JSLei4hiRLweETP59EKeYr+TsuUeP7q3lKUk0vSDfySR5NO6dWXliYi4lq82FRHf/FrEd5LjcZu7e+uL9XptOy9XWxtb1ebu3q21jcXV2mptc35+7q2FtxfeXJhNc+fqZzki3vnKX37yw1989Z3ffO67f7z9t5vfy5r1pU902h0RS+cK0Een7lJ7W3Rl22j7IoKNSNafUnHUrQAAYBDZMf5HI+LT7eP/mSi2j+YAAACAcZK+Ox3/SSJSAAAAYGwVImI6kkIlHwswHYVCpdIZw/vxuFqoN5qtz640djaXs3kR5SgVVtbqtdl8rHA5SklWnsvH2HbLbxwpz0fECxHx45kr7XJlqVFfHvXFDwAAALgkrr18+Pz/3zOFdh4AAAAYM+W+BQAAAGBcOOUHAACA8ef8HwAAAMba199/P0tp9z3ey3d2d9Ybd24t15rrlY2dpcpSY3urstporLaf2bdxWn31RmPr87G5c7faqjVb1ebu3u2Nxs5m6/baoVdgAwAAAE/RCy8/+EMSEftfvNJOkT8HEOCQP4+6AcAwFUfdAGBkJkbdAGBkSqcuYQ8B4y45Zf7xwTuda4Xx24tpDwAAMHw3Pnn8/v9kPu/0awPAh5mxPgBw+bi7B5dX6awjAK8PuyXAqHyk8/Fcv/l9H94xwP3/zjWGND1TwwAAgKGZbqekUMmP06ejUKhUIp5vvxaglKys1Wuz+fnB72dKz2XlufaayaljhgEAAAAAAAAAAAAAAAAAAAAAAACAjjRNIgUAAADGWkThr0n7af4RN2Zemz58deDIW79+/sFP7y62WttzEZPJP2eySZMR0fpZPv2N1CsBAAAA4BnQOU/PP+dG3RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxs3jR/eWuulpxv37lyOi3Cv+REy1P6eiFBFX/5XExIH1kogoDiH+/v2IuN4rfhJP0jQt563oFf/KBccvtzdN7/iFiLg2hPhwmT3I9j/v9fr+FeKV9mfv799Ens6ru/+bzMsH43f3f8U++5/nj5T7efHhr6p949+PeHGi9/6nGz/pxD8UIiu8OmAfv/2tvb2eMw5U2Sv+wVjV1sZWtbm7d2ttY3G1tlrbnJ+fe2vh7YU3F2arK2v1Wv63Z5gfferXT07q/9U+8cuH+39s+782UO/T+O/Du48+1imUesW/+Wrv39/rfeIX8t++z+T5bP6Nbn6/kz/opV/+7qWT+r/cp/9Tp/T/5kD9jy+8/o0f/KnnnGNbAwB4Gpq7e+uL9Xpt+4TM1ADLDJwpDqWed4fWnmclE89GM0aVSb/f+X88Xz3nXP1YJj3P6hMxhGZMHvueFuOsFSYR+1ldA/5DAgAAY+b/B/0n3UECAAAAAAAAAAAAAAAAAAAALtIZH0s2FREDL3w05v5ougoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKL/BQAA///w6cuT")
creat(&(0x7f0000000340)='./bus\x00', 0x32)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x42)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x1b, 0x0, "ef359f41a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4eb4b78c66ee677df701905b9aafab4ffffffff00", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a0040000000000000000000f27c0000e8ff00", [0x0, 0xffffffffffffffff]})
stat(&(0x7f0000000200)='./file0\x00', 0x0)

2m2.184267729s ago: executing program 4 (id=1613):
creat(&(0x7f0000000240)='./bus\x00', 0xc2)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs")

2m1.650561177s ago: executing program 4 (id=1614):
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842)
ioctl$EVIOCGBITSND(r1, 0x40044591, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
write$P9_RGETLOCK(r0, &(0x7f00000000c0)=ANY=[], 0xffffff6a)

2m1.650410077s ago: executing program 35 (id=1614):
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842)
ioctl$EVIOCGBITSND(r1, 0x40044591, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
write$P9_RGETLOCK(r0, &(0x7f00000000c0)=ANY=[], 0xffffff6a)

47.195965183s ago: executing program 7 (id=4111):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000700), &(0x7f00000000c0), 0xff, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x4000884)

47.102227055s ago: executing program 7 (id=4113):
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8d7, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x401, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040), 0x2, 0x0)
rmdir(&(0x7f00000000c0)='./cgroup/../file0\x00')

47.048995885s ago: executing program 7 (id=4116):
socket$packet(0x11, 0x3, 0x300)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010028bd7000fe0100250200000008000100", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x8004)
write$nci(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="414601", @ANYRES32=r0], 0x4)

46.936349637s ago: executing program 7 (id=4122):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x3, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1333404, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='./file0/../file0/../file0/../file0\x00')

46.80606504s ago: executing program 7 (id=4126):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x250, 0x0, 0xb, 0xd0e0011, 0x120, 0xc6, 0x1f8, 0x1d8, 0x190, 0x1f8, 0x1d8, 0x3, 0x0, {[{{@ip={@rand_addr, @broadcast, 0x0, 0x0, 'nr0\x00', '\x00', {}, {}, 0x1}, 0x0, 0x98, 0xe0, 0x2000000, {}, [@common=@icmp={{0x28}, {0x0, "0010"}}]}, @unspec=@CT0={0x48}}, {{@ip={@remote, @multicast1, 0x0, 0x0, 'bridge_slave_1\x00', 'virt_wifi0\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x20000, 'syz1\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2b0)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x1bd}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='='], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_NOP={0x0, 0x2})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

44.787719131s ago: executing program 7 (id=4190):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_flower={{0xb}, {0x44, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x5, 0x8}}, @TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK={0x14, 0x20, [0xff, 0xff, 0xff, 0xff]}, @TCA_FLOWER_KEY_IPV4_DST_MASK={0x8, 0xd, 0xffffffff}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x73}, @TCA_FLOWER_KEY_ENC_IPV6_DST={0x14, 0x21, @dev={0xfe, 0x80, '\x00', 0x18}}]}}]}, 0x74}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)

44.761109991s ago: executing program 36 (id=4190):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_flower={{0xb}, {0x44, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x5, 0x8}}, @TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK={0x14, 0x20, [0xff, 0xff, 0xff, 0xff]}, @TCA_FLOWER_KEY_IPV4_DST_MASK={0x8, 0xd, 0xffffffff}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x73}, @TCA_FLOWER_KEY_ENC_IPV6_DST={0x14, 0x21, @dev={0xfe, 0x80, '\x00', 0x18}}]}}]}, 0x74}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)

20.059267501s ago: executing program 9 (id=4980):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = dup(r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mm_page_alloc\x00', r3}, 0x10)
ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f00000004c0)={0x9, 0x200, 0x0, 0x6a79})

20.058708361s ago: executing program 9 (id=4982):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {}, {0x3, 0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40, 0x6, 0xffffffffffffffff, 0xea, 0x100004}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x4, 0x1}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

19.973052643s ago: executing program 9 (id=4986):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b208850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f0000000640)=0x100000001, 0x4)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000380)='cdg\x00', 0x4)
close_range(r1, r1, 0x0)

19.923983833s ago: executing program 9 (id=4988):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x4, 0x8001, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x0, 0x2]})
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')

19.806024185s ago: executing program 9 (id=4991):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f00000028c0)={0x0, 0x28}}, 0x0)
getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x48, 0x10, 0x401, 0x0, 0x101, {0x0, 0x0, 0x0, 0x0, 0x9}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r1}]}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x48}}, 0x0)

19.50256906s ago: executing program 9 (id=5002):
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000001080)='./bus\x00', 0x80, &(0x7f00000010c0)=ANY=[@ANYBLOB="666c7573682c6e6f646f74732c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c646d61736b3d30303030303030303030303030303030303030303137372c646f74732c6e6f646f74732c71756965742c646f74732c0023c3cb4d2e3cbf18508098fe0de2af38db67d42d1bc4ab714d52f019082433fc9ca2d7174b2c4ece31c9f4c7a4d53914e100"/167], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
ioprio_set$uid(0x3, 0x0, 0xff00000000000000)
sendfile(r1, r0, 0x0, 0xfffa83)

19.49150829s ago: executing program 37 (id=5002):
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000001080)='./bus\x00', 0x80, &(0x7f00000010c0)=ANY=[@ANYBLOB="666c7573682c6e6f646f74732c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c646d61736b3d30303030303030303030303030303030303030303137372c646f74732c6e6f646f74732c71756965742c646f74732c0023c3cb4d2e3cbf18508098fe0de2af38db67d42d1bc4ab714d52f019082433fc9ca2d7174b2c4ece31c9f4c7a4d53914e100"/167], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
ioprio_set$uid(0x3, 0x0, 0xff00000000000000)
sendfile(r1, r0, 0x0, 0xfffa83)

4.611909739s ago: executing program 6 (id=5482):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x1)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x11)

4.480217871s ago: executing program 6 (id=5485):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x44000)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

4.359487503s ago: executing program 6 (id=5489):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000e00)='kfree\x00', r1, 0x0, 0x200}, 0x18)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=ANY=[@ANYBLOB="12000000040000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000040), &(0x7f0000000140)=r2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r3, &(0x7f0000000040)}, 0x20)

4.153574876s ago: executing program 6 (id=5492):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
shutdown(r0, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000000)=0x2, 0x3b)
recvmmsg(r1, &(0x7f0000001040)=[{{0x0, 0x0, 0x0}, 0x400}], 0x1, 0x40000002, 0x0)

4.010711818s ago: executing program 6 (id=5493):
unshare(0x22020600)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0xc7}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc86a00", "4617a9f6040839230fb7fead776dd8dc", "c6db0872", "a44a883fca4400"}, 0x28)
ppoll(&(0x7f0000000000)=[{r0, 0x4}], 0x1, 0x0, 0x0, 0x0)

3.960951969s ago: executing program 6 (id=5495):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)

1.232814021s ago: executing program 3 (id=5569):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r2, 0x0, 0x5, &(0x7f0000000240)={@local, @multicast2, 0xfffe, "66c5aff8a7eb3af1f6cec2e7420000008c84aea31700", 0x3, 0x0, 0x7e, 0x40}, 0x3c)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000080)=0x300, 0x4)

1.143230113s ago: executing program 3 (id=5574):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x0)

1.108049253s ago: executing program 3 (id=5575):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [0x0, 0x0, 0xff, 0xff000000], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3, 0x0, 0x18}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[], 0x80}}, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
pause()
connect$inet6(r1, &(0x7f0000002f80)={0xa, 0x4000, 0x7, @loopback, 0x3}, 0x1c)
write$binfmt_misc(r1, &(0x7f0000000040), 0xfe46)

798.867938ms ago: executing program 8 (id=5583):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0x78)
sendfile(r1, r2, &(0x7f00000001c0), 0x8)
fcntl$addseals(r2, 0x409, 0x8)
fallocate(r2, 0x3, 0x0, 0x3)
recvmsg$unix(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/64, 0x40}], 0x1}, 0x0)

639.80672ms ago: executing program 1 (id=5587):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000600"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

566.889321ms ago: executing program 8 (id=5589):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
utime(&(0x7f0000000200)='./file0\x00', 0x0)

527.327442ms ago: executing program 8 (id=5592):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x2, 0x3a0, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000080), &(0x7f0000000240), 0x1800, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000640)={r0, &(0x7f0000000080), &(0x7f0000000540)=""/240}, 0x20)

460.929003ms ago: executing program 8 (id=5593):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b000000070000000800000008000000050000", @ANYRES32=0x0], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_open_dev$usbfs(0x0, 0x205, 0x8401)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x530, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})

414.686514ms ago: executing program 8 (id=5595):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

366.074115ms ago: executing program 0 (id=5597):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301)
ioctl$USBDEVFS_REAPURB(r2, 0x4008550c, 0x0)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x0, 0x40, &(0x7f0000000000)={0x4b5a9da54893e123, 0x14, 0x8, 0x2}, 0x8, 0x7, 0x200, 0x0, 0x0, 0x20000, 0x0})

362.451615ms ago: executing program 8 (id=5598):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x842, 0x0)
write$vga_arbiter(r0, &(0x7f0000000000)=@other={'lock', ' ', 'io'}, 0x8)
pselect6(0x40, &(0x7f0000000580), 0x0, &(0x7f0000000d00)={0xd0}, 0x0, 0x0)
close(r0)

291.045656ms ago: executing program 1 (id=5599):
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r2}, 0x10)
close(r0)

240.778467ms ago: executing program 3 (id=5600):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)

224.938237ms ago: executing program 1 (id=5601):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0xa, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000001ac0))
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000180)={0x1, &(0x7f00000000c0)=[{0x0, 0xfd, 0x1}]})

217.487047ms ago: executing program 0 (id=5602):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f0000000140), &(0x7f00000002c0)=""/4095}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001800)={{r0}, &(0x7f0000001780), &(0x7f00000017c0)='%-010d \x00'}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x3, &(0x7f0000000080)={r0, &(0x7f0000000080), 0x0}, 0x20)

198.596967ms ago: executing program 0 (id=5603):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x2, 0x4, 0x3, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

180.504187ms ago: executing program 0 (id=5604):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x24)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r2, &(0x7f0000000380), 0x2, 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')

159.281578ms ago: executing program 3 (id=5605):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x29fd, 0x84, 0x105, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r1}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000000), 0x6c, r1}, 0x38)

121.279038ms ago: executing program 0 (id=5606):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000580)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000150600000fbf52ee4507000002000000250600000ee60000bf250000000000001f010000000000006507040002000000070700004c0000001f75000000000000bf540000000000000704000004000bffbd350100000000009500000000000000050000000000000095000000000000001f1bd1fe4b3af9c97925711095cc1a3a25b9418ffdc4a1da470a14e4391c3fb600100000a4911fe82664d775cdb9dfc83fa32db39b636c1866b526ffff00005172a74e9afe751664f580a6c5bccf1ef6583e0c1cd1f7fe416b5d6902e7db826e6dffda3aabdc5b5ce08ca4ee6035f1b7dc6b3b4672f7c22efa6d633473cd548789f8ab5a654106888aff6f3eb7e962160dac2c68c044584bb50e9c0952bab14c2c65176c7e40faaea21457d5f2d6f40c4d3390a1e14561cbf0a6ccd15f45c52753e24c6488b23ec9a3261c7706cecfc37b25b382c76631983e053efde84f80c5483d26bfaa66bf477cca77d399c76469551913f98a26fa0363ebb7f861a3d53d4dd6d91f7dcefb0748cd20346878bc0759851cd32ba781d6e62e8eee022be7fb6fff27871a5a7a723e5e330f454f0c568fbfc9b901bd6cc3af8355e5ecf3f74a472c7861beeeba7d5d25208a2e1d4c0b8e4f82ce05ffe1c69aaea312bbb3656c873b26161dccd130823e87d0b411e6fdb2cc4def13ecdf4217b647803c9dbaba0cd1036081842b7fc3a30759c24058ad22001bc2817d4604bc2d49bf41894e61356ddf6d394a397c67321a0dd4ac4082ee583de98e8a89535050054d40a4dbd809d0ce9c444286b5d5a51d933d35714d8ca7fb49b5329107825926fd5caaf4ddd1e81e616fc56e47d30e51cd558d630f665a88da23e96c45a0a4ccd554a92628336eb43de1022d60e5ffe41b6bef61ea28c5ea09a832f9f84b10aa4b6350930b11865184fce06bb8bf64b578e8477d3440526aa2055daa7945db10e7c2cf517d954fc2db6cdee34cff68b43fef6205f2cf390e1bc4ee8ee0b5f204bf14c30a54196863eb6c707de3b344a6f84b47be3012b55d41da4c0bc43af548ee4b98c8599008d140e106138c6469cbc3857beddafd53fd1ba63b4786d5efec1942049aae281112e43477f0bf74ce9f2acc9bc6dd58a434eb41ad1a5cd4f753c32f2a40ff3c0c25a6f7833acfee9fc332eca2a41a97e832240b574a6413334f8b1ce08f6b560569355cac2d81191aaa6f3849433ed3f4617a04e22917c889f878486657fc6c001d90dc4e3d609f0ee78305143c60140a2396e959d8430fdcd7ccfaa0b0ba1dcb130f25714a191dbe2efeab57746e44a4344eaaf95c70d7043145f560b2e633f546a8c6b1aca8fa92ddd95b5aeade2ca2bb39a19e9250ae15e3a083914ec19605f13b7f1dedb7d26a9713f920d9b83b038863f066ef0e0cef0b63927773078a6c9187881b96c14bcfb475a6cb07fc2e434ecd4c58b8dd7e8282d966d7d184dc1513c4fa2e161c26742d7c7a5afcb85291c9393206729cc9aa027814b03cbb598c5bd01fd63478d10e9a6c94a211be56e5b8bd4d6777eafa4fa777695b941bb65be7651828c9c7f6b68cd7e1b62f4d6a3b5cacbb7d340d76"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

111.234419ms ago: executing program 1 (id=5607):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x9c}}, 0x0)

79.211769ms ago: executing program 3 (id=5608):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x25c, &(0x7f0000000440)=@framed={{0x18, 0x2}, [@printk={@ld}, @call={0x85, 0x0, 0x0, 0x7}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

69.662559ms ago: executing program 0 (id=5609):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x2000, 0x0, 0xc0000000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e98263b, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x7, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000003, 0x3, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x10, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xb2, 0x0, 0x0, 0x0, 0x8, 0x0, 0x108, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x400, 0x0, 0x0, 0x20]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000020}, {0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0)

38.42051ms ago: executing program 1 (id=5610):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))

0s ago: executing program 1 (id=5611):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
mkdir(0x0, 0x0)
write$nci(r0, 0x0, 0xfffffeea)

kernel console output (not intermixed with test programs):

's busy
[  146.269180][T12886] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  146.276875][T12873] EXT4-fs (loop0): mount failed
[  146.282277][T12886] netlink: 'syz.7.3962': attribute type 27 has an invalid length.
[  146.290948][T12886] lo: left promiscuous mode
[  146.295601][T12886] lo: left allmulticast mode
[  146.312764][T12871] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.337423][T12871] EXT4-fs error (device loop6): ext4_check_dx_root:2205: inode #2: comm syz.6.3957: Corrupt dir, invalid name_len for '.', running e2fsck is recommended
[  146.416034][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.454835][T12905] loop6: detected capacity change from 0 to 1024
[  146.469497][T12905] EXT4-fs: Ignoring removed nobh option
[  146.475207][T12905] EXT4-fs: Ignoring removed bh option
[  146.476789][T12901] serio: Serial port ptm0
[  146.494669][T12905] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.515707][T12886] netdevsim netdevsim7 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.524205][T12886] netdevsim netdevsim7 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.532616][T12886] netdevsim netdevsim7 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.541151][T12886] netdevsim netdevsim7 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.578158][T12886] netdevsim netdevsim7 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  146.586915][T12886] netdevsim netdevsim7 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  146.595332][T12886] netdevsim netdevsim7 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  146.600491][T12905] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4115: comm syz.6.3969: Allocating blocks 385-513 which overlap fs metadata
[  146.604005][T12886] netdevsim netdevsim7 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  146.624302][T12905] EXT4-fs (loop6): pa ffff88810614a460: logic 16, phys. 129, len 24
[  146.634119][T12905] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 7
[  146.645852][T12886] vxlan0: left promiscuous mode
[  146.652357][T12886] bond1: left promiscuous mode
[  146.657463][T12886] bond1: left allmulticast mode
[  146.658304][T12919] serio: Serial port ptm0
[  146.668398][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.760090][T12929] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3979'.
[  146.771274][T12931] loop6: detected capacity change from 0 to 128
[  146.787090][T12931] bio_check_eod: 326 callbacks suppressed
[  146.787105][T12931] syz.6.3980: attempt to access beyond end of device
[  146.787105][T12931] loop6: rw=2049, sector=145, nr_sectors = 8 limit=128
[  146.808138][T12931] syz.6.3980: attempt to access beyond end of device
[  146.808138][T12931] loop6: rw=2049, sector=161, nr_sectors = 8 limit=128
[  146.822709][T12931] syz.6.3980: attempt to access beyond end of device
[  146.822709][T12931] loop6: rw=2049, sector=177, nr_sectors = 8 limit=128
[  146.836521][T12931] syz.6.3980: attempt to access beyond end of device
[  146.836521][T12931] loop6: rw=2049, sector=193, nr_sectors = 8 limit=128
[  146.850481][T12931] syz.6.3980: attempt to access beyond end of device
[  146.850481][T12931] loop6: rw=2049, sector=209, nr_sectors = 8 limit=128
[  146.864152][T12931] syz.6.3980: attempt to access beyond end of device
[  146.864152][T12931] loop6: rw=2049, sector=225, nr_sectors = 8 limit=128
[  146.879393][T12931] syz.6.3980: attempt to access beyond end of device
[  146.879393][T12931] loop6: rw=2049, sector=241, nr_sectors = 8 limit=128
[  146.910175][T12931] syz.6.3980: attempt to access beyond end of device
[  146.910175][T12931] loop6: rw=2049, sector=257, nr_sectors = 8 limit=128
[  146.925310][T12931] syz.6.3980: attempt to access beyond end of device
[  146.925310][T12931] loop6: rw=2049, sector=273, nr_sectors = 8 limit=128
[  146.939820][T12931] syz.6.3980: attempt to access beyond end of device
[  146.939820][T12931] loop6: rw=2049, sector=289, nr_sectors = 8 limit=128
[  147.016564][T12948] loop6: detected capacity change from 0 to 4096
[  147.036081][T12948] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.062817][T12957] netlink: 'syz.1.3991': attribute type 1 has an invalid length.
[  147.081634][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.088490][T12957] netlink: 'syz.1.3991': attribute type 1 has an invalid length.
[  147.156753][T12971] loop6: detected capacity change from 0 to 256
[  147.297894][T12988] atomic_op ffff888133f58128 conn xmit_atomic 0000000000000000
[  147.312092][T12990] bridge0: port 1(macsec1) entered blocking state
[  147.318709][T12990] bridge0: port 1(macsec1) entered disabled state
[  147.332572][T12990] macsec1: entered allmulticast mode
[  147.338109][T12990] bridge0: entered allmulticast mode
[  147.344179][T12990] macsec1: left allmulticast mode
[  147.349360][T12990] bridge0: left allmulticast mode
[  147.362284][T12992] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4004'.
[  147.371442][T12992] netlink: 108 bytes leftover after parsing attributes in process `syz.6.4004'.
[  147.384870][   T29] kauditd_printk_skb: 187 callbacks suppressed
[  147.384894][   T29] audit: type=1400 audit(1744304394.370:3814): avc:  denied  { connect } for  pid=12997 comm="syz.7.4008" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  147.430190][T12992] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4004'.
[  147.439878][T12992] netlink: 108 bytes leftover after parsing attributes in process `syz.6.4004'.
[  147.578585][T13024] loop7: detected capacity change from 0 to 128
[  147.621067][   T29] audit: type=1400 audit(1744304394.610:3815): avc:  denied  { write } for  pid=13030 comm="syz.8.4021" name="001" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  147.654886][   T29] audit: type=1400 audit(1744304394.640:3816): avc:  denied  { map } for  pid=13030 comm="syz.8.4021" path="/dev/bus/usb/002/001" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  147.724002][T13038] loop8: detected capacity change from 0 to 4096
[  147.739711][T13038] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.763045][T13047] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  147.775144][ T7467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.783413][   T29] audit: type=1400 audit(1744304394.770:3817): avc:  denied  { mount } for  pid=13048 comm="syz.0.4038" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  147.853323][   T29] audit: type=1400 audit(1744304394.840:3818): avc:  denied  { unmount } for  pid=3307 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  147.887230][T13062] loop8: detected capacity change from 0 to 128
[  148.280258][T13067] netlink: 'syz.8.4034': attribute type 16 has an invalid length.
[  148.288210][T13067] netlink: 'syz.8.4034': attribute type 17 has an invalid length.
[  148.332820][T13067] 8021q: adding VLAN 0 to HW filter on device bond0
[  148.341390][T13067] 8021q: adding VLAN 0 to HW filter on device team0
[  148.344386][   T29] audit: type=1400 audit(1744304395.330:3819): avc:  denied  { write } for  pid=13077 comm="syz.7.4039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  148.367849][   T29] audit: type=1400 audit(1744304395.330:3820): avc:  denied  { connect } for  pid=13077 comm="syz.7.4039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  148.387578][   T29] audit: type=1400 audit(1744304395.330:3821): avc:  denied  { name_connect } for  pid=13077 comm="syz.7.4039" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  148.408813][T13067] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  148.447386][   T29] audit: type=1400 audit(1744304395.420:3822): avc:  denied  { listen } for  pid=13077 comm="syz.7.4039" lport=55191 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  148.468405][   T29] audit: type=1400 audit(1744304395.420:3823): avc:  denied  { accept } for  pid=13077 comm="syz.7.4039" lport=55191 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  148.602422][T13088] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13088 comm=syz.6.4045
[  148.857939][T13110] xt_TPROXY: Can be used only with -p tcp or -p udp
[  148.962248][T13123] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.970964][T13123] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.981251][T13123] netlink: 'syz.6.4062': attribute type 27 has an invalid length.
[  149.041127][T13123] sit0: left promiscuous mode
[  149.064182][T13127] loop0: detected capacity change from 0 to 128
[  149.166541][T13123] netdevsim netdevsim6 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  149.175121][T13123] netdevsim netdevsim6 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  149.183615][T13123] netdevsim netdevsim6 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  149.192255][T13123] netdevsim netdevsim6 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  149.206392][T13123] bond1: left promiscuous mode
[  149.211368][T13123] bond1: left allmulticast mode
[  149.219097][    T9] batadv0 speed is unknown, defaulting to 1000
[  149.225295][    T9] syz0: Port: 1 Link DOWN
[  149.250034][T13134] geneve0: entered allmulticast mode
[  149.532736][T13150] loop0: detected capacity change from 0 to 512
[  149.565564][T13150] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  149.582386][T13150] EXT4-fs (loop0): mount failed
[  149.670350][T13163] netlink: 'syz.0.4087': attribute type 3 has an invalid length.
[  149.933448][T13176] loop0: detected capacity change from 0 to 512
[  149.965292][T13176] EXT4-fs error (device loop0): ext4_orphan_get:1390: inode #15: comm syz.0.4081: casefold flag without casefold feature
[  149.978538][T13176] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.4081: couldn't read orphan inode 15 (err -117)
[  149.991172][T13176] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.008148][T13176] EXT4-fs error (device loop0): ext4_check_dx_root:2205: inode #2: comm syz.0.4081: Corrupt dir, invalid name_len for '.', running e2fsck is recommended
[  150.034728][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.053597][T13184] loop0: detected capacity change from 0 to 128
[  150.154691][T13191] loop9: detected capacity change from 0 to 7
[  150.161493][T13191] Buffer I/O error on dev loop9, logical block 0, async page read
[  150.191233][T13191] Buffer I/O error on dev loop9, logical block 0, async page read
[  150.199180][T13191]  loop9: unable to read partition table
[  150.211017][T13195] loop7: detected capacity change from 0 to 1024
[  150.213833][T13191] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  150.213833][T13191] 
U�������) failed (rc=-5)
[  150.277114][T13195] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  150.314904][T13195] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.434907][T13215] lo: entered promiscuous mode
[  150.439765][T13215] lo: entered allmulticast mode
[  150.479718][ T7301] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.038528][T13263] SELinux: ebitmap: truncated map
[  151.044573][T13263] SELinux: failed to load policy
[  151.057179][T13265] loop7: detected capacity change from 0 to 8192
[  151.154573][T13283] sg_write: data in/out 768/1 bytes for SCSI command 0x0-- guessing data in;
[  151.154573][T13283]    program syz.8.4132 not setting count and/or reply_len properly
[  151.797945][T13302] vhci_hcd: default hub control req: 0000 v0000 i0000 l65535
[  151.822144][T13304] loop9: detected capacity change from 0 to 7
[  151.828512][T13304] Buffer I/O error on dev loop9, logical block 0, async page read
[  151.836453][T13304] Buffer I/O error on dev loop9, logical block 0, async page read
[  151.844339][T13304]  loop9: unable to read partition table
[  151.850232][T13304] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  151.850232][T13304] 
U�������) failed (rc=-5)
[  152.037481][T13322] __nla_validate_parse: 13 callbacks suppressed
[  152.037499][T13322] netlink: 332 bytes leftover after parsing attributes in process `syz.1.4149'.
[  152.201535][T13342] loop0: detected capacity change from 0 to 1024
[  152.219665][T13342] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.268584][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.342208][T13361] netlink: 'syz.0.4167': attribute type 3 has an invalid length.
[  152.408133][   T29] kauditd_printk_skb: 128 callbacks suppressed
[  152.408147][   T29] audit: type=1326 audit(1744304399.400:3951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13372 comm="syz.1.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed772d169 code=0x7ffc0000
[  152.441607][   T29] audit: type=1326 audit(1744304399.400:3952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13372 comm="syz.1.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbed772d169 code=0x7ffc0000
[  152.465282][   T29] audit: type=1326 audit(1744304399.400:3953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13372 comm="syz.1.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed772d169 code=0x7ffc0000
[  152.488925][   T29] audit: type=1326 audit(1744304399.400:3954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13372 comm="syz.1.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbed772d169 code=0x7ffc0000
[  152.512804][   T29] audit: type=1326 audit(1744304399.400:3955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13372 comm="syz.1.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed772d169 code=0x7ffc0000
[  152.536517][   T29] audit: type=1326 audit(1744304399.400:3956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13372 comm="syz.1.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed772d169 code=0x7ffc0000
[  152.560218][   T29] audit: type=1326 audit(1744304399.400:3957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13372 comm="syz.1.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbed772d169 code=0x7ffc0000
[  152.583810][   T29] audit: type=1326 audit(1744304399.400:3958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13372 comm="syz.1.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed772d169 code=0x7ffc0000
[  152.607385][   T29] audit: type=1326 audit(1744304399.400:3959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13372 comm="syz.1.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed772d169 code=0x7ffc0000
[  152.631109][   T29] audit: type=1326 audit(1744304399.400:3960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13372 comm="syz.1.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbed772d169 code=0x7ffc0000
[  152.800700][T13387] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  152.811148][T13387] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.827804][T13390] pimreg: entered allmulticast mode
[  152.834573][T13390] pimreg: left allmulticast mode
[  152.893895][T13387] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  152.904293][T13387] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.937956][T13400] loop8: detected capacity change from 0 to 128
[  152.959882][T13387] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  152.970325][T13387] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.060775][T13387] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  153.071151][T13387] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.154559][T13387] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  153.162942][T13387] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.182824][T13387] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  153.191271][T13387] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.206732][T13387] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  153.215044][T13387] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.227444][T13387] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  153.235714][T13387] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.291845][T13411] batadv0 speed is unknown, defaulting to 1000
[  153.373637][T13411] chnl_net:caif_netlink_parms(): no params data found
[  153.444535][T13411] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.451733][T13411] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.461939][T13411] bridge_slave_0: entered allmulticast mode
[  153.468637][T13411] bridge_slave_0: entered promiscuous mode
[  153.475813][T13411] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.482957][T13411] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.492460][T13411] bridge_slave_1: entered allmulticast mode
[  153.523137][T13431] loop1: detected capacity change from 0 to 128
[  153.529657][T13432] loop0: detected capacity change from 0 to 512
[  153.532279][T13411] bridge_slave_1: entered promiscuous mode
[  153.546859][T13432] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  153.566247][T13411] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  153.579954][T13432] EXT4-fs (loop0): 1 truncate cleaned up
[  153.586060][T13432] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.609327][T13411] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  153.622965][T13431] bio_check_eod: 18 callbacks suppressed
[  153.622980][T13431] syz.1.4193: attempt to access beyond end of device
[  153.622980][T13431] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[  153.679180][T13411] team0: Port device team_slave_0 added
[  153.686847][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.696780][T13431] syz.1.4193: attempt to access beyond end of device
[  153.696780][T13431] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[  153.713600][T13411] team0: Port device team_slave_1 added
[  153.726781][T13431] syz.1.4193: attempt to access beyond end of device
[  153.726781][T13431] loop1: rw=2049, sector=177, nr_sectors = 8 limit=128
[  153.747613][T13411] batman_adv: batadv0: Adding interface: batadv_slave_0
[  153.754586][T13411] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.757985][T13431] syz.1.4193: attempt to access beyond end of device
[  153.757985][T13431] loop1: rw=2049, sector=193, nr_sectors = 8 limit=128
[  153.780532][T13411] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  153.806938][T13411] batman_adv: batadv0: Adding interface: batadv_slave_1
[  153.809458][T13431] syz.1.4193: attempt to access beyond end of device
[  153.809458][T13431] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[  153.813942][T13411] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.829963][T13431] syz.1.4193: attempt to access beyond end of device
[  153.829963][T13431] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[  153.853289][T13411] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  153.887559][T13431] syz.1.4193: attempt to access beyond end of device
[  153.887559][T13431] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[  153.906210][T13431] syz.1.4193: attempt to access beyond end of device
[  153.906210][T13431] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[  153.921055][T13431] syz.1.4193: attempt to access beyond end of device
[  153.921055][T13431] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[  153.940039][T13411] hsr_slave_0: entered promiscuous mode
[  153.946806][T13411] hsr_slave_1: entered promiscuous mode
[  153.952723][T13411] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  153.962505][T13411] Cannot create hsr debugfs directory
[  153.967007][T13431] syz.1.4193: attempt to access beyond end of device
[  153.967007][T13431] loop1: rw=2049, sector=289, nr_sectors = 8 limit=128
[  154.102893][T13411] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  154.112637][T13453] loop8: detected capacity change from 0 to 256
[  154.121397][T13411] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  154.131618][T13411] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  154.141344][T13411] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  154.158455][T13411] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.165555][T13411] bridge0: port 2(bridge_slave_1) entered forwarding state
[  154.169105][T13456] loop6: detected capacity change from 0 to 128
[  154.172904][T13411] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.182650][T13456] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  154.186026][T13411] bridge0: port 1(bridge_slave_0) entered forwarding state
[  154.216845][T13456] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  154.229055][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.241119][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.255146][T13460] loop1: detected capacity change from 0 to 1024
[  154.263065][T13460] EXT4-fs: Ignoring removed nobh option
[  154.268840][T13460] EXT4-fs: Ignoring removed bh option
[  154.282427][T13411] 8021q: adding VLAN 0 to HW filter on device bond0
[  154.292829][T13460] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.309559][T13411] 8021q: adding VLAN 0 to HW filter on device team0
[  154.321828][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.328933][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  154.341052][T13460] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4115: comm syz.1.4208: Allocating blocks 385-513 which overlap fs metadata
[  154.341152][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.359039][T13460] EXT4-fs (loop1): pa ffff888106062770: logic 16, phys. 129, len 24
[  154.362001][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  154.370013][T13460] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 8
[  154.407454][T13460] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  154.419709][T13460] EXT4-fs (loop1): This should not happen!! Data will be lost
[  154.419709][T13460] 
[  154.429414][T13460] EXT4-fs (loop1): Total free blocks count 0
[  154.435417][T13460] EXT4-fs (loop1): Free/Dirty block details
[  154.441431][T13460] EXT4-fs (loop1): free_blocks=128
[  154.446558][T13460] EXT4-fs (loop1): dirty_blocks=0
[  154.451620][T13460] EXT4-fs (loop1): Block reservation details
[  154.457629][T13460] EXT4-fs (loop1): i_reserved_data_blocks=0
[  154.467024][T13468] loop0: detected capacity change from 0 to 2048
[  154.478959][T13411] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  154.503275][T13473] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4213'.
[  154.512607][T13473] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4213'.
[  154.530028][T13468] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  154.574815][T13411] 8021q: adding VLAN 0 to HW filter on device batadv0
[  154.693982][T13501] loop1: detected capacity change from 0 to 512
[  154.717375][T13501] EXT4-fs (loop1): 1 orphan inode deleted
[  154.723586][T13501] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.737840][T13501] ext4 filesystem being mounted at /823/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.748418][ T3391] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1
[  154.763094][T13507] netlink: 8 bytes leftover after parsing attributes in process `gtp'.
[  154.771803][T13507] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  154.814346][T13411] veth0_vlan: entered promiscuous mode
[  154.829860][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.841010][T13411] veth1_vlan: entered promiscuous mode
[  154.860382][T13411] veth0_macvtap: entered promiscuous mode
[  154.868242][T13513] netlink: 156 bytes leftover after parsing attributes in process `syz.1.4223'.
[  154.869402][T13411] veth1_macvtap: entered promiscuous mode
[  154.886513][T13513] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4223'.
[  154.902898][T13411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.913429][T13411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.923311][T13411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.933781][T13411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.943645][T13411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.954109][T13411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.999901][T13411] batman_adv: batadv0: Interface activated: batadv_slave_0
[  155.069213][T13411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.079751][T13411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.089629][T13411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.100100][T13411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.110038][T13411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.120584][T13411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.133092][T13523] loop8: detected capacity change from 0 to 8192
[  155.144700][T13411] batman_adv: batadv0: Interface activated: batadv_slave_1
[  155.153619][T13411] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.162532][T13411] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.171292][T13411] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.180087][T13411] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.260219][T13534] loop8: detected capacity change from 0 to 512
[  155.289915][T13535] loop9: detected capacity change from 0 to 512
[  155.315226][T13539] loop1: detected capacity change from 0 to 256
[  155.339483][T13534] EXT4-fs warning (device loop8): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  155.359237][T13534] EXT4-fs (loop8): mount failed
[  155.364690][T13535] EXT4-fs (loop9): 1 orphan inode deleted
[  155.368752][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.375076][T13535] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.392769][T13535] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.403126][   T51] EXT4-fs error (device loop9): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 1
[  155.451774][T13411] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.527319][T13557] SELinux: failed to load policy
[  155.777158][T13597] loop6: detected capacity change from 0 to 512
[  155.784096][T13597] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  155.796448][T13597] EXT4-fs (loop6): 1 truncate cleaned up
[  155.803094][T13597] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.808983][T13601] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  155.870476][T13606] loop8: detected capacity change from 0 to 128
[  155.881017][T13606] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  155.893781][T13606] ext4 filesystem being mounted at /515/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  156.191004][T13613] GUP no longer grows the stack in syz.8.4264 (13613): 200000004000-20000000a000 (200000002000)
[  156.201604][T13613] CPU: 1 UID: 0 PID: 13613 Comm: syz.8.4264 Tainted: G        W           6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[  156.201712][T13613] Tainted: [W]=WARN
[  156.201720][T13613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  156.201735][T13613] Call Trace:
[  156.201741][T13613]  <TASK>
[  156.201749][T13613]  dump_stack_lvl+0xf6/0x150
[  156.201772][T13613]  dump_stack+0x15/0x1a
[  156.201851][T13613]  __get_user_pages+0x1dc1/0x2340
[  156.201891][T13613]  get_user_pages_remote+0x1f4/0x800
[  156.201917][T13613]  __access_remote_vm+0x160/0x590
[  156.201944][T13613]  access_remote_vm+0x34/0x50
[  156.201981][T13613]  proc_pid_cmdline_read+0x3fd/0x720
[  156.202022][T13613]  vfs_readv+0x3e5/0x660
[  156.202041][T13613]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  156.202105][T13613]  __x64_sys_preadv+0xf9/0x1c0
[  156.202140][T13613]  x64_sys_call+0x1410/0x2e10
[  156.202161][T13613]  do_syscall_64+0xc9/0x1c0
[  156.202268][T13613]  ? clear_bhb_loop+0x25/0x80
[  156.202290][T13613]  ? clear_bhb_loop+0x25/0x80
[  156.202380][T13613]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.202404][T13613] RIP: 0033:0x7f91aa7fd169
[  156.202432][T13613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.202450][T13613] RSP: 002b:00007f91a8e67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  156.202509][T13613] RAX: ffffffffffffffda RBX: 00007f91aaa15fa0 RCX: 00007f91aa7fd169
[  156.202524][T13613] RDX: 0000000000000001 RSI: 0000200000000680 RDI: 0000000000000005
[  156.202537][T13613] RBP: 00007f91aa87e730 R08: 00000000fffffff9 R09: 0000000000000000
[  156.202550][T13613] R10: 0000000000000200 R11: 0000000000000246 R12: 0000000000000000
[  156.202592][T13613] R13: 0000000000000000 R14: 00007f91aaa15fa0 R15: 00007fff16428ac8
[  156.202610][T13613]  </TASK>
[  156.631450][T13635] netlink: 'syz.8.4275': attribute type 1 has an invalid length.
[  156.667225][T13642] SELinux: syz.0.4279 (13642) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  156.686945][T13639] netlink: 'syz.1.4277': attribute type 4 has an invalid length.
[  156.792945][T13656] loop9: detected capacity change from 0 to 512
[  156.800374][T13651] vlan2: entered allmulticast mode
[  156.805569][T13651] bridge_slave_0: entered allmulticast mode
[  156.812875][T13656] EXT4-fs: Ignoring removed orlov option
[  156.826465][T13656] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  156.843477][T13656] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  156.866039][T13656] EXT4-fs (loop9): orphan cleanup on readonly fs
[  156.874578][T13656] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.4281: bg 0: block 248: padding at end of block bitmap is not set
[  156.897728][T13656] EXT4-fs error (device loop9): ext4_acquire_dquot:6935: comm syz.9.4281: Failed to acquire dquot type 1
[  156.930527][T13666] loop1: detected capacity change from 0 to 256
[  156.937445][T13668] loop8: detected capacity change from 0 to 128
[  156.944121][T13656] EXT4-fs (loop9): 1 truncate cleaned up
[  156.953599][T13668] ext4 filesystem being mounted at /525/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  156.961710][T13666] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4290'.
[  157.030063][T13675] loop0: detected capacity change from 0 to 512
[  157.044534][T13678] loop6: detected capacity change from 0 to 1024
[  157.053444][T13675] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  157.062295][T13678] EXT4-fs: Ignoring removed nomblk_io_submit option
[  157.114752][T13675] EXT4-fs (loop0): 1 truncate cleaned up
[  157.192901][T13696] loop6: detected capacity change from 0 to 512
[  157.235544][T13696] ext4 filesystem being mounted at /575/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  157.360903][T13705] loop6: detected capacity change from 0 to 512
[  157.400921][T13705] EXT4-fs (loop6): orphan cleanup on readonly fs
[  157.433633][T13705] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4304: bg 0: block 248: padding at end of block bitmap is not set
[  157.524816][T13705] __quota_error: 115 callbacks suppressed
[  157.524837][T13705] Quota error (device loop6): write_blk: dquota write failed
[  157.538017][T13705] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  157.548094][T13705] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.4304: Failed to acquire dquot type 1
[  157.563113][T13705] EXT4-fs (loop6): 1 truncate cleaned up
[  157.818980][T13723] loop6: detected capacity change from 0 to 512
[  157.831860][T13723] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  157.856700][   T29] audit: type=1400 audit(1744304404.840:4071): avc:  denied  { read write } for  pid=13726 comm="syz.8.4314" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  157.880317][   T29] audit: type=1400 audit(1744304404.840:4072): avc:  denied  { open } for  pid=13726 comm="syz.8.4314" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  157.935285][   T23] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  157.946116][T13723] ext4 filesystem being mounted at /579/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.956807][   T29] audit: type=1400 audit(1744304404.870:4073): avc:  denied  { read } for  pid=13728 comm="syz.1.4315" laddr=::ac14:142b lport=255 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  157.993566][   T23] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  158.082541][T13744] netlink: 'syz.9.4320': attribute type 10 has an invalid length.
[  158.093131][T13744] team0: Device hsr_slave_0 failed to register rx_handler
[  158.208545][T13752] loop0: detected capacity change from 0 to 8192
[  158.222628][T13760] loop9: detected capacity change from 0 to 256
[  158.267193][T13764] loop9: detected capacity change from 0 to 512
[  158.276283][T13764] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  158.290334][T13764] EXT4-fs (loop9): 1 truncate cleaned up
[  158.469502][   T29] audit: type=1326 audit(1744304405.460:4074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13788 comm="syz.0.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d828d169 code=0x7ffc0000
[  158.493215][   T29] audit: type=1326 audit(1744304405.460:4075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13788 comm="syz.0.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d828d169 code=0x7ffc0000
[  158.516809][   T29] audit: type=1326 audit(1744304405.460:4076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13788 comm="syz.0.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7fb2d828d169 code=0x7ffc0000
[  158.601626][   T29] audit: type=1326 audit(1744304405.460:4077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13788 comm="syz.0.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d828d169 code=0x7ffc0000
[  158.625282][   T29] audit: type=1326 audit(1744304405.460:4078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13788 comm="syz.0.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb2d828d169 code=0x7ffc0000
[  158.655395][T13791] loop8: detected capacity change from 0 to 8192
[  158.672407][T13797] macvlan1: entered promiscuous mode
[  158.688546][T13797] ipvlan0: entered promiscuous mode
[  158.694369][T13797] ipvlan0: left promiscuous mode
[  158.722123][T13797] macvlan1: left promiscuous mode
[  158.747037][T13799] vlan2: entered allmulticast mode
[  158.752209][T13799] bridge_slave_0: entered allmulticast mode
[  158.880246][T13817] loop6: detected capacity change from 0 to 256
[  158.931007][ T1038] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  158.946409][ T1038] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  159.110363][T13836] loop8: detected capacity change from 0 to 512
[  159.140611][T13836] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  159.166374][T13841] loop0: detected capacity change from 0 to 512
[  159.175167][T13841] EXT4-fs (loop0): orphan cleanup on readonly fs
[  159.183462][T13836] ext4 filesystem being mounted at /545/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.183996][T13841] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4367: bg 0: block 248: padding at end of block bitmap is not set
[  159.211871][T13841] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4367: Failed to acquire dquot type 1
[  159.231216][T13841] EXT4-fs (loop0): 1 truncate cleaned up
[  159.240017][T13846] loop1: detected capacity change from 0 to 1024
[  159.249565][T13846] EXT4-fs: Ignoring removed oldalloc option
[  159.255582][T13846] EXT4-fs: Ignoring removed orlov option
[  159.262194][T13841] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  159.272137][T13846] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  159.289145][T13841] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4367: Failed to acquire dquot type 1
[  159.303742][T13841] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix.
[  159.321064][T13854] macvtap0: refused to change device tx_queue_len
[  159.331001][T13856] syzkaller0: entered promiscuous mode
[  159.336538][T13856] syzkaller0: entered allmulticast mode
[  159.344365][T13856] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 65487
[  159.583423][T13881] loop1: detected capacity change from 0 to 512
[  159.620888][T13881] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #3: comm syz.1.4383: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  159.646092][T13893] loop8: detected capacity change from 0 to 512
[  159.664541][T13881] EXT4-fs error (device loop1): ext4_quota_enable:7129: comm syz.1.4383: Bad quota inode: 3, type: 0
[  159.675779][T13881] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  159.695151][T13893] EXT4-fs (loop8): 1 orphan inode deleted
[  159.701204][T13881] EXT4-fs (loop1): mount failed
[  159.706593][T13893] ext4 filesystem being mounted at /550/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.719896][ T5599] EXT4-fs error (device loop8): ext4_release_dquot:6971: comm kworker/u8:8: Failed to release dquot type 1
[  159.737087][T13881] netdevsim netdevsim1: Direct firmware load for �
 failed with error -2
[  159.781674][T13907] netem: change failed
[  159.837584][T13915] loop6: detected capacity change from 0 to 128
[  159.870204][T13919] loop0: detected capacity change from 0 to 512
[  159.876730][T13915] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[  159.890144][T13919] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  159.905543][T13923] netlink: 24 bytes leftover after parsing attributes in process `wg1'.
[  159.931929][T13919] ext4 filesystem being mounted at /930/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.977585][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  159.985019][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  159.992667][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  159.995222][T13927] loop8: detected capacity change from 0 to 512
[  160.020416][T13927] EXT4-fs error (device loop8): ext4_iget_extra_inode:4692: inode #15: comm syz.8.4402: corrupted in-inode xattr: invalid ea_ino
[  160.033903][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.033933][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.033955][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.044315][T13927] EXT4-fs error (device loop8): ext4_orphan_get:1395: comm syz.8.4402: couldn't read orphan inode 15 (err -117)
[  160.048751][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.075482][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.082912][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.090354][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.097820][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.105286][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.112712][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.131651][T13936] loop9: detected capacity change from 0 to 1024
[  160.135361][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.145539][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.152992][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.160475][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.167991][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.175459][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.182877][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.190346][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.197791][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.205180][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.212633][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.220099][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.227540][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.234952][ T3380] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  160.244952][ T3380] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  160.337992][T13955] loop9: detected capacity change from 0 to 256
[  160.350341][T13955] FAT-fs (loop9): bogus number of FAT sectors
[  160.356554][T13955] FAT-fs (loop9): Can't find a valid FAT filesystem
[  160.392737][T13951] loop1: detected capacity change from 0 to 8192
[  160.490928][T13964] geneve0: entered allmulticast mode
[  160.531579][T13972] 9p: Unknown access argument -: -22
[  160.604283][T13974] loop1: detected capacity change from 0 to 8192
[  160.612999][T13976] netlink: 88 bytes leftover after parsing attributes in process `syz.0.4423'.
[  160.613550][T13974] bio_check_eod: 4 callbacks suppressed
[  160.613566][T13974] syz.1.4422: attempt to access beyond end of device
[  160.613566][T13974] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  160.643765][T13974] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  160.651708][T13974] FAT-fs (loop1): Filesystem has been set read-only
[  160.659683][T13974] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  160.670415][T13974] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  160.715753][T13978] bond3: entered promiscuous mode
[  160.720965][T13978] bond3: entered allmulticast mode
[  160.726402][T13978] 8021q: adding VLAN 0 to HW filter on device bond3
[  160.735860][T13981] loop0: detected capacity change from 0 to 512
[  160.745853][T13978] bond3 (unregistering): Released all slaves
[  160.779837][T13981] EXT4-fs (loop0): 1 orphan inode deleted
[  160.793692][T13981] EXT4-fs mount: 32 callbacks suppressed
[  160.793712][T13981] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.799598][ T3391] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1
[  160.825816][T13981] ext4 filesystem being mounted at /936/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.845260][T13993] loop8: detected capacity change from 0 to 512
[  160.852220][T13993] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  160.886142][T13993] EXT4-fs (loop8): 1 truncate cleaned up
[  160.893434][T13993] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.906475][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.945797][T14004] loop0: detected capacity change from 0 to 256
[  161.111969][T14022] loop0: detected capacity change from 0 to 512
[  161.129356][T14022] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  161.148252][T14022] EXT4-fs (loop0): mount failed
[  161.204013][T14026] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4444'.
[  161.276472][T14030] loop9: detected capacity change from 0 to 512
[  161.302513][T14030] EXT4-fs (loop9): 1 orphan inode deleted
[  161.316985][T14030] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.329663][   T51] EXT4-fs error (device loop9): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 1
[  161.350071][T14030] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.412812][T13411] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.486373][T14041] loop9: detected capacity change from 0 to 1024
[  161.493587][T14041] EXT4-fs: Ignoring removed oldalloc option
[  161.499921][T14041] EXT4-fs: Ignoring removed orlov option
[  161.506322][T14041] EXT4-fs (loop9): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  161.550497][T14041] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.601054][T13411] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.726920][T14050] loop9: detected capacity change from 0 to 8192
[  161.837335][T14053] Falling back ldisc for ttyS3.
[  161.844364][ T7467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.885679][T14057] loop9: detected capacity change from 0 to 512
[  161.897479][T14059] loop0: detected capacity change from 0 to 512
[  161.913599][T14057] EXT4-fs (loop9): orphan cleanup on readonly fs
[  161.923099][T14057] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.4455: bg 0: block 248: padding at end of block bitmap is not set
[  161.924967][T14063] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4458'.
[  161.938497][T14057] EXT4-fs error (device loop9): ext4_acquire_dquot:6935: comm syz.9.4455: Failed to acquire dquot type 1
[  161.954916][T14064] pimreg: entered allmulticast mode
[  161.959904][T14057] EXT4-fs (loop9): 1 truncate cleaned up
[  161.969864][T14057] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  161.982806][T14064] pimreg: left allmulticast mode
[  161.983339][T14059] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #3: comm syz.0.4457: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  162.007925][T14059] EXT4-fs error (device loop0): ext4_quota_enable:7129: comm syz.0.4457: Bad quota inode: 3, type: 0
[  162.019649][T14059] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  162.036363][T14057] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[  162.039096][T14059] EXT4-fs (loop0): mount failed
[  162.058323][T14057] EXT4-fs error (device loop9): ext4_acquire_dquot:6935: comm syz.9.4455: Failed to acquire dquot type 1
[  162.070626][T14057] EXT4-fs warning (device loop9): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix.
[  162.124092][T13411] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.133298][T14075] loop1: detected capacity change from 0 to 4096
[  162.153992][T14075] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.247748][T14089] netlink: 'syz.9.4469': attribute type 10 has an invalid length.
[  162.255646][T14089] netlink: 40 bytes leftover after parsing attributes in process `syz.9.4469'.
[  162.299313][T14089] dummy0: entered promiscuous mode
[  162.314113][T14089] bridge0: port 3(dummy0) entered blocking state
[  162.320565][T14089] bridge0: port 3(dummy0) entered disabled state
[  162.333053][T14089] dummy0: entered allmulticast mode
[  162.342300][T14089] bridge0: port 3(dummy0) entered blocking state
[  162.348734][T14089] bridge0: port 3(dummy0) entered forwarding state
[  162.391125][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.422151][T14097] netlink: 'syz.1.4472': attribute type 4 has an invalid length.
[  162.435532][T14097] netlink: 'syz.1.4472': attribute type 4 has an invalid length.
[  162.470539][T14101] loop8: detected capacity change from 0 to 256
[  162.522344][T14101] FAT-fs (loop8): bogus number of FAT sectors
[  162.528497][T14101] FAT-fs (loop8): Can't find a valid FAT filesystem
[  162.747237][T14123] loop9: detected capacity change from 0 to 128
[  162.753964][T14123] EXT4-fs (loop9): couldn't mount as ext3 due to feature incompatibilities
[  162.989552][T14145] loop8: detected capacity change from 0 to 128
[  163.030062][T14152] loop8: detected capacity change from 0 to 2048
[  163.065286][T14152] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.067570][T14156] bond2: entered promiscuous mode
[  163.082412][T14156] bond2: entered allmulticast mode
[  163.088268][T14156] 8021q: adding VLAN 0 to HW filter on device bond2
[  163.114853][T14156] bond2 (unregistering): Released all slaves
[  163.267289][T14167] loop9: detected capacity change from 0 to 512
[  163.290806][T14167] EXT4-fs error (device loop9): ext4_ext_check_inode:524: inode #3: comm syz.9.4503: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  163.310965][T14167] EXT4-fs error (device loop9): ext4_quota_enable:7129: comm syz.9.4503: Bad quota inode: 3, type: 0
[  163.322324][T14167] EXT4-fs warning (device loop9): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  163.338276][T14167] EXT4-fs (loop9): mount failed
[  163.352114][T14167] netdevsim netdevsim9: Direct firmware load for �
 failed with error -2
[  163.427819][   T29] kauditd_printk_skb: 136 callbacks suppressed
[  163.427860][   T29] audit: type=1400 audit(1744304410.420:4203): avc:  denied  { write } for  pid=14178 comm="syz.9.4507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  163.454345][   T29] audit: type=1400 audit(1744304410.420:4204): avc:  denied  { nlmsg_write } for  pid=14178 comm="syz.9.4507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  163.656874][   T29] audit: type=1326 audit(1744304410.640:4205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14192 comm="syz.9.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f126a84d169 code=0x7ffc0000
[  163.680574][   T29] audit: type=1326 audit(1744304410.640:4206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14192 comm="syz.9.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f126a84d169 code=0x7ffc0000
[  163.704150][   T29] audit: type=1326 audit(1744304410.640:4207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14192 comm="syz.9.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f126a84d169 code=0x7ffc0000
[  163.727769][   T29] audit: type=1326 audit(1744304410.640:4208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14192 comm="syz.9.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f126a84d169 code=0x7ffc0000
[  163.751427][   T29] audit: type=1326 audit(1744304410.640:4209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14192 comm="syz.9.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f126a84d169 code=0x7ffc0000
[  163.775071][   T29] audit: type=1326 audit(1744304410.640:4210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14192 comm="syz.9.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f126a84d169 code=0x7ffc0000
[  163.798662][   T29] audit: type=1326 audit(1744304410.640:4211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14192 comm="syz.9.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f126a84d169 code=0x7ffc0000
[  163.822250][   T29] audit: type=1326 audit(1744304410.640:4212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14192 comm="syz.9.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f126a84d169 code=0x7ffc0000
[  164.145577][T14219] netlink: 'syz.1.4527': attribute type 10 has an invalid length.
[  164.153764][T14219] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4527'.
[  164.165832][T14221] loop6: detected capacity change from 0 to 512
[  164.165845][T14219] dummy0: entered promiscuous mode
[  164.185969][T14219] bridge0: port 1(dummy0) entered blocking state
[  164.186976][ T7467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.192380][T14219] bridge0: port 1(dummy0) entered disabled state
[  164.209863][T14221] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  164.210658][T14219] dummy0: entered allmulticast mode
[  164.224174][T14221] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  164.232621][T14221] EXT4-fs error (device loop6): ext4_iget_extra_inode:4692: inode #15: comm syz.6.4529: corrupted in-inode xattr: e_value size too large
[  164.238168][T14219] bridge0: port 1(dummy0) entered blocking state
[  164.253032][T14219] bridge0: port 1(dummy0) entered forwarding state
[  164.253198][T14223] loop9: detected capacity change from 0 to 2048
[  164.269281][T14221] EXT4-fs error (device loop6): ext4_orphan_get:1395: comm syz.6.4529: couldn't read orphan inode 15 (err -117)
[  164.290590][T14221] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.308196][T14223] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.338531][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.375908][T14237] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  164.389504][T14239] loop6: detected capacity change from 0 to 512
[  164.410186][T14239] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.457093][T14239] ext4 filesystem being mounted at /602/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.512757][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.528551][T14251] atomic_op ffff8881212e4128 conn xmit_atomic 0000000000000000
[  164.601567][T14257] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14257 comm=syz.1.4543
[  164.614257][T14257] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14257 comm=syz.1.4543
[  165.050717][T14276] loop1: detected capacity change from 0 to 512
[  165.058036][T14276] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  165.074434][T14276] EXT4-fs (loop1): 1 truncate cleaned up
[  165.080905][T14276] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.375407][T13411] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.501323][T14298] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4560'.
[  165.510783][T14293] Falling back ldisc for ttyS3.
[  165.552392][T14301] loop6: detected capacity change from 0 to 4096
[  165.571362][T14301] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.861328][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.041440][T14330] loop0: detected capacity change from 0 to 128
[  166.111954][T14337] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4579'.
[  166.134491][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.166521][T14341] netlink: 332 bytes leftover after parsing attributes in process `syz.1.4580'.
[  166.195216][T14343] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4582'.
[  166.204381][T14343] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4582'.
[  166.314141][T14357] loop9: detected capacity change from 0 to 128
[  166.359591][T14364] ALSA: seq fatal error: cannot create timer (-22)
[  166.648851][T14386] loop8: detected capacity change from 0 to 128
[  166.660421][T14388] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4602'.
[  166.746349][T14395] geneve0: entered allmulticast mode
[  166.906213][T14412] loop6: detected capacity change from 0 to 128
[  166.942297][T14416] loop8: detected capacity change from 0 to 512
[  166.982041][T14416] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.999100][T14422] netlink: 'syz.6.4619': attribute type 3 has an invalid length.
[  167.051114][T14416] ext4 filesystem being mounted at /592/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.126730][T14431] netlink: 132 bytes leftover after parsing attributes in process `syz.6.4623'.
[  167.194541][T14436] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4625'.
[  167.203691][T14436] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4625'.
[  167.236491][ T7467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.249799][T14436] IPv6: sit1: Disabled Multicast RS
[  167.261375][T14436] sit1: entered allmulticast mode
[  167.278811][T14439] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4628'.
[  167.288624][T14436] loop0: detected capacity change from 0 to 512
[  167.302040][T14436] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  167.340092][T14436] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.368977][T14436] ext4 filesystem being mounted at /987/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.396354][T14436] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4625: bg 0: block 304: padding at end of block bitmap is not set
[  167.446016][T14436] EXT4-fs (loop0): Remounting filesystem read-only
[  167.560721][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.711794][T14471] netlink: 'syz.0.4640': attribute type 3 has an invalid length.
[  167.731487][T14449] loop8: detected capacity change from 0 to 512
[  167.750462][T14449] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.764608][T14449] ext4 filesystem being mounted at /594/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  167.826791][T14484] netlink: 'syz.0.4645': attribute type 3 has an invalid length.
[  167.882901][ T7467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.983040][T14486] loop0: detected capacity change from 0 to 8192
[  168.007617][T14486] syz.0.4647: attempt to access beyond end of device
[  168.007617][T14486] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  168.021112][T14486] Buffer I/O error on dev loop0, logical block 57847, async page read
[  168.210770][T14501] loop1: detected capacity change from 0 to 2048
[  168.266045][T14501] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.484867][T14524] serio: Serial port ptm0
[  168.521264][   T29] kauditd_printk_skb: 135 callbacks suppressed
[  168.521278][   T29] audit: type=1400 audit(1744304415.510:4346): avc:  denied  { read } for  pid=14526 comm="syz.8.4663" path="socket:[40755]" dev="sockfs" ino=40755 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  168.624788][   T29] audit: type=1400 audit(1744304415.610:4347): avc:  denied  { accept } for  pid=14533 comm="syz.8.4665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  168.720483][T14545] serio: Serial port ptm0
[  168.849683][T14555] loop6: detected capacity change from 0 to 512
[  168.889199][   T29] audit: type=1400 audit(1744304415.880:4348): avc:  denied  { setcurrent } for  pid=14556 comm="syz.9.4675" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  168.909090][   T29] audit: type=1401 audit(1744304415.880:4349): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  168.950357][T14561] loop8: detected capacity change from 0 to 512
[  168.961131][T14555] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.978348][T14555] ext4 filesystem being mounted at /629/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.994474][T14561] EXT4-fs error (device loop8): ext4_orphan_get:1416: comm syz.8.4676: bad orphan inode 15
[  169.008614][T14561] ext4_test_bit(bit=14, block=5) = 0
[  169.014244][T14561] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.109445][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.126886][   T29] audit: type=1400 audit(1744304416.100:4350): avc:  denied  { remount } for  pid=14560 comm="syz.8.4676" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  169.167882][ T7467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.281371][   T29] audit: type=1326 audit(1744304416.270:4351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14576 comm="syz.8.4684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91aa7fd169 code=0x7ffc0000
[  169.305112][   T29] audit: type=1326 audit(1744304416.270:4352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14576 comm="syz.8.4684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91aa7fd169 code=0x7ffc0000
[  169.328738][   T29] audit: type=1326 audit(1744304416.270:4353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14576 comm="syz.8.4684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91aa7fd169 code=0x7ffc0000
[  169.352340][   T29] audit: type=1326 audit(1744304416.270:4354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14576 comm="syz.8.4684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91aa7fd169 code=0x7ffc0000
[  169.375936][   T29] audit: type=1326 audit(1744304416.270:4355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14576 comm="syz.8.4684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91aa7fd169 code=0x7ffc0000
[  169.415458][T14575] batadv0 speed is unknown, defaulting to 1000
[  169.500799][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.519049][T14592] loop9: detected capacity change from 0 to 128
[  169.619404][T14610] loop9: detected capacity change from 0 to 256
[  169.657175][T14610] FAT-fs (loop9): bogus number of FAT sectors
[  169.663309][T14610] FAT-fs (loop9): Can't find a valid FAT filesystem
[  169.745727][T14620] loop6: detected capacity change from 0 to 2048
[  169.765341][T14620] EXT4-fs: Ignoring removed nobh option
[  169.819703][T14620] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.902124][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.148891][T14663] 
: renamed from bond0 (while UP)
[  170.303417][T14684] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  170.306096][T14683] loop1: detected capacity change from 0 to 512
[  170.321385][T14683] EXT4-fs error (device loop1): ext4_iget_extra_inode:4692: inode #15: comm syz.1.4724: corrupted in-inode xattr: invalid ea_ino
[  170.335223][T14684] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  170.336386][T14683] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.4724: couldn't read orphan inode 15 (err -117)
[  170.365293][T14683] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.420248][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.504902][T14701] loop9: detected capacity change from 0 to 512
[  170.566746][T14701] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.594754][T14701] ext4 filesystem being mounted at /110/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  170.665615][T14711] 9pnet_fd: Insufficient options for proto=fd
[  170.711026][T13411] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.755743][T14716] loop8: detected capacity change from 0 to 256
[  170.758387][T14718] loop6: detected capacity change from 0 to 512
[  170.778283][T14720] loop9: detected capacity change from 0 to 512
[  170.785008][T14716] FAT-fs (loop8): bogus number of FAT sectors
[  170.791198][T14716] FAT-fs (loop8): Can't find a valid FAT filesystem
[  170.801027][T14718] EXT4-fs error (device loop6): ext4_iget_extra_inode:4692: inode #15: comm syz.6.4740: corrupted in-inode xattr: invalid ea_ino
[  170.823723][T14720] EXT4-fs error (device loop9): ext4_iget_extra_inode:4692: inode #15: comm syz.9.4738: corrupted in-inode xattr: invalid ea_ino
[  170.860209][T14718] EXT4-fs error (device loop6): ext4_orphan_get:1395: comm syz.6.4740: couldn't read orphan inode 15 (err -117)
[  170.872516][T14720] EXT4-fs error (device loop9): ext4_orphan_get:1395: comm syz.9.4738: couldn't read orphan inode 15 (err -117)
[  170.888695][T14720] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.903517][T14718] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.932175][T14718] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  170.942697][T14731] __nla_validate_parse: 4 callbacks suppressed
[  170.942715][T14731] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4744'.
[  170.960234][T13411] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.024328][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.109967][T14743] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4750'.
[  171.237279][T14756] loop8: detected capacity change from 0 to 2048
[  171.244497][T14756] EXT4-fs: Ignoring removed nobh option
[  171.264404][T14756] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.293033][T14763] loop1: detected capacity change from 0 to 128
[  171.306870][T14763] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  171.341860][ T7467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.356712][T14763] ext4 filesystem being mounted at /932/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.387003][T14768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.399249][T14768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.435446][T14772] loop6: detected capacity change from 0 to 512
[  171.442450][T14772] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  171.464901][T14772] EXT4-fs (loop6): 1 truncate cleaned up
[  171.471575][T14772] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.506550][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.575983][T14779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=14779 comm=syz.6.4763
[  171.588830][T14779] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4763'.
[  172.135497][ T3302] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  172.396178][T14792] loop6: detected capacity change from 0 to 2048
[  172.445389][T14792] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.497093][T14807] random: crng reseeded on system resumption
[  172.936363][T14831] ipip0: entered promiscuous mode
[  172.993291][T14839] ALSA: seq fatal error: cannot create timer (-22)
[  173.278035][T14868] 9pnet: p9_errstr2errno: server reported unknown error �aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  173.337527][T14871] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4805'.
[  173.403696][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.551598][T14896] loop8: detected capacity change from 0 to 1024
[  173.551839][T14896] EXT4-fs: Ignoring removed bh option
[  173.551921][T14896] EXT4-fs: inline encryption not supported
[  173.551939][T14896] EXT4-fs: Ignoring removed i_version option
[  173.576486][T14896] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  173.591301][T14896] EXT4-fs error (device loop8): ext4_map_blocks:674: inode #3: block 2: comm syz.8.4816: lblock 2 mapped to illegal pblock 2 (length 1)
[  173.606182][T14896] __quota_error: 142 callbacks suppressed
[  173.606273][T14896] Quota error (device loop8): qtree_write_dquot: dquota write failed
[  173.606296][T14896] EXT4-fs error (device loop8): ext4_map_blocks:674: inode #3: block 48: comm syz.8.4816: lblock 0 mapped to illegal pblock 48 (length 1)
[  173.607232][T14896] Quota error (device loop8): v2_write_file_info: Can't write info structure
[  173.607284][T14896] EXT4-fs error (device loop8): ext4_acquire_dquot:6935: comm syz.8.4816: Failed to acquire dquot type 0
[  173.607452][T14896] EXT4-fs error (device loop8) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  173.607544][T14896] EXT4-fs error (device loop8): ext4_evict_inode:259: inode #11: comm syz.8.4816: mark_inode_dirty error
[  173.607660][T14896] EXT4-fs warning (device loop8): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  173.607700][T14896] EXT4-fs (loop8): 1 orphan inode deleted
[  173.608074][T14896] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.630046][ T5597] EXT4-fs error (device loop8): ext4_map_blocks:674: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  173.763315][ T5597] Quota error (device loop8): remove_tree: Can't read quota data block 1
[  173.771841][ T5597] EXT4-fs error (device loop8): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 0
[  173.787616][T14896] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.797681][T14896] EXT4-fs error (device loop8): __ext4_get_inode_loc:4449: comm syz.8.4816: Invalid inode table block 1 in block_group 0
[  173.820166][T14896] EXT4-fs error (device loop8) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  173.835870][T14896] EXT4-fs error (device loop8): ext4_quota_off:7219: inode #3: comm syz.8.4816: mark_inode_dirty error
[  173.876050][T14921] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4827'.
[  173.916407][T14925] netlink: 'syz.9.4829': attribute type 13 has an invalid length.
[  173.924354][T14925] netlink: 152 bytes leftover after parsing attributes in process `syz.9.4829'.
[  173.926842][   T29] audit: type=1400 audit(1744304420.910:4498): avc:  denied  { write } for  pid=14926 comm="syz.0.4830" name="file0" dev="tmpfs" ino=5260 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  173.956078][   T29] audit: type=1400 audit(1744304420.910:4499): avc:  denied  { open } for  pid=14926 comm="syz.0.4830" path="/1016/file0" dev="tmpfs" ino=5260 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  173.979204][   T29] audit: type=1400 audit(1744304420.910:4500): avc:  denied  { ioctl } for  pid=14926 comm="syz.0.4830" path="/1016/file0" dev="tmpfs" ino=5260 ioctlcmd=0x70c8 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  174.006716][T14925] erspan0: refused to change device tx_queue_len
[  174.013838][T14925] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  174.035441][T14929] loop8: detected capacity change from 0 to 1024
[  174.037421][T14931] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  174.051882][T14931] vhci_hcd: default hub control req: 6011 v8001 i0001 l0
[  174.056835][T14933] loop6: detected capacity change from 0 to 1024
[  174.066331][T14929] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.096590][   T29] audit: type=1400 audit(1744304421.080:4501): avc:  denied  { ioctl } for  pid=14928 comm="syz.8.4831" path="/649/file1/file1" dev="loop8" ino=15 ioctlcmd=0x6611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  174.124431][T14933] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.160147][T14933] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 88: padding at end of block bitmap is not set
[  174.176250][   T29] audit: type=1400 audit(1744304421.150:4502): avc:  denied  { link } for  pid=14932 comm="+}[@" name="file0" dev="loop6" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  174.179079][T14929] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.235889][ T7171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.349398][T14963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  174.379374][T14963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  174.528280][T14978] netlink: 48 bytes leftover after parsing attributes in process `syz.9.4851'.
[  174.632534][T14988] 9pnet: p9_errstr2errno: server reported unknown error �aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  174.673757][T14994] sd 0:0:1:0: device reset
[  174.701677][T15000] syz_tun: entered allmulticast mode
[  174.714340][T15000] syz_tun: left allmulticast mode
[  174.756507][T15005] loop8: detected capacity change from 0 to 256
[  174.766117][T15007] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  174.800915][T15009] loop8: detected capacity change from 0 to 2048
[  174.825699][T15009] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.910989][T15020] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4870'.
[  174.982810][T15026] 9pnet: p9_errstr2errno: server reported unknown error �aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  175.031199][T15030] sd 0:0:1:0: device reset
[  175.101126][   T29] audit: type=1400 audit(1744304422.090:4503): avc:  denied  { create } for  pid=15039 comm="syz.9.4880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  175.136007][   T29] audit: type=1400 audit(1744304422.110:4504): avc:  denied  { write } for  pid=15039 comm="syz.9.4880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  175.203576][T15047] loop0: detected capacity change from 0 to 1024
[  175.211035][T15047] EXT4-fs: Ignoring removed bh option
[  175.232889][T15047] EXT4-fs: inline encryption not supported
[  175.238827][T15047] EXT4-fs: Ignoring removed i_version option
[  175.246196][T15047] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  175.277639][T15047] EXT4-fs error (device loop0): ext4_map_blocks:674: inode #3: block 2: comm syz.0.4883: lblock 2 mapped to illegal pblock 2 (length 1)
[  175.309021][T15047] EXT4-fs error (device loop0): ext4_map_blocks:674: inode #3: block 48: comm syz.0.4883: lblock 0 mapped to illegal pblock 48 (length 1)
[  175.329730][T15047] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4883: Failed to acquire dquot type 0
[  175.341608][T13853] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  175.360520][T15047] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  175.370544][T15047] EXT4-fs error (device loop0): ext4_evict_inode:259: inode #11: comm syz.0.4883: mark_inode_dirty error
[  175.386678][T15047] EXT4-fs warning (device loop0): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  175.397958][T15047] EXT4-fs (loop0): 1 orphan inode deleted
[  175.404269][T15047] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.423071][   T51] EXT4-fs error (device loop0): ext4_map_blocks:674: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  175.438720][   T51] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 0
[  175.451065][T15047] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.462626][T15047] EXT4-fs error (device loop0): __ext4_get_inode_loc:4449: comm syz.0.4883: Invalid inode table block 1 in block_group 0
[  175.475483][T15047] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  175.487369][T15047] EXT4-fs error (device loop0): ext4_quota_off:7219: inode #3: comm syz.0.4883: mark_inode_dirty error
[  175.520716][T15061] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15061 comm=syz.9.4890
[  175.533317][T15061] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15061 comm=syz.9.4890
[  175.554144][T15065] 9pnet: p9_errstr2errno: server reported unknown error �aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  175.558346][T15063] loop1: detected capacity change from 0 to 2048
[  175.598716][T15063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.879372][T15090] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  176.052989][T15102] loop1: detected capacity change from 0 to 2048
[  176.100558][T15107] netlink: 'syz.6.4909': attribute type 10 has an invalid length.
[  176.129061][T15107] team0: Device hsr_slave_0 failed to register rx_handler
[  176.186112][T15108] SELinux: failed to load policy
[  176.693887][T15140] loop6: detected capacity change from 0 to 128
[  176.814557][T15140] ext4 filesystem being mounted at /662/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  176.871418][T15157] ALSA: seq fatal error: cannot create timer (-22)
[  176.949397][T15164] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4936'.
[  177.105672][T15183] 9pnet: p9_errstr2errno: server reported unknown error �@�L��	O�!��L�:(�^[[Z@
[  177.134680][T15185] IPVS: Error connecting to the multicast addr
[  177.210993][T15198] loop1: detected capacity change from 0 to 1024
[  177.217886][T15198] EXT4-fs: Ignoring removed i_version option
[  177.224316][T15198] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  177.265645][T15202] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4952'.
[  177.293456][T15204] loop1: detected capacity change from 0 to 512
[  177.319226][T15204] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  177.334418][T15204] EXT4-fs (loop1): mount failed
[  177.444558][T15226] loop9: detected capacity change from 0 to 512
[  177.453483][T15226] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  177.462754][T15226] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  177.474139][T15226] EXT4-fs (loop9): warning: mounting unchecked fs, running e2fsck is recommended
[  177.483632][T15226] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  177.494879][T15226] System zones: 0-2, 18-18, 34-35
[  177.659810][T15250] loop1: detected capacity change from 0 to 512
[  177.678172][T15250] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  177.696259][T15250] EXT4-fs (loop1): mount failed
[  177.771485][T15260] loop9: detected capacity change from 0 to 8192
[  177.862354][T15275] ALSA: seq fatal error: cannot create timer (-22)
[  177.866591][T15276] loop0: detected capacity change from 0 to 256
[  177.876055][T15276] FAT-fs (loop0): Directory bread(block 1285) failed
[  177.884729][T15276] FAT-fs (loop0): Directory bread(block 1285) failed
[  177.894216][T15276] FAT-fs (loop0): Directory bread(block 1285) failed
[  177.901363][T15276] FAT-fs (loop0): Directory bread(block 1285) failed
[  177.912848][T15276] FAT-fs (loop0): Directory bread(block 1285) failed
[  177.920381][T15276] FAT-fs (loop0): Directory bread(block 1285) failed
[  177.930076][T15276] FAT-fs (loop0): Directory bread(block 1285) failed
[  177.941017][T15276] FAT-fs (loop0): Directory bread(block 1285) failed
[  177.952076][T15276] FAT-fs (loop0): Directory bread(block 1285) failed
[  177.959254][T15276] FAT-fs (loop0): Directory bread(block 1285) failed
[  177.980165][T15284] loop9: detected capacity change from 0 to 1024
[  177.989220][T15284] EXT4-fs: Ignoring removed nobh option
[  177.994890][T15284] EXT4-fs: Ignoring removed bh option
[  178.044914][T15290] loop6: detected capacity change from 0 to 512
[  178.051424][T15284] loop9: detected capacity change from 1024 to 64
[  178.068049][T15290] EXT4-fs warning (device loop6): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  178.083652][T13411] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 16: comm syz-executor: path /186/file1: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=33619980, rec_len=46, size=1024 fake=0
[  178.099769][T15290] EXT4-fs (loop6): mount failed
[  178.112913][T15296] xt_hashlimit: max too large, truncated to 1048576
[  178.160183][T15285] kmmpd-loop9: attempt to access beyond end of device
[  178.160183][T15285] loop9: rw=14337, sector=128, nr_sectors = 2 limit=64
[  178.173721][T15285] Buffer I/O error on dev loop9, logical block 64, lost sync page write
[  178.189249][T15304] 9pnet: p9_errstr2errno: server reported unknown error �@�L��	O�!��L�:(�^[[Z@
[  178.246566][T15311] loop6: detected capacity change from 0 to 128
[  178.253948][T15308] ALSA: seq fatal error: cannot create timer (-22)
[  178.262787][T15311] ext4 filesystem being mounted at /670/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  178.299139][T15314] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4998'.
[  178.309175][T15314] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  178.316439][T15314] IPv6: NLM_F_CREATE should be set when creating new route
[  178.401422][T15326] loop6: detected capacity change from 0 to 512
[  178.433887][T15326] ext4 filesystem being mounted at /673/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  178.477376][T15336] 9pnet: p9_errstr2errno: server reported unknown error �@�L��	O�!��L�:(�^[[Z@
[  178.531257][T15332] batadv0 speed is unknown, defaulting to 1000
[  178.582606][T15332] chnl_net:caif_netlink_parms(): no params data found
[  178.617856][T15332] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.625075][T15332] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.632785][T15332] bridge_slave_0: entered allmulticast mode
[  178.639407][T15332] bridge_slave_0: entered promiscuous mode
[  178.646134][T15332] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.653260][T15332] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.662593][T15332] bridge_slave_1: entered allmulticast mode
[  178.669225][T15332] bridge_slave_1: entered promiscuous mode
[  178.686793][T15332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  178.697384][T15332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.717142][T15332] team0: Port device team_slave_0 added
[  178.723783][T15332] team0: Port device team_slave_1 added
[  178.740299][T15332] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.747276][T15332] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.773265][T15332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  178.784719][T15332] batman_adv: batadv0: Adding interface: batadv_slave_1
[  178.791775][T15332] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.817730][T15332] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  178.845104][T15332] hsr_slave_0: entered promiscuous mode
[  178.851371][T15332] hsr_slave_1: entered promiscuous mode
[  178.857362][T15332] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  178.864916][T15332] Cannot create hsr debugfs directory
[  179.081071][T15332] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  179.089945][T15332] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  179.098870][T15332] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  179.107705][T15332] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  179.123046][T15332] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.130119][T15332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.137436][T15332] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.144481][T15332] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.178374][T15332] 8021q: adding VLAN 0 to HW filter on device bond0
[  179.190896][T15332] 8021q: adding VLAN 0 to HW filter on device team0
[  179.200445][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.208503][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.223179][ T5597] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.230269][ T5597] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.240989][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.248065][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.310604][T15332] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.368933][T15332] veth0_vlan: entered promiscuous mode
[  179.377363][T15332] veth1_vlan: entered promiscuous mode
[  179.394411][T15332] veth0_macvtap: entered promiscuous mode
[  179.402658][T15332] veth1_macvtap: entered promiscuous mode
[  179.414172][T15332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  179.424698][T15332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.434561][T15332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  179.445017][T15332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.454841][T15332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  179.465339][T15332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.475227][T15332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  179.485685][T15332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.496771][T15332] batman_adv: batadv0: Interface activated: batadv_slave_0
[  179.507136][T15332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  179.517604][T15332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.527495][T15332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  179.537990][T15332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.547837][T15332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  179.558274][T15332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.568158][T15332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  179.578666][T15332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.589587][T15332] batman_adv: batadv0: Interface activated: batadv_slave_1
[  179.598358][T15332] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  179.607116][T15332] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  179.616019][T15332] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  179.624793][T15332] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  179.730396][T15375] loop3: detected capacity change from 0 to 2048
[  179.745099][   T29] kauditd_printk_skb: 45 callbacks suppressed
[  179.745116][   T29] audit: type=1400 audit(1744304426.730:4544): avc:  granted  { setsecparam } for  pid=15380 comm="syz.8.5017" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  179.894428][T15400] loop1: detected capacity change from 0 to 512
[  179.901544][T15395] loop6: detected capacity change from 0 to 128
[  179.931844][T15400] ext4 filesystem being mounted at /986/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  180.063305][   T29] audit: type=1326 audit(1744304427.050:4545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15416 comm="syz.6.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  180.087021][   T29] audit: type=1326 audit(1744304427.050:4546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15416 comm="syz.6.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  180.110637][   T29] audit: type=1326 audit(1744304427.050:4547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15416 comm="syz.6.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  180.135961][   T29] audit: type=1326 audit(1744304427.050:4548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15416 comm="syz.6.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  180.159668][   T29] audit: type=1326 audit(1744304427.050:4549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15416 comm="syz.6.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  180.183232][   T29] audit: type=1326 audit(1744304427.050:4550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15416 comm="syz.6.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  180.206954][   T29] audit: type=1326 audit(1744304427.050:4551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15416 comm="syz.6.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  180.230513][   T29] audit: type=1326 audit(1744304427.050:4552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15416 comm="syz.6.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  180.254100][   T29] audit: type=1326 audit(1744304427.050:4553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15416 comm="syz.6.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  180.343256][T15427] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5039'.
[  180.423051][T15435] loop8: detected capacity change from 0 to 512
[  180.444882][T15435] ext4 filesystem being mounted at /690/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  180.493938][T15441] netlink: 24 bytes leftover after parsing attributes in process `syz.8.5044'.
[  180.902061][T15481] batman_adv: batadv0: Adding interface: ip6gretap1
[  180.908908][T15481] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.941567][T15481] batman_adv: batadv0: Interface activated: ip6gretap1
[  181.193987][T15538] loop6: detected capacity change from 0 to 2048
[  181.275802][T15538]  loop6: p2 p3 p7
[  181.391136][T15553] loop6: detected capacity change from 0 to 164
[  181.424483][T15553] syz.6.5070: attempt to access beyond end of device
[  181.424483][T15553] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  181.449156][T15553] syz.6.5070: attempt to access beyond end of device
[  181.449156][T15553] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  181.966223][T15594] loop8: detected capacity change from 0 to 512
[  181.997572][T15593] SELinux: failed to load policy
[  182.017738][T15594] ext4 filesystem being mounted at /697/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.039856][T15607] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5091'.
[  182.123306][T15616] policy can only be matched on NF_INET_PRE_ROUTING
[  182.123323][T15616] unable to load match
[  182.182254][T15628] random: crng reseeded on system resumption
[  182.256895][T15632] loop3: detected capacity change from 0 to 164
[  182.267479][T15632] syz.3.5104: attempt to access beyond end of device
[  182.267479][T15632] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  182.294452][T15632] syz.3.5104: attempt to access beyond end of device
[  182.294452][T15632] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  182.400617][T15639] loop1: detected capacity change from 0 to 1024
[  182.412769][T15643] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5107'.
[  182.442234][T15645] loop0: detected capacity change from 0 to 1024
[  182.449381][T15645] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  182.460330][T15645] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  182.477032][T15645] JBD2: no valid journal superblock found
[  182.482871][T15645] EXT4-fs (loop0): Could not load journal inode
[  182.542283][T15645] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  182.582783][T15657] loop3: detected capacity change from 0 to 1764
[  182.661449][T15663] netlink: 'syz.1.5118': attribute type 1 has an invalid length.
[  182.689423][T15663] bond0: (slave wireguard0): The slave device specified does not support setting the MAC address
[  182.700085][T15663] bond0: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  182.724128][T15663] bond0: (slave wireguard0): making interface the new active one
[  182.744328][T15663] bond0: (slave wireguard0): Enslaving as an active interface with an up link
[  182.826495][T15677] loop0: detected capacity change from 0 to 2048
[  182.890939][T15677]  loop0: p2 p3 p7
[  182.968854][T15693] loop1: detected capacity change from 0 to 512
[  182.975720][T15693] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  182.992345][T15693] EXT4-fs (loop1): 1 truncate cleaned up
[  183.092340][T15704] netlink: 36 bytes leftover after parsing attributes in process `syz.6.5136'.
[  183.108021][T15706] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5137'.
[  183.141594][T15710] loop6: detected capacity change from 0 to 1024
[  183.390302][T15731] IPv6: NLM_F_CREATE should be specified when creating new route
[  183.443118][T15739] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  183.531248][T15743] batadv0 speed is unknown, defaulting to 1000
[  183.632536][T15750] loop6: detected capacity change from 0 to 512
[  183.639598][T15750] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  183.653005][T15750] EXT4-fs (loop6): 1 truncate cleaned up
[  183.838269][T15759] loop6: detected capacity change from 0 to 1024
[  183.864466][T15759] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.5158: bg 0: block 260: invalid block bitmap
[  183.920806][T15763] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5159'.
[  183.934515][T15759] EXT4-fs error (device loop6): ext4_free_inode:354: comm syz.6.5158: bit already cleared for inode 15
[  183.973208][T15763] bridge0: port 3(vlan2) entered blocking state
[  183.979601][T15763] bridge0: port 3(vlan2) entered disabled state
[  184.031334][T15763] vlan2: entered allmulticast mode
[  184.059115][T15763] dummy0: entered allmulticast mode
[  184.073908][T15763] vlan2: entered promiscuous mode
[  184.079015][T15763] dummy0: entered promiscuous mode
[  184.182479][T15777] dvmrp5: entered allmulticast mode
[  184.203836][T15780] loop1: detected capacity change from 0 to 512
[  184.210391][T15777] dvmrp5: left allmulticast mode
[  184.222059][T15780] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  184.239170][T15780] EXT4-fs (loop1): 1 truncate cleaned up
[  184.277405][T15785] batadv0 speed is unknown, defaulting to 1000
[  184.343180][T15789] syzkaller0: entered allmulticast mode
[  184.383118][T15793] netlink: 'syz.3.5174': attribute type 1 has an invalid length.
[  184.415053][T15793] bond1: entered promiscuous mode
[  184.420274][T15793] bond1: entered allmulticast mode
[  184.435591][T15793] batadv1: entered promiscuous mode
[  184.441103][T15793] batadv1: entered allmulticast mode
[  184.449924][T15793] 8021q: adding VLAN 0 to HW filter on device batadv1
[  184.459346][T15793] bond1: (slave batadv1): making interface the new active one
[  184.471113][T15793] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  184.605841][T15814] netlink: 'syz.1.5181': attribute type 298 has an invalid length.
[  184.678034][T15821] netem: change failed
[  184.843103][T15833] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5189'.
[  184.985164][T15847] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x3
[  185.045115][T15851] loop1: detected capacity change from 0 to 512
[  185.056935][T15851] EXT4-fs: Ignoring removed nobh option
[  185.065135][T15851] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.5197: invalid indirect mapped block 256 (level 2)
[  185.081380][T15851] EXT4-fs (loop1): 2 truncates cleaned up
[  185.091160][T15851] EXT4-fs error (device loop1): ext4_inlinedir_to_tree:1339: inode #12: block 7: comm syz.1.5197: path /1030/file1/file0: bad entry in directory: rec_len % 4 != 0 - offset=259, inode=4278190093, rec_len=255, size=60 fake=0
[  185.209670][T15867] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.221132][T15867] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  185.279203][   T29] kauditd_printk_skb: 108 callbacks suppressed
[  185.279219][   T29] audit: type=1326 audit(1744304432.270:4662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15870 comm="syz.6.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  185.320365][   T29] audit: type=1326 audit(1744304432.270:4663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15870 comm="syz.6.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  185.344081][   T29] audit: type=1326 audit(1744304432.270:4664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15870 comm="syz.6.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  185.367677][   T29] audit: type=1326 audit(1744304432.270:4665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15870 comm="syz.6.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  185.391223][   T29] audit: type=1326 audit(1744304432.270:4666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15870 comm="syz.6.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  185.415380][   T29] audit: type=1326 audit(1744304432.270:4667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15870 comm="syz.6.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  185.439112][   T29] audit: type=1326 audit(1744304432.270:4668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15870 comm="syz.6.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  185.462758][   T29] audit: type=1326 audit(1744304432.270:4669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15870 comm="syz.6.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  185.486246][   T29] audit: type=1326 audit(1744304432.270:4670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15870 comm="syz.6.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  185.509756][   T29] audit: type=1326 audit(1744304432.270:4671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15870 comm="syz.6.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  185.770670][T15884] SELinux: failed to load policy
[  185.797166][T15886] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15886 comm=syz.3.5213
[  185.809799][T15886] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15886 comm=syz.3.5213
[  185.896566][T15892] loop3: detected capacity change from 0 to 1024
[  185.960217][T15892] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.979455][T15897] loop8: detected capacity change from 0 to 4096
[  186.113297][T15921] smc: net device bond0 applied user defined pnetid SYZ0
[  186.169945][T15925] batadv0 speed is unknown, defaulting to 1000
[  186.177287][T15915] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  186.184263][ T3380] IPVS: starting estimator thread 0...
[  186.215403][T15927] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x3
[  186.261426][T15933] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5232'.
[  186.279808][T15931] IPVS: using max 2400 ests per chain, 120000 per kthread
[  186.316108][T15939] xt_hashlimit: max too large, truncated to 1048576
[  186.434869][T15945] loop3: detected capacity change from 0 to 512
[  186.443394][T15947] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5237'.
[  186.455599][T15945] EXT4-fs: Ignoring removed nobh option
[  186.482844][T15947] bridge0: port 1(vlan2) entered blocking state
[  186.489315][T15947] bridge0: port 1(vlan2) entered disabled state
[  186.499009][T15945] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.5238: invalid indirect mapped block 256 (level 2)
[  186.516835][T15947] vlan2: entered allmulticast mode
[  186.522313][T15947] dummy0: entered allmulticast mode
[  186.527814][T15945] EXT4-fs (loop3): 2 truncates cleaned up
[  186.548883][T15947] vlan2: entered promiscuous mode
[  186.554026][T15947] dummy0: entered promiscuous mode
[  186.573666][T15945] EXT4-fs error (device loop3): ext4_inlinedir_to_tree:1339: inode #12: block 7: comm syz.3.5238: path /48/file1/file0: bad entry in directory: rec_len % 4 != 0 - offset=259, inode=4278190093, rec_len=255, size=60 fake=0
[  186.667684][T15952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5240'.
[  186.852459][T15962] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  186.861291][ T2967] IPVS: starting estimator thread 0...
[  186.916127][T15967] loop3: detected capacity change from 0 to 1024
[  186.951722][T15967] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  186.962788][T15967] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  186.976681][T15965] IPVS: using max 2208 ests per chain, 110400 per kthread
[  186.999164][T15967] JBD2: no valid journal superblock found
[  187.004947][T15967] EXT4-fs (loop3): Could not load journal inode
[  187.060463][T15967] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  187.205508][T15980] loop3: detected capacity change from 0 to 512
[  187.234863][T15980] EXT4-fs (loop3): Couldn't remount RDWR because of unprocessed orphan inode list.  Please umount/remount instead
[  187.252453][T15978] loop0: detected capacity change from 0 to 8192
[  187.264528][T15983] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.294694][T15983] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.464214][T15997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5261'.
[  187.479518][T15997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5261'.
[  187.543906][T16003] xt_hashlimit: max too large, truncated to 1048576
[  187.622009][T16011] SELinux:  policydb version 0 does not match my version range 15-34
[  187.630531][T16011] SELinux: failed to load policy
[  187.710708][T16021] netlink: 'syz.0.5273': attribute type 3 has an invalid length.
[  187.770167][T16028] netlink: 'syz.0.5276': attribute type 21 has an invalid length.
[  187.853056][T16039] veth0_vlan: entered allmulticast mode
[  187.911496][T16041] netlink: 1228 bytes leftover after parsing attributes in process `syz.0.5282'.
[  188.258442][T16065] SELinux:  policydb version 0 does not match my version range 15-34
[  188.266927][T16065] SELinux: failed to load policy
[  188.382841][T16071] loop0: detected capacity change from 0 to 4096
[  188.403359][T16075] netlink: 156 bytes leftover after parsing attributes in process `syz.1.5297'.
[  188.486580][T16080] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5299'.
[  188.509488][T16080] netlink: 18 bytes leftover after parsing attributes in process `syz.3.5299'.
[  188.535114][T16085] serio: Serial port ptm0
[  188.600389][T16091] loop8: detected capacity change from 0 to 2048
[  188.923081][T16120] loop8: detected capacity change from 0 to 1024
[  188.930370][T16120] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  188.941331][T16120] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  188.956063][T16120] JBD2: no valid journal superblock found
[  188.962074][T16120] EXT4-fs (loop8): Could not load journal inode
[  189.113193][T16136] loop8: detected capacity change from 0 to 512
[  189.120180][T16136] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  189.153599][T16136] ext4 filesystem being mounted at /732/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  189.181782][ T2967] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  189.191655][ T2967] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  189.442446][T16179] loop8: detected capacity change from 0 to 2049
[  189.450587][T16179] EXT4-fs warning (device loop8): read_mmp_block:115: Error -117 while reading MMP block 64
[  189.472109][T16185] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  189.602626][T16195] batadv0 speed is unknown, defaulting to 1000
[  189.903447][T16223] 9pnet_fd: Insufficient options for proto=fd
[  190.012366][T16225] loop0: detected capacity change from 0 to 512
[  190.090749][T16225] EXT4-fs error (device loop0): ext4_iget_extra_inode:4692: inode #15: comm syz.0.5361: corrupted in-inode xattr: invalid ea_ino
[  190.120536][T16225] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.5361: couldn't read orphan inode 15 (err -117)
[  190.163373][T16230] loop8: detected capacity change from 0 to 128
[  190.199964][T16230] ext4 filesystem being mounted at /744/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.314903][   T29] kauditd_printk_skb: 224 callbacks suppressed
[  190.314920][   T29] audit: type=1400 audit(1744304437.300:4896): avc:  denied  { read } for  pid=16229 comm="syz.8.5363" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop8" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  190.437666][   T29] audit: type=1400 audit(1744304437.300:4897): avc:  denied  { remove_name } for  pid=16229 comm="syz.8.5363" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop8" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  190.481926][   T29] audit: type=1400 audit(1744304437.300:4898): avc:  denied  { rename } for  pid=16229 comm="syz.8.5363" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop8" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  190.650309][T16250] syz_tun: entered allmulticast mode
[  190.698088][T16249] syz_tun: left allmulticast mode
[  190.747651][T16252] SELinux: failed to load policy
[  190.754532][   T29] audit: type=1326 audit(1744304437.740:4899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16259 comm="syz.6.5378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  190.778142][   T29] audit: type=1326 audit(1744304437.740:4900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16259 comm="syz.6.5378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  190.907917][   T29] audit: type=1326 audit(1744304437.790:4901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16259 comm="syz.6.5378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  190.931638][   T29] audit: type=1326 audit(1744304437.790:4902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16259 comm="syz.6.5378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  190.955197][   T29] audit: type=1326 audit(1744304437.790:4903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16259 comm="syz.6.5378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  190.978730][   T29] audit: type=1326 audit(1744304437.820:4904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16259 comm="syz.6.5378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  191.002266][   T29] audit: type=1326 audit(1744304437.820:4905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16259 comm="syz.6.5378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8f55d169 code=0x7ffc0000
[  191.134957][T16295] netlink: 'syz.1.5395': attribute type 10 has an invalid length.
[  191.142837][T16295] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5395'.
[  191.191179][T16295] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  191.200218][T16295] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  191.209319][T16295] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  191.218304][T16295] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  191.221252][T16300] SELinux: failed to load policy
[  191.261060][T16295] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.269900][T16295] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.278734][T16295] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.287484][T16295] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.323932][T16295] team0: Port device geneve1 added
[  191.370470][T16314] loop6: detected capacity change from 0 to 128
[  191.386749][T16313] sd 0:0:1:0: device reset
[  191.498285][T16326] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5409'.
[  191.560892][T16332] loop0: detected capacity change from 0 to 512
[  191.591566][T16332] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  191.658169][T16332] EXT4-fs (loop0): 1 truncate cleaned up
[  191.676460][T16332] EXT4-fs mount: 56 callbacks suppressed
[  191.676474][T16332] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.819812][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.965565][T16370] loop1: detected capacity change from 0 to 128
[  192.115013][T16378] hub 2-0:1.0: USB hub found
[  192.142900][T16378] hub 2-0:1.0: 8 ports detected
[  192.324574][T16416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5449'.
[  192.345785][T16416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5449'.
[  192.665252][ T3380] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  192.675650][ T3380] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  192.685861][T16436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.696757][T16436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.705690][T16436] hid-generic 0000:0000:0000.0010: pid 16436 passed too large report
[  192.934697][T16454] SELinux: ebitmap: truncated map
[  192.940759][T16454] SELinux: failed to load policy
[  193.075022][T16458] netlink: 87 bytes leftover after parsing attributes in process `syz.1.5468'.
[  193.216102][T16482] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5478'.
[  193.217708][T16483] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5479'.
[  193.225051][T16482] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5478'.
[  193.298263][T16486] loop0: detected capacity change from 0 to 1024
[  193.309363][T16486] journal_path: Lookup failure for './file0'
[  193.315403][T16486] EXT4-fs: error: could not find journal device path
[  193.365020][T16489] Falling back ldisc for ttyS3.
[  193.385522][T16490] batadv0 speed is unknown, defaulting to 1000
[  193.525884][T16504] netem: change failed
[  194.014120][T16521] infiniband syz!: set down
[  194.018784][T16521] infiniband syz!: added team_slave_0
[  194.039768][T16521] RDS/IB: syz!: added
[  194.043850][T16521] smc: adding ib device syz! with port count 1
[  194.050570][T16521] smc:    ib device syz! port 1 has pnetid 
[  194.144031][T16537] serio: Serial port ttyS3
[  194.272298][T16548] ALSA: seq fatal error: cannot create timer (-22)
[  195.321383][   T29] kauditd_printk_skb: 193 callbacks suppressed
[  195.321401][   T29] audit: type=1400 audit(1744304442.310:5099): avc:  denied  { execute } for  pid=16602 comm="syz.3.5532" path="/98/cpu.stat" dev="tmpfs" ino=524 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  195.393747][   T29] audit: type=1326 audit(1744304442.370:5100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16609 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06594ed169 code=0x7ffc0000
[  195.417407][   T29] audit: type=1326 audit(1744304442.370:5101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16609 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06594ed169 code=0x7ffc0000
[  195.440917][   T29] audit: type=1326 audit(1744304442.380:5102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16609 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f06594ed169 code=0x7ffc0000
[  195.465663][T16612] SELinux: ebitmap: truncated map
[  195.465895][T16612] SELinux: failed to load policy
[  195.567100][T16616] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5538'.
[  195.590039][   T29] audit: type=1326 audit(1744304442.380:5103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16609 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06594ed169 code=0x7ffc0000
[  195.613574][   T29] audit: type=1326 audit(1744304442.380:5104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16609 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f06594ed169 code=0x7ffc0000
[  195.637253][   T29] audit: type=1326 audit(1744304442.380:5105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16609 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06594ed169 code=0x7ffc0000
[  195.660791][   T29] audit: type=1326 audit(1744304442.380:5106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16609 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06594ed169 code=0x7ffc0000
[  195.684419][   T29] audit: type=1326 audit(1744304442.380:5107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16609 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f06594ed169 code=0x7ffc0000
[  195.693100][T16618] SELinux: failed to load policy
[  195.707933][   T29] audit: type=1326 audit(1744304442.470:5108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16609 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06594ed169 code=0x7ffc0000
[  195.714488][T16616] erspan0: entered promiscuous mode
[  195.763096][T16616] macvtap1: entered promiscuous mode
[  195.766726][   T12] unregister_netdevice: waiting for batadv0 to become free. Usage count = 3
[  195.768557][T16616] macvtap1: entered allmulticast mode
[  195.782551][T16616] erspan0: entered allmulticast mode
[  195.858511][T16624] erspan0: left allmulticast mode
[  195.863702][T16624] erspan0: left promiscuous mode
[  195.898798][T16630] loop3: detected capacity change from 0 to 8192
[  195.910679][T16630] syz.3.5543: attempt to access beyond end of device
[  195.910679][T16630] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  195.929620][T16630] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  195.937497][T16630] FAT-fs (loop3): Filesystem has been set read-only
[  195.944397][T16630] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  195.968547][T16630] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  196.083436][T16647] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  196.099833][T16645] loop8: detected capacity change from 0 to 512
[  196.146678][T16645] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  196.196987][T16645] EXT4-fs (loop8): 1 truncate cleaned up
[  196.203261][T16645] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.559397][ T7467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.593389][T16683] netlink: 596 bytes leftover after parsing attributes in process `syz.0.5565'.
[  196.773988][T16701] loop8: detected capacity change from 0 to 512
[  196.790766][T16701] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  196.803667][T16704] xt_hashlimit: size too large, truncated to 1048576
[  196.826496][T16701] EXT4-fs (loop8): 1 truncate cleaned up
[  196.832763][T16701] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.846220][T16701] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.995458][T16716] netlink: 'syz.8.5580': attribute type 1 has an invalid length.
[  197.169863][T16727] netlink: 532 bytes leftover after parsing attributes in process `syz.0.5585'.
[  197.224866][T16731] netlink: 'syz.1.5586': attribute type 1 has an invalid length.
[  197.232817][T16731] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5586'.
[  197.306065][T16733] loop1: detected capacity change from 0 to 8192
[  197.628853][T16760] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  197.636577][T16760] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  197.843353][T16780] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  197.855939][T16778] pim6reg1: entered promiscuous mode
[  197.861398][T16778] pim6reg1: entered allmulticast mode
[  197.898053][    T2] ==================================================================
[  197.906167][    T2] BUG: KCSAN: data-race in copy_process / free_pid
[  197.912699][    T2] 
[  197.915029][    T2] read-write to 0xffffffff86861058 of 4 bytes by task 3307 on cpu 0:
[  197.923096][    T2]  free_pid+0x7e/0x180
[  197.927188][    T2]  free_pids+0x54/0xb0
[  197.931259][    T2]  release_task+0xa32/0xba0
[  197.935784][    T2]  wait_consider_task+0x117a/0x16a0
[  197.941017][    T2]  __do_wait+0x108/0x520
[  197.945279][    T2]  do_wait+0xb9/0x270
[  197.949272][    T2]  kernel_wait4+0x147/0x1d0
[  197.953797][    T2]  __x64_sys_wait4+0x99/0x120
[  197.958496][    T2]  x64_sys_call+0x25f3/0x2e10
[  197.963192][    T2]  do_syscall_64+0xc9/0x1c0
[  197.967715][    T2]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.973621][    T2] 
[  197.975946][    T2] read to 0xffffffff86861058 of 4 bytes by task 2 on cpu 1:
[  197.983235][    T2]  copy_process+0x1754/0x1f60
[  197.987925][    T2]  kernel_clone+0x168/0x5d0
[  197.992436][    T2]  kernel_thread+0xbf/0xf0
[  197.996864][    T2]  kthreadd+0x29f/0x370
[  198.001027][    T2]  ret_from_fork+0x4b/0x60
[  198.005451][    T2]  ret_from_fork_asm+0x1a/0x30
[  198.010225][    T2] 
[  198.012546][    T2] value changed: 0x80000126 -> 0x80000125
[  198.018261][    T2] 
[  198.020582][    T2] Reported by Kernel Concurrency Sanitizer on:
[  198.026734][    T2] CPU: 1 UID: 0 PID: 2 Comm: kthreadd Tainted: G        W           6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[  198.040283][    T2] Tainted: [W]=WARN
[  198.044081][    T2] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  198.054136][    T2] ==================================================================