last executing test programs:

2m22.033574283s ago: executing program 32 (id=45):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r3 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000009c0)="010000000037a788a11d1f000000000000006923c63a4541062101b60a2156566de77062086575a59ea9cb", 0x2b, r3)

1m25.789641369s ago: executing program 33 (id=1391):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@remote, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x2}, {@in6=@mcast2, 0x4d4, 0x6c}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0xe, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc, 0x7}, 0x70bd2a, 0x3504, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000018"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

44.989720034s ago: executing program 34 (id=2367):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x181800, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x80)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x3c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {}, {}, {0xd, 0x1}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x4}}, @TCA_RATE={0x6, 0x5, {0x4, 0x7}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000)

41.114156833s ago: executing program 5 (id=2441):
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r3=>0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000001480)={0x1, &(0x7f0000000640)=[{0x6, 0x0, 0x3}]}, 0x10)
io_submit(r3, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r2, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])

41.011163153s ago: executing program 5 (id=2445):
r0 = socket(0x1d, 0x2, 0x6)
r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x6a, 0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r2, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f00000007c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c050}, 0x1)

40.679592587s ago: executing program 6 (id=2453):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = getpid()
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
process_mrelease(0xffffffffffffffff, 0x700000000000000)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

40.466837388s ago: executing program 35 (id=2454):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000c00)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

40.459447189s ago: executing program 6 (id=2456):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000027c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x2d, 0x20040040)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
ppoll(&(0x7f00000000c0)=[{r1, 0x10a}, {r1, 0x212bdb8c3662ab0c}], 0x2, 0x0, 0x0, 0x0)
close(0x3)

40.368116518s ago: executing program 6 (id=2458):
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x40000000015, 0x5, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90224fc602f0000000a0c0100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

40.215631853s ago: executing program 6 (id=2459):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@errors_remount}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x42, 0x1fe)
writev(r0, &(0x7f00000008c0)=[{&(0x7f0000000380)="2c3b6227da92ba7ecf8c600f1b7bfffbeccc6d9c189da8cff2882d49468b7483a49e411f5ee389f9609d74c158fd4bb2d63087bee9be4b492ab7d9d541f79c1dbf", 0x41}], 0x1)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f283e6d60200000000000000000000000100", [0x208]})
io_setup(0x1, &(0x7f00000004c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000280)={0xffffff7f00000000, 0x1f00, 0x0, 0x1, 0x0, r3, &(0x7f0000000140)='i', 0x1001, 0x8b}])

40.109828794s ago: executing program 5 (id=2460):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES32, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x145c7e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
io_setup(0x5ff, &(0x7f0000000400)=<r2=>0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
io_submit(r2, 0x1ffffff0, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000)="96", 0xffffff20}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r0, 0x0, 0x0, 0xffffffffffffffff}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

39.932758022s ago: executing program 5 (id=2462):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2169802, 0x0, 0x0, 0x0, &(0x7f00000003c0))
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x12c5008, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x500, 0x40)
open_tree(r0, &(0x7f0000000300)='\x00', 0x89901)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

39.888020526s ago: executing program 5 (id=2463):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)

39.580910647s ago: executing program 6 (id=2469):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x1, 0x1)
fchdir(r4)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

39.390927456s ago: executing program 5 (id=2475):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r3 = accept4(r1, 0x0, 0x0, 0x0)
sendto(r3, &(0x7f0000000000)="00c881d76049ac562e4e5094890b55e5ea113389145c57e7b3479bf3f2cf8ac5d94a71e37b8bc9f4e71c8b097042535f04d39b07b6e29be0a2734c7332f8", 0x3e, 0x0, 0x0, 0x0)
recvfrom(r2, &(0x7f00000001c0)=""/62, 0x3e, 0x10120, 0x0, 0x0)

39.341975001s ago: executing program 36 (id=2475):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r3 = accept4(r1, 0x0, 0x0, 0x0)
sendto(r3, &(0x7f0000000000)="00c881d76049ac562e4e5094890b55e5ea113389145c57e7b3479bf3f2cf8ac5d94a71e37b8bc9f4e71c8b097042535f04d39b07b6e29be0a2734c7332f8", 0x3e, 0x0, 0x0, 0x0)
recvfrom(r2, &(0x7f00000001c0)=""/62, 0x3e, 0x10120, 0x0, 0x0)

38.984372157s ago: executing program 6 (id=2480):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xffffffff, 0x3, 0x1cc0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$pokeuser(0x6, r3, 0x388, 0x41d9fda7)

38.965128289s ago: executing program 37 (id=2480):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xffffffff, 0x3, 0x1cc0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$pokeuser(0x6, r3, 0x388, 0x41d9fda7)

25.886606431s ago: executing program 9 (id=2789):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@ccm_128={{0x304}, "b39625e03be22ead", "8da0640c9e8f6b81143f1a1a6d81ee2b", "3b0e7088", "e3ffffffffffffff"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@ccm_128={{0x304}, "f64e40992f79ecf0", "53c272d8b763f690b35605dff8a4a8d2", "3da2d199", "72392a24199b5903"}, 0x28)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r0)

25.868774923s ago: executing program 9 (id=2791):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0xffffffffffffff53, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000000000000000000000000bb000000000000000002"], 0xfc}, 0x1, 0x0, 0x0, 0x20004051}, 0xc080)

25.655153815s ago: executing program 9 (id=2796):
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e23, 0xab, @loopback, 0x1}, 0x1c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x92, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_clone(0x80308400, &(0x7f0000000440), 0x0, 0x0, &(0x7f0000000200), &(0x7f00000009c0)="db3a34addb368c988c7e7c1e2deea367981a2d96d0b530d294b9c38a16a4548147f3be5e5b3a446458bec7d77bcdc2c585e337aa49d82e85beabb2e1db7e3913c216a3959541b8b7081b9a8a8af2c29a1243c46d61dcc9b81bdb7d38f31e67287d4431247b77ae415e5d612d0258319e1af64820bd724ce38126a4877dd05c859163")
read$ptp(r0, 0x0, 0x0)

24.802712461s ago: executing program 9 (id=2810):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000640)={[{@nodioread_nolock}, {@nodelalloc}, {@auto_da_alloc}, {@inlinecrypt}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x8}}, {@nodiscard}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x557, &(0x7f0000000fc0)="$eJzs3c+LG1UcAPDvZHf7W9tCKSoiCz1Yqc12d/1RwUM9ihYLeq9hM13KJk3ZZEt3Ldge7MWLFEHEgnjXu8fiP+BfUdBCkbLowUtkspNt2k266TZttubzgSnvZSZ5852Z7+ubvFkSwMiazP4pRLwcEd8kEfsjIsnXjUe+cnJtu9V7V+ayJYlm89O/ktZ2Wb39We337c0rL0XEb19FHCtsbLe+vLJQqlTSxbw+1ahenKovrxw/Xy3Np/PphZlm8+TbszPvvfvOwGJ948w/339y68OTXx9Z/e6XOwdvJHEq9uXrOuN4Alc7K5MxmR+TiTj10IbTA2hsO0mGvQNsyVie5xOR9QH7YyzPeuD/78uIaAIjKpH/MKLa44D2vf2A7oOfG3c/WLsB2hj/+Np3I7GrdW+0ZzV54M4ou989MID2szZ+/fPmjWyJwX0PAbCpq9ci4sT4+Mb+L8n7v6070cc2D7eh/4Nn51Y2/nmz2/insD7+iS7jn71dcncrNs//wp0BNNNTNv57v+v4d33S6sBYXnuhNeabSM6dr6RZ3/ZiRByNiZ1Z/VHzOSdXbzd7resc/2VL1n57LJjvx53xnQ++p1xqlJ4k5k53r0W80nX8m6yf/6TL+c+Ox5k+2zic3nyt17rN43+6mj9FvN71/N+f0Uq6zk/Ozubzk1Ot62GqfVVs9Pf1w7/3an/Y8Wfnf8+j4z+QdM7X1h+/jR93/Zv2WvdA/NH/9b8j+axV3pG/drnUaCxOR+xIPt74+sz997br7e2z+I8eeXT/1+363x0Rn/cZ//VDP7/aV/xDOv/lxzr/j1+4/dEXP/Rqv7/+761W6Wj+Sj/9X787+CTHDgAAAAAAALabQkTsi6RQXC8XCsXi2vMdh2JPoVKrN46dqy1dKMe1fWvPPxTaM937O56HmM6fh23XZx6qz0bEwYj4dmx3q16cq1XKww4eAAAAAAAAAAAAAAAAAAAAtom9Pf7+P/PH2LD3Dnjq/OQ3jK5N838Qv/QEbEv+/4fRJf9hdMl/GF3yH0aX/IfRJf9hdMl/GF3yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbqzOnT2dJcvXdlLquXLy0vLdQuHS+n9YVidWmuOFdbvFicr9XmK2lxrlbd7PMqtdrF6ZlYujzVSOuNqfryytlqbelC4+z5amk+PZtOPJOoAAAAAAAAAAAAAAAAAAAA4PlSX15ZKFUq6aKCwpYK49tjNxQGXBh2zwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9/0XAAD//zWdOco=")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000000)=0x6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000004"], 0x50)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

24.40929883s ago: executing program 9 (id=2816):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
ptrace(0x10, r0)
ptrace$getregs(0xe, r0, 0xffffffffffffdcaf, &(0x7f0000000400)=""/45)

24.339672507s ago: executing program 9 (id=2820):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000000)={&(0x7f0000000140)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x30006041)
close(r3)

24.327054238s ago: executing program 38 (id=2820):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000000)={&(0x7f0000000140)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x30006041)
close(r3)

16.697276854s ago: executing program 4 (id=2965):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xffffffff, 0x3, 0x1cc0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002e40)={0x30, r4, 0xc4fc9e906872338b, 0x70bd2e, 0x0, {{0x15}, {@void, @val={0xc, 0x99, {0x4, 0x3a}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x4}]}]}]}]}, 0x30}}, 0x40000)

16.669977777s ago: executing program 4 (id=2968):
r0 = epoll_create1(0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
prlimit64(0x0, 0xf, &(0x7f0000000140)={0x6, 0x20020008008f}, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000068c000/0x1000)=nil, &(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x1, 0x800000c1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xb000001d})

16.623040322s ago: executing program 4 (id=2970):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x121a02, 0xe0)
r0 = socket(0x10, 0x3, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x6c, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="140000005304"], 0x28}, 0x1, 0x0, 0x0, 0x64049}, 0x40000)

16.594087365s ago: executing program 4 (id=2973):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7c}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
getpeername(r0, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={0xffffffffffffffff}, 0x4)

16.44283412s ago: executing program 4 (id=2976):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3800000010003904000000000000000000173a83", @ANYRES32=r4, @ANYBLOB="01980000000000001800128008000100677265000c00028008000700ac"], 0x38}}, 0x20000080)
sendto$packet(r1, &(0x7f0000000180)="892cf7", 0x3, 0x40, &(0x7f0000000200)={0x11, 0x8100, r4, 0x1, 0x9, 0x6, @broadcast}, 0x14)

16.067627827s ago: executing program 4 (id=2989):
perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x48400, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x8}, 0x18)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x8000000000, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7fffffff, 0xfffffffffffffffc}, 0x0, 0x0)

16.04500118s ago: executing program 39 (id=2989):
perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x48400, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x8}, 0x18)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x8000000000, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7fffffff, 0xfffffffffffffffc}, 0x0, 0x0)

10.76093718s ago: executing program 1 (id=3081):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$PPPIOCGL2TPSTATS(r0, 0x40047459, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendto$packet(r3, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab", 0x2c, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xbd, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa0011aa0e2245e6d035244b29df33d46051bbe80c5de20e657f99fd3ac06285cd5e02f07dc64364ec054d2ddd6c2d8a2812e57b0a58ca2509238411601a997428764b6892ef78085c4f7b51580434c1dc510eacbaf4491e5e422eb8ccf09486d37625a551916df0e46e451879a0b3d24ecdf104a10898c918613bdce69d0b7ad30bb48fd78148e73727bca4bf000000000000f4270c1b9639b740fc82ae57a658224a8424cadfc94b9d6ced131ff3632c4c01ff6cac81a706a8bfb33e860da986176100d155e1fbf7b62caf4f526556b14a8619ef43"], 0x0)

10.704800205s ago: executing program 1 (id=3083):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x121, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x9, 0xa}, {0xfffa, 0xfff1}, {0x7, 0xc}}}, 0x24}}, 0x4041080)

10.596202807s ago: executing program 1 (id=3087):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0x121d, &(0x7f0000000500)={0x0, 0x7d10, 0x80, 0x3, 0x2b5}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x46bc, 0x3, 0x20, 0x0, 0x20)

10.323265454s ago: executing program 1 (id=3091):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, &(0x7f0000000080)={0x0, 0x7ff})
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18040, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES16, @ANYRES16, @ANYRESHEX, @ANYRES8, @ANYRES64=0x0, @ANYRESHEX=r0], 0x8, 0x2fe, &(0x7f00000007c0)="$eJzs3M9PE1sUwPFDW0pbAmXx8l7eS1640Y1uJlBdK42BxNhEgtT4IzEZYKpNx5Z0GkyNEVy5Nf4RLghLdibKP8DGnW7cuGNj4kIWxjEznaGlHYpAaRG+n4TMYc49M/emAznTtLN159XjQs7ScnpFQjElfSIi2yIjEhJfn7cNuXFUGq3IxcFvH/+/dffejXQmMzmj1FR69lJKKTU8+u7Js7g37O2AbI482Pqa+rL59+a/Wz9nH+UtlbdUsVRRuporfa7oc6ahFvJWQVNq2jR0y1D5omWUa/lSLZ8zS4uLVaUXF4YSi2XDspRerKqCUVWVkqqUqyr8UM8XlaZpaigh2E92dWZGTx+yeL7Dk8ExKZfTelhE4i2Z7GpPJgQAAHqquf8Piepk/792bqMyeHt92On/YyISDer/L3+qHcvp/we84+rO6MD+3z9/YP+vH6z/b+2IzpYj9f84GUajLbv66qGTLKf1hPf363pxf23MDej/AQAAAAAAAAAAAAAAAAAAAAD4E2zbdtK27aS/9X8GRCQmIv7vAaVhEbnagymjg47w+uMUqH9xLzIsYr5cyi5la1tvwIaImGLImCTlh3s9eJzY/+aRcozIe3PZq19eyobdTDonebd+XJL90lxv21PXM5PjqmZ3fb8kGutTkpS/gutTgfVRuXC+oV6TpHyYl5KYsuDOo17/fFypazczTfVxdxwAAAAAAKeBpnYE3r9r2l75Wv3O/XXz+wPh+v31WOD9eUT+i/R27QAAAAAAnBVW9WlBN02j3CaIy/5jDh9EGvbIinTsXP4Kf7fK/yzD8a20TeCffFcq5u3s6LnEezzsEY8TksNUjTqrUQGplrW3C/y3jfYaI9MT3X8F3eCf12++d+6AV9Zj+6z0gIF/lZmmEW5/AfR3438PAAAAgO6qN/3+noneTggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDOoG09H6/UaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJPiVwAAAP//gYT6Qg==")
creat(&(0x7f0000000380)='./bus\x00', 0x4)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x40403, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x402, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4, 0x5]})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), 0xffffffffffffffff)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
mkdirat(0xffffffffffffff9c, &(0x7f00000006c0)='./file0\x00', 0x4)

10.025620044s ago: executing program 1 (id=3098):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)=ANY=[], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r1, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
sendmsg$rds(r1, &(0x7f0000000140)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

8.954587441s ago: executing program 1 (id=3124):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x6, 0x8, 0x8, 0x40}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x14)

8.954372151s ago: executing program 40 (id=3124):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x6, 0x8, 0x8, 0x40}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x14)

2.911558268s ago: executing program 8 (id=3246):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r2)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r4=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=ANY=[@ANYBLOB="200000000000000084000000020000000a000400288000000b000002", @ANYRES32=r4], 0x20, 0x2400e044}, 0x0)

2.626705296s ago: executing program 0 (id=3253):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/249, 0xf9}], 0x1}, 0x40000000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000005c0)='kfree_skb\x00', r3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000980)='kfree_skb\x00', r4}, 0x18)
close(r1)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)

2.553803684s ago: executing program 0 (id=3254):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept(r0, 0x0, 0x0)
setsockopt$sock_timeval(r2, 0x1, 0x42, &(0x7f0000000300)={0x0, 0xea60}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x12, 0x4, 0x4, 0xa4}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000080), &(0x7f00000002c0)=@tcp=r2}, 0x20)
recvmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x2000)

2.476247441s ago: executing program 0 (id=3255):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x1000000000000f, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d5"], &(0x7f0000000100)='GPL\x00'}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
timer_create(0x3, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

2.459116763s ago: executing program 0 (id=3256):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110c230000)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c23003d)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0xa8}, [@ldst={0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110c23005a)
close(0x3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x17, 0x4, &(0x7f00000000c0)=ANY=[@ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0xe}, 0x94)

2.358668743s ago: executing program 0 (id=3258):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x999047, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000140)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0\x00', 0x0, 0x225451, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)

2.315762457s ago: executing program 0 (id=3259):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000100)={{0x1, 0x1, 0x18}, './file1\x00'})
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0)

2.262624033s ago: executing program 7 (id=3260):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2e, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x330b9072}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
r2 = getpid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r4, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r2}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0xb0)

2.156232564s ago: executing program 2 (id=3263):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffff9]}, 0x0, 0x8)
r1 = gettid()
r2 = gettid()
tkill(r1, 0x12)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000940)='kmem_cache_free\x00', r3}, 0x18)
tkill(r2, 0x14)

2.127434767s ago: executing program 2 (id=3264):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x202, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x1, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000000006c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040)=0x6c0000000000)

2.020742447s ago: executing program 8 (id=3265):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x12, 0x8, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe1d}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x1b, 0x0, &(0x7f0000000180)="b90103606908068c3c270040e700009e0ff008001ffff2e1ffff81", 0x0, 0x8104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4)
sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0xfeff, 0x0}, 0x20000000)

1.835425426s ago: executing program 7 (id=3267):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000100)={<r4=>r3, 0x723b, 0x0, 0x8, 0x100, 0x7f}, &(0x7f0000000140)=0x14)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r5, 0x1)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f00000005c0)={r4, 0x5, 0x3, 0x4, 0x8, 0x79}, &(0x7f0000000600)=0x14)

1.747905595s ago: executing program 7 (id=3268):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17f}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c2, 0x8, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

1.658798114s ago: executing program 7 (id=3269):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
write(r0, &(0x7f0000002480)="58432883c72df18c10d9aa59d287b6f3596b95c6222d2ce9b4c087c0cc0c9a1fc4636a38111c27c8c16ad5db1c03a1fe0a1fd6fb8c8d1e012e21a4022ebd4342129f98cac076fb2a8a9e3be062ffdb58a359bdcd2beb151caa1160aae646d6533e3307d322cf3fa2c610f168a510a24a6bce749674e644b8fab9fe009ce6febb4febf9190a9388c333500d7ff60a66b740916246861403c78851935281d6818925e1c6d44dc8763c99920b29107f0ef2ce0002078c48ea69bedafe371822ad50c3585ce0c00e2866a77eb382a4a94c8140eade00e7cce81a18b01e2824860a08682d5f098ff2025c279a91ded1c2e68d0f765dcc0feeb118f7b2c4d0ac243f214ba6102d1f7e5855d204d3f5f533b590af39177b29e264935d637660ffda56415f003705bac18326fd036ca5866b3774d53bc948ec177f94ad43fa7654e56fd5df799454c24aa5bbcbade05473b27357093cdff40a8f1df11e951fe9c1d4cbd2afcaec315a61538511429be3ac1d5c96c49dae7fc3383d5696f81865daf7cc4fed6628e40b4b9bed2a56a1058b6bfb2213749014375e577b9ec4ead515d6ffcf06ecf73490e8e54ea3c5519765aad9f6ca082198f88d63910ecaf1442789de4fec5af0e5eabcc8cdcc4a2cd6d348c53a7fc4fc84b7a57fad068114c0c2135f9e5b7b5cc693fb7ee2d4a9eeeefcd5bbe1e04d2e79b0b565669cb708fed60dbd04cc4e5970bd688080a20d70426025404797b769225215dfa01e116625e3358c670bad", 0x222)
sendmmsg$inet(r0, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000001bc0)=[{&(0x7f00000002c0)="a028a5af023ba092ae45cff08a070c6ecd1c1df98cbfaf3bf819242a7239f7a95bcd132ea1301dafb35d0c0053ceb2efdfbcb24c58d1f00f9359590f81a602fa8ee341d40f008de9ea085d0ae4e67500effd8d7369f7cd8a0bd88de6c6f55b7a8bdd67491128a4181aa3cf8d1d9f2a78c6da18fff6a8226c69aa6b3835006349a05a49806771456d254bcdda80510b66c49245259bbeb3615e2518caba331ec2b38a03b6137b26ec69a7c008bd38a5dff6ef11a158c2510f821d1a12e93c7bbcc127", 0xc2}], 0x1}}], 0x1, 0xa040)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

1.459430973s ago: executing program 2 (id=3272):
pipe2(&(0x7f0000001cc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000700)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYBLOB="0300"])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00'}, 0x10)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
mincore(&(0x7f00006fb000/0x2000)=nil, 0x2000, &(0x7f0000000280)=""/150)

1.135203046s ago: executing program 8 (id=3274):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70300"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r1, 0xf50f, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

802.55079ms ago: executing program 7 (id=3276):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x73)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
listen(r0, 0x0)
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080), 0x10)
sendmmsg(r2, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r3 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvfrom$unix(r3, &(0x7f0000000140)=""/263, 0x107, 0x0, 0x0, 0x0)

761.652583ms ago: executing program 8 (id=3277):
r0 = io_uring_setup(0x2201, &(0x7f0000000540)={0x0, 0x1ae0, 0x402, 0x0, 0x390})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000940)=[{0x0}], 0x1)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x10, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x6, 0x3}, 0x0, 0x32, 0x43a1bd56, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kfree\x00', r2, 0x0, 0x4000000080000000}, 0x18)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x3, 0x40, &(0x7f0000000000)={0x0, 0x14, 0x2009, 0x2}, 0x8, 0x7, 0x200, 0x0, 0xce3, 0x0, 0x0})
io_uring_register$IORING_REGISTER_FILES(r0, 0x1e, &(0x7f0000000000)=[r0], 0x1)

711.967469ms ago: executing program 3 (id=3278):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x24, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r3, 0x0)
sendmsg$inet_sctp(r2, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x1, 0x0, 0x0, 0x804c040}, 0x0)

681.822882ms ago: executing program 7 (id=3279):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x6, 0x8, 0xae, 0x0, 0x1, 0x20727ff}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4006, 0x5, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8000000}, 0x50)
r4 = socket(0x10, 0x3, 0x0)
write(r4, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)

602.732859ms ago: executing program 3 (id=3280):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup2(r2, r3)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x2, 0x1, "fa"}, 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000140)={0x0, 0x2}, 0x8)

556.447644ms ago: executing program 8 (id=3281):
memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r0, &(0x7f0000000100)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @rand_addr=0x4}, 0x3}}, 0x24)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x717e, 0x80, 0x14, 0x150}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/protocols\x00')
lseek(r4, 0x7, 0x0)
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

505.974259ms ago: executing program 3 (id=3282):
r0 = socket$tipc(0x1e, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r0, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f0000002300)={&(0x7f0000000040)=@id={0x1e, 0x3, 0x3, {0x4e22, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x4)
sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
accept4(r0, 0x0, 0x0, 0x400000000000000)

456.831384ms ago: executing program 3 (id=3283):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x11, 0x3, 0x0)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Le1cYB/CTgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS9hZq7dIWU/rj81ku55znuc89fG/gfy0efmo2m7EQQjPx97u/P8tPFHunxqZnQoiF+RBC/puvfz2JRRW/v/UiWpeidTGRqR3cjr+eddz1PVRTR/Ho/DIewg8hhKWn4+S/vRtfvvPcdXJjc6WwtZZbfCysPw8vDOR7tvPLuyOH2fJsd3Yu+rEu462Zn6qNntw3Sy977YNt1VojcxPVpWOfM5//1p/z3++q1CuNyf7T1aF0Z/2qvBPl/iZ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgk53nrpMbmyuFrbXc4mNh/Xl4YSDfs51f3h05zJZnu7Nz8d/qLuOtmZ+qjZ7cN0sve+2DbdVaI3MT1aVjH1q/+/FzPokW+ja8z3+/q1KvNCb7T1eH0p31q/JOlPvbx/wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5SfqLYOzU2PRNCLMyHEMbjHce/7DcT7+suomcp2i8mMrWD2/HXs467vodq6mgqEcIfW5aejpNfteoS/GM/BwAA//8394ZP")
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'gre0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r4}, 0x14)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r2, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="02017ddca82918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d206"], 0xdd12}], 0x1}, 0x0)

329.766577ms ago: executing program 3 (id=3284):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x804525, 0x1000, 0x2, 0x12d}, &(0x7f0000000440)=<r3=>0x0, &(0x7f0000000640)=<r4=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8200}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x28, 0x0, 0x9}]}, 0x10)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_MSG_RING={0x28, 0x20, 0x0, r2, 0x0, 0x0, 0x0, 0x2, 0x1})
io_uring_enter(r2, 0x22d0, 0x20, 0x0, 0x0, 0x0)

286.766361ms ago: executing program 2 (id=3285):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40041}, 0x40104)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xff0c, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYBLOB="0e7348318fa87134b1a28f3d8f70739d3ffc9de4b91f", @ANYRESHEX, @ANYRES32, @ANYRES32, @ANYRES64, @ANYRES32, @ANYRESDEC], 0xff, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a808682b7fc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000023f0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a31"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

271.562233ms ago: executing program 8 (id=3286):
r0 = syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x42, 0x61)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x240, 0x198, 0xffffffff, 0xffffffff, 0x198, 0xffffffff, 0x268, 0xffffff7a, 0xffffffff, 0x268, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'veth1\x00', 'veth0_to_team\x00', {}, {}, 0x0, 0x0, 0x41}, 0x6, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x2, 0x0, 'snmp_trap\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1d, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095", @ANYRES8=r0, @ANYRES32=r3, @ANYRES64=r0, @ANYRES16=r4], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

164.946404ms ago: executing program 2 (id=3287):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000780), r2)
getsockname$packet(r2, &(0x7f0000000300)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r3, @ANYBLOB="0100000000000000240012000c000100627269646765000e140002000800070005"], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f00000014c0)='g?p{')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r4}, 0x10)
sendto$packet(r0, 0x0, 0x0, 0x20004884, &(0x7f00000003c0)={0x11, 0x8100, r3, 0x1, 0x0, 0x6, @local}, 0x14)

130.952347ms ago: executing program 3 (id=3288):
setresgid(0xffffffffffffffff, 0xffffffffffffffff, 0xee00)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x9400, 0x0, 0x0, 0x0, 0x0, 0x94}, 0x40}], 0x1, 0x2, 0x0)

0s ago: executing program 2 (id=3289):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000044, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@nodioread_nolock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@nouid32}, {@nobh}, {@jqfmt_vfsv1}, {@nouid32}, {@dioread_nolock}]}, 0x1, 0x55e, &(0x7f0000001bc0)="$eJzs3d9rW+UbAPDnpM1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdKhv+Af8VAB0NG0QtvKic9abs1adIuWzrz+cDZ3jfnJO95cs7z9n1zTkgAA2s0+6cQ8WJEfJVEHI6IJF83HPnK0dXtlh9en8qWJFZWPv4zaWyX1Zuv1XzewbzyQkT8+kXEycLmdmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sybkxPvvP1Wz2J97fzf33509/0zXx5f/uan+0duJ3E2DuXrNsbxBG5srIzGaP6eFOPsYxuOr/7XizZ3haTfO8CODOV5XoysDzgcQ3nWA/99n0fECjCgEvkPA6o5DmjO7Xs0D35uPHhvdQK0Of7h1c9GYl9jbnRgOXlkZpTNd0d60H7Wxs9/3LmdLdG7zyEAOrpxMyJODw9v7v+SvP/budNdbPN4G/o/eHbuZuOf11uNfwpr459oMf452CJ3d6Jz/hfu96CZtrLx37stx79rF61GhvLa/xpjvmJy8VIlzfq2/0fEiSjuzerjW7RxZvneSrt1G8d/2ZK13xwL5vtxf3jvo8+ZLtfLTxLzRg9uRrzUcvybrB3/pMXxz96P8122cSy980q7dZ3jf7pWfoh4teXxX7+ilWx9fXKscT6MNc+Kzf66dey3du33O/7s+B/YOv6RZOP12tr22/h+3z9pu3WPxB/dn/97kk8a5T35Y9fK9fr8eMSe5MPNj0+sP7dZb26fxX/i+Nb93/r5/8va6+yPiE+7jP/W0R9f3tdN/H06/tPbOv7bL9z74LPv2rXfXf/3RqN0In+km/6vw34VY8dnMwAAAAAAAOxehYg4FEmhtFYuFEql1fs7jsaBQqVaq5+8WF24PB2N78qORLHQvNJ9eMP9EOP5/bDN+sRj9cmIOBIRXw/tb9RLU9XKdL+DBwAAAAAAAAAAAAAAAAAAgF3iYJvv/2d+H+r33gFPnZ/8hsHVMf978UtPwK7k7z8MLvkPg0v+w+CS/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT58+dy5aV5YfXp7L69NXFhdnq1VPTaW22NLcwVZqqzl8pzVSrM5W0NFWd6/R6lWr1yvhELFwbq6e1+lhtcenCXHXhcv3CpbnyTHohLT6TqAAAAAAAAAAAAAAAAAAAAOD5Ultcmi1XKum8gsKOCsO7YzcUelzod88EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOv+DQAA//8Kozfs")
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x32}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
r2 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffc2}], 0x1, 0x7800, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r3, 0x400, 0x1)
unlink(&(0x7f0000000180)='./file1\x00')
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

56][ T7391] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.380660][ T9890] loop5: detected capacity change from 0 to 1024
[  129.405353][ T9890] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.519394][ T9902] netlink: 'syz.3.2333': attribute type 1 has an invalid length.
[  129.536662][ T3592] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.558994][ T9902] 8021q: adding VLAN 0 to HW filter on device bond1
[  129.615523][ T9902] bond1: (slave veth7): Enslaving as an active interface with a down link
[  129.649713][ T9912] bond1: (slave ip6gretap1): making interface the new active one
[  129.658970][ T9912] ip6gretap1: entered promiscuous mode
[  129.664555][ T9912] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  129.781862][ T9926] loop3: detected capacity change from 0 to 128
[  129.810071][ T9926] EXT4-fs: Ignoring removed nobh option
[  129.825331][ T9926] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  129.938641][ T3320] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  130.220160][ T9955] netlink: 'syz.1.2352': attribute type 3 has an invalid length.
[  130.273986][ T9953] netlink: 'syz.5.2351': attribute type 12 has an invalid length.
[  130.401900][ T9969] loop1: detected capacity change from 0 to 1024
[  130.411824][ T9969] EXT4-fs: Ignoring removed nobh option
[  130.417460][ T9969] EXT4-fs: Ignoring removed bh option
[  130.437785][ T9969] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.488296][ T9969] loop1: detected capacity change from 1024 to 64
[  130.496596][ T9969] syz.1.2358: attempt to access beyond end of device
[  130.496596][ T9969] loop1: rw=2049, sector=226, nr_sectors = 2 limit=64
[  130.509939][ T9969] EXT4-fs warning (device loop1): ext4_end_bio:372: I/O error 10 writing to inode 15 starting block 113)
[  130.521435][ T9969] syz.1.2358: attempt to access beyond end of device
[  130.521435][ T9969] loop1: rw=2049, sector=226, nr_sectors = 6 limit=64
[  130.534856][ T9969] EXT4-fs warning (device loop1): ext4_end_bio:372: I/O error 10 writing to inode 15 starting block 113)
[  130.546186][ T9969] EXT4-fs (loop1): failed to convert unwritten extents to written extents -- potential data loss!  (inode 15, error -5)
[  130.558726][ T9969] Buffer I/O error on device loop1, logical block 113
[  130.565480][ T9969] Buffer I/O error on device loop1, logical block 114
[  130.572235][ T9969] Buffer I/O error on device loop1, logical block 115
[  130.579045][ T9969] Buffer I/O error on device loop1, logical block 113
[  130.586674][ T9969] syz.1.2358: attempt to access beyond end of device
[  130.586674][ T9969] loop1: rw=2049, sector=232, nr_sectors = 2 limit=64
[  130.600030][ T9969] EXT4-fs warning (device loop1): ext4_end_bio:372: I/O error 10 writing to inode 15 starting block 116)
[  130.611331][ T9969] EXT4-fs (loop1): failed to convert unwritten extents to written extents -- potential data loss!  (inode 15, error -5)
[  130.623871][ T9969] Buffer I/O error on device loop1, logical block 116
[  130.716868][ T3321] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 16: comm syz-executor: path /494/bus: bad entry in directory: inode out of bounds - offset=0, inode=201326592, rec_len=256, size=1024 fake=0
[  130.737425][ T3321] EXT4-fs (loop1): Remounting filesystem read-only
[  130.751818][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.761514][ T9972] kmmpd-loop1: attempt to access beyond end of device
[  130.761514][ T9972] loop1: rw=14337, sector=128, nr_sectors = 2 limit=64
[  130.775069][ T9972] Buffer I/O error on dev loop1, logical block 64, lost sync page write
[  131.180680][ T9994] lo speed is unknown, defaulting to 1000
[  131.242612][ T9994] chnl_net:caif_netlink_parms(): no params data found
[  131.285929][ T9994] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.293055][ T9994] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.300555][ T9994] bridge_slave_0: entered allmulticast mode
[  131.307231][ T9994] bridge_slave_0: entered promiscuous mode
[  131.314502][ T9994] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.321673][ T9994] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.329064][ T9994] bridge_slave_1: entered allmulticast mode
[  131.335516][ T9994] bridge_slave_1: entered promiscuous mode
[  131.354634][ T9994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  131.365226][ T9994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  131.397159][ T9994] team0: Port device team_slave_0 added
[  131.404029][ T9994] team0: Port device team_slave_1 added
[  131.433351][ T9994] batman_adv: batadv0: Adding interface: batadv_slave_0
[  131.440416][ T9994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  131.466470][ T9994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  131.478004][ T9994] batman_adv: batadv0: Adding interface: batadv_slave_1
[  131.485047][ T9994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  131.510987][ T9994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  131.540643][ T9994] hsr_slave_0: entered promiscuous mode
[  131.546889][ T9994] hsr_slave_1: entered promiscuous mode
[  131.553026][ T9994] debugfs: 'hsr0' already exists in 'hsr'
[  131.558887][ T9994] Cannot create hsr debugfs directory
[  131.589183][T10025] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.597736][T10025] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  131.657383][ T9994] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  131.666065][ T9994] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  131.674841][ T9994] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  131.683541][ T9994] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  131.698621][ T9994] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.705802][ T9994] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.713171][ T9994] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.720305][ T9994] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.751321][ T9994] 8021q: adding VLAN 0 to HW filter on device bond0
[  131.770666][ T4408] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.778527][ T4408] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.803849][ T9994] 8021q: adding VLAN 0 to HW filter on device team0
[  131.815501][ T4434] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.822700][ T4434] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.843726][ T9994] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  131.854212][ T9994] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  131.885511][ T4434] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.892602][ T4434] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.949567][ T9994] 8021q: adding VLAN 0 to HW filter on device batadv0
[  132.045145][T10055] loop6: detected capacity change from 0 to 1024
[  132.056037][T10055] EXT4-fs: Ignoring removed bh option
[  132.081478][T10055] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.118135][ T7391] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.119537][ T9994] veth0_vlan: entered promiscuous mode
[  132.149228][ T9994] veth1_vlan: entered promiscuous mode
[  132.176543][ T9994] veth0_macvtap: entered promiscuous mode
[  132.184930][ T9994] veth1_macvtap: entered promiscuous mode
[  132.197097][ T9994] batman_adv: batadv0: Interface activated: batadv_slave_0
[  132.212489][ T9994] batman_adv: batadv0: Interface activated: batadv_slave_1
[  132.229607][ T4401] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  132.242813][ T4401] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  132.256351][ T4401] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.266059][T10075] loop6: detected capacity change from 0 to 256
[  132.273648][ T4401] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.275375][T10075] vfat: Unknown parameter 'ÿÿ0x0000000000000000'
[  132.468074][T10090] __nla_validate_parse: 10 callbacks suppressed
[  132.468091][T10090] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  132.854775][T10106] veth2: entered promiscuous mode
[  132.859894][T10106] veth2: entered allmulticast mode
[  132.986712][   T29] kauditd_printk_skb: 111 callbacks suppressed
[  132.986806][   T29] audit: type=1326 audit(132.951:5288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10107 comm="syz.7.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  133.031363][T10110] 9pnet_fd: Insufficient options for proto=fd
[  133.033383][   T29] audit: type=1326 audit(132.991:5289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10107 comm="syz.7.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  133.060283][   T29] audit: type=1326 audit(132.991:5290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10107 comm="syz.7.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  133.083291][   T29] audit: type=1326 audit(132.991:5291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10107 comm="syz.7.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  133.171249][T10112] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2402'.
[  133.227794][T10116] lo speed is unknown, defaulting to 1000
[  133.301065][T10127] lo speed is unknown, defaulting to 1000
[  133.404123][T10129] loop5: detected capacity change from 0 to 8192
[  133.415423][T10141] netlink: '+}[@': attribute type 10 has an invalid length.
[  133.426125][T10141] team0: Port device dummy0 added
[  133.434385][T10141] netlink: '+}[@': attribute type 10 has an invalid length.
[  133.442153][T10141] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  133.454888][T10141] team0: Failed to send options change via netlink (err -105)
[  133.465564][T10141] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  133.474561][T10144] loop7: detected capacity change from 0 to 512
[  133.475229][T10141] team0: Port device dummy0 removed
[  133.486332][T10144] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  133.497991][T10141] .`: (slave dummy0): Enslaving as an active interface with an up link
[  133.509719][T10144] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.671418][ T9994] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.691102][   T29] audit: type=1400 audit(133.661:5292): avc:  denied  { mounton } for  pid=10154 comm="syz.5.2418" path="/425/file1" dev="tmpfs" ino=2243 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  133.856204][T10167] loop7: detected capacity change from 0 to 1024
[  133.863151][T10167] EXT4-fs: Ignoring removed orlov option
[  133.920233][T10167] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.145518][T10179] xt_CT: You must specify a L4 protocol and not use inversions on it
[  134.268724][T10183] lo speed is unknown, defaulting to 1000
[  134.383315][   T29] audit: type=1400 audit(134.351:5293): avc:  denied  { mounton } for  pid=10185 comm="syz.3.2427" path="/512/file0" dev="tmpfs" ino=2683 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  134.539727][T10191] netlink: 'syz.5.2429': attribute type 4 has an invalid length.
[  134.547495][T10191] netlink: 152 bytes leftover after parsing attributes in process `syz.5.2429'.
[  134.560424][T10191] .`: renamed from bond0
[  134.605439][   T29] audit: type=1326 audit(134.571:5294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10194 comm="syz.5.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb84716f6c9 code=0x7ffc0000
[  134.628952][   T29] audit: type=1326 audit(134.571:5295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10194 comm="syz.5.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb84716f6c9 code=0x7ffc0000
[  134.651943][   T29] audit: type=1326 audit(134.571:5296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10194 comm="syz.5.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb84716f6c9 code=0x7ffc0000
[  134.674937][   T29] audit: type=1326 audit(134.571:5297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10194 comm="syz.5.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb84716f6c9 code=0x7ffc0000
[  134.904717][ T9994] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.933347][T10216] loop3: detected capacity change from 0 to 512
[  134.946447][T10216] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2803: inode #11: comm syz.3.2442: corrupted xattr block 95: invalid header
[  134.961306][T10216] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2442: bg 0: block 7: invalid block bitmap
[  134.976349][T10216] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  134.985315][T10220] loop7: detected capacity change from 0 to 2048
[  134.991985][T10216] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2967: inode #11: comm syz.3.2442: corrupted xattr block 95: invalid header
[  135.005873][T10216] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  135.024660][T10216] EXT4-fs (loop3): 1 orphan inode deleted
[  135.032137][T10216] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.048423][T10220]  loop7: p2 < > p4
[  135.052811][T10220] loop7: p4 size 262144 extends beyond EOD, truncated
[  135.078620][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.122192][T10234] lo speed is unknown, defaulting to 1000
[  135.304274][T10243] loop7: detected capacity change from 0 to 1024
[  135.311664][T10243] EXT4-fs: Ignoring removed orlov option
[  135.317368][T10243] EXT4-fs: Ignoring removed nomblk_io_submit option
[  135.382795][T10245] xt_CT: You must specify a L4 protocol and not use inversions on it
[  135.388656][T10243] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.620943][ T9994] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.672006][T10259] netlink: 131740 bytes leftover after parsing attributes in process `syz.6.2458'.
[  135.702276][T10259] net_ratelimit: 94 callbacks suppressed
[  135.702308][T10259] netlink: zone id is out of range
[  135.713118][T10259] netlink: zone id is out of range
[  135.719449][T10253] lo speed is unknown, defaulting to 1000
[  135.728231][T10259] netlink: zone id is out of range
[  135.733456][T10259] netlink: zone id is out of range
[  135.750702][T10259] netlink: zone id is out of range
[  135.766036][T10259] netlink: del zone limit has 8 unknown bytes
[  135.828897][T10253] chnl_net:caif_netlink_parms(): no params data found
[  135.835845][T10270] loop6: detected capacity change from 0 to 1024
[  135.884225][T10270] EXT4-fs: Ignoring removed nobh option
[  135.890699][T10275] loop5: detected capacity change from 0 to 128
[  135.898186][T10253] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.905295][T10253] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.912964][T10270] EXT4-fs: Ignoring removed bh option
[  135.938529][T10275] syz.5.2460: attempt to access beyond end of device
[  135.938529][T10275] loop5: rw=0, sector=121, nr_sectors = 920 limit=128
[  135.969539][T10270] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.986285][T10253] bridge_slave_0: entered allmulticast mode
[  136.005111][T10253] bridge_slave_0: entered promiscuous mode
[  136.038216][T10270] loop6: detected capacity change from 1024 to 64
[  136.055464][T10270] syz.6.2459: attempt to access beyond end of device
[  136.055464][T10270] loop6: rw=2049, sector=226, nr_sectors = 2 limit=64
[  136.059040][T10253] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.068942][T10270] EXT4-fs warning (device loop6): ext4_end_bio:372: I/O error 10 writing to inode 15 starting block 113)
[  136.075900][T10253] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.138188][T10253] bridge_slave_1: entered allmulticast mode
[  136.144802][T10253] bridge_slave_1: entered promiscuous mode
[  136.155526][T10270] syz.6.2459: attempt to access beyond end of device
[  136.155526][T10270] loop6: rw=2049, sector=226, nr_sectors = 6 limit=64
[  136.169063][T10270] EXT4-fs warning (device loop6): ext4_end_bio:372: I/O error 10 writing to inode 15 starting block 113)
[  136.180395][T10270] EXT4-fs (loop6): failed to convert unwritten extents to written extents -- potential data loss!  (inode 15, error -5)
[  136.193049][T10270] Buffer I/O error on device loop6, logical block 113
[  136.199843][T10270] Buffer I/O error on device loop6, logical block 114
[  136.206610][T10270] Buffer I/O error on device loop6, logical block 115
[  136.213625][T10270] Buffer I/O error on device loop6, logical block 113
[  136.220637][T10270] syz.6.2459: attempt to access beyond end of device
[  136.220637][T10270] loop6: rw=2049, sector=232, nr_sectors = 2 limit=64
[  136.234057][T10270] EXT4-fs warning (device loop6): ext4_end_bio:372: I/O error 10 writing to inode 15 starting block 116)
[  136.245360][T10270] EXT4-fs (loop6): failed to convert unwritten extents to written extents -- potential data loss!  (inode 15, error -5)
[  136.258063][T10270] Buffer I/O error on device loop6, logical block 116
[  136.292821][T10253] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.310113][T10253] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  136.387366][T10253] team0: Port device team_slave_0 added
[  136.399787][T10253] team0: Port device team_slave_1 added
[  136.425360][ T7391] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 16: comm syz-executor: path /194/bus: bad entry in directory: inode out of bounds - offset=0, inode=201326592, rec_len=256, size=1024 fake=0
[  136.458858][T10253] batman_adv: batadv0: Adding interface: batadv_slave_0
[  136.465850][T10253] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  136.468652][ T7391] EXT4-fs (loop6): Remounting filesystem read-only
[  136.491869][T10253] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  136.559483][T10253] batman_adv: batadv0: Adding interface: batadv_slave_1
[  136.566468][T10253] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  136.592479][T10253] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  136.651684][ T7391] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.663263][T10276] kmmpd-loop6: attempt to access beyond end of device
[  136.663263][T10276] loop6: rw=14337, sector=128, nr_sectors = 2 limit=64
[  136.676912][T10276] Buffer I/O error on dev loop6, logical block 64, lost sync page write
[  136.743380][T10253] hsr_slave_0: entered promiscuous mode
[  136.756026][T10253] hsr_slave_1: entered promiscuous mode
[  136.769878][T10253] debugfs: 'hsr0' already exists in 'hsr'
[  136.775643][T10253] Cannot create hsr debugfs directory
[  136.829757][T10311] lo speed is unknown, defaulting to 1000
[  136.842356][T10321] loop7: detected capacity change from 0 to 164
[  137.098159][T10315] lo speed is unknown, defaulting to 1000
[  137.310102][T10253] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  137.323677][T10253] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  137.339034][T10253] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  137.375523][T10253] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  137.387095][T10330] lo speed is unknown, defaulting to 1000
[  137.400391][T10315] chnl_net:caif_netlink_parms(): no params data found
[  137.417965][T10350] lo speed is unknown, defaulting to 1000
[  137.499224][T10315] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.506388][T10315] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.513665][T10315] bridge_slave_0: entered allmulticast mode
[  137.520762][T10315] bridge_slave_0: entered promiscuous mode
[  137.527574][T10315] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.534655][T10315] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.541907][T10315] bridge_slave_1: entered allmulticast mode
[  137.548825][T10315] bridge_slave_1: entered promiscuous mode
[  137.577711][T10315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.595829][T10315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.618749][T10330] chnl_net:caif_netlink_parms(): no params data found
[  137.628464][T10315] team0: Port device team_slave_0 added
[  137.649856][T10315] team0: Port device team_slave_1 added
[  137.681627][T10315] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.688847][T10315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  137.714894][T10315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.779503][T10375] unsupported nla_type 52263
[  137.784860][T10315] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.791893][T10315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  137.817863][T10315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.852111][T10330] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.859265][T10330] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.866556][T10330] bridge_slave_0: entered allmulticast mode
[  137.873279][T10330] bridge_slave_0: entered promiscuous mode
[  137.897162][T10330] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.904320][T10330] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.911592][T10330] bridge_slave_1: entered allmulticast mode
[  137.918327][T10330] bridge_slave_1: entered promiscuous mode
[  137.938896][T10315] hsr_slave_0: entered promiscuous mode
[  137.944989][T10315] hsr_slave_1: entered promiscuous mode
[  137.951309][T10315] debugfs: 'hsr0' already exists in 'hsr'
[  137.957063][T10315] Cannot create hsr debugfs directory
[  137.990871][T10330] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  138.010855][T10253] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.022780][T10330] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  138.040992][   T29] kauditd_printk_skb: 56 callbacks suppressed
[  138.041009][   T29] audit: type=1326 audit(138.011:5354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10385 comm="syz.7.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  138.072331][   T29] audit: type=1326 audit(138.011:5355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10385 comm="syz.7.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  138.095581][   T29] audit: type=1326 audit(138.011:5356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10385 comm="syz.7.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  138.118735][   T29] audit: type=1326 audit(138.051:5357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10385 comm="syz.7.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  138.141717][   T29] audit: type=1326 audit(138.051:5358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10385 comm="syz.7.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  138.164631][   T29] audit: type=1326 audit(138.051:5359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10385 comm="syz.7.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  138.187772][   T29] audit: type=1326 audit(138.051:5360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10385 comm="syz.7.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  138.210856][   T29] audit: type=1326 audit(138.051:5361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10385 comm="syz.7.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  138.233750][   T29] audit: type=1326 audit(138.051:5362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10385 comm="syz.7.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  138.256714][   T29] audit: type=1326 audit(138.051:5363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10385 comm="syz.7.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ee9f6c9 code=0x7ffc0000
[  138.312666][T10330] team0: Port device team_slave_0 added
[  138.320967][T10330] team0: Port device team_slave_1 added
[  138.351447][T10253] 8021q: adding VLAN 0 to HW filter on device team0
[  138.359324][T10390] tipc: Started in network mode
[  138.364225][T10390] tipc: Node identity ac14140f, cluster identity 4711
[  138.371408][T10390] tipc: New replicast peer: 255.255.255.255
[  138.377490][T10390] tipc: Enabled bearer <udp:syz2>, priority 10
[  138.394777][T10330] batman_adv: batadv0: Adding interface: batadv_slave_0
[  138.401808][T10330] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  138.427718][T10330] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  138.443312][T10330] batman_adv: batadv0: Adding interface: batadv_slave_1
[  138.450347][T10330] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  138.476329][T10330] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  138.500020][ T4443] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.507125][ T4443] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.543125][ T4408] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.550278][ T4408] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.575096][T10330] hsr_slave_0: entered promiscuous mode
[  138.581365][T10330] hsr_slave_1: entered promiscuous mode
[  138.588639][T10330] debugfs: 'hsr0' already exists in 'hsr'
[  138.594429][T10330] Cannot create hsr debugfs directory
[  138.645759][T10315] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  138.657118][T10414] loop7: detected capacity change from 0 to 512
[  138.662859][T10411] netlink: 'syz.2.2502': attribute type 1 has an invalid length.
[  138.682593][T10315] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  138.709004][T10315] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  138.728317][T10411] 8021q: adding VLAN 0 to HW filter on device batadv1
[  138.736398][T10411] bond2: (slave batadv1): making interface the new active one
[  138.745258][T10411] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  138.758610][T10315] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  138.797051][T10429] netlink: 'syz.2.2505': attribute type 6 has an invalid length.
[  138.832561][T10431] ip6tnl0: entered promiscuous mode
[  138.837824][T10431] ip6tnl0: entered allmulticast mode
[  138.853026][T10253] 8021q: adding VLAN 0 to HW filter on device batadv0
[  138.927081][T10315] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.942584][T10315] 8021q: adding VLAN 0 to HW filter on device team0
[  138.986667][ T4406] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.993786][ T4406] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.016498][ T4408] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.023682][ T4408] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.209431][T10330] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  139.223512][T10253] veth0_vlan: entered promiscuous mode
[  139.240019][T10487] 8021q: adding VLAN 0 to HW filter on device bond1
[  139.251177][T10487] bond1 (unregistering): Released all slaves
[  139.264719][T10330] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  139.273594][T10494] netlink: 'syz.7.2511': attribute type 10 has an invalid length.
[  139.295713][T10494] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  139.304812][T10494] team0: Failed to send options change via netlink (err -105)
[  139.312405][T10494] team0: Port device dummy0 added
[  139.334271][T10330] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  139.355166][T10330] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  139.376874][T10253] veth1_vlan: entered promiscuous mode
[  139.394676][T10315] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.428593][T10508] netlink: 76 bytes leftover after parsing attributes in process `syz.7.2515'.
[  139.454146][T10253] veth0_macvtap: entered promiscuous mode
[  139.489066][ T3389] tipc: Node number set to 2886997007
[  139.495800][T10253] veth1_macvtap: entered promiscuous mode
[  139.550894][T10253] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.577099][T10538] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2519'.
[  139.582902][T10253] batman_adv: batadv0: Interface activated: batadv_slave_1
[  139.600960][T10330] 8021q: adding VLAN 0 to HW filter on device bond0
[  139.609077][T10538] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  139.626506][ T4401] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.669768][T10330] 8021q: adding VLAN 0 to HW filter on device team0
[  139.698503][ T4443] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.707599][ T4443] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.720845][ T4426] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.727924][ T4426] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.756389][ T4426] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.763492][ T4426] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.774346][ T4443] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.790194][T10563] loop8: detected capacity change from 0 to 256
[  139.810153][T10315] veth0_vlan: entered promiscuous mode
[  139.862689][T10315] veth1_vlan: entered promiscuous mode
[  139.871551][T10569] SELinux:  Context system_u:object_r:logrotate_exec_t:s0 is not valid (left unmapped).
[  139.900489][T10573] loop7: detected capacity change from 0 to 512
[  139.915049][T10315] veth0_macvtap: entered promiscuous mode
[  139.944615][T10315] veth1_macvtap: entered promiscuous mode
[  139.999034][T10578] loop8: detected capacity change from 0 to 512
[  140.009961][T10315] batman_adv: batadv0: Interface activated: batadv_slave_0
[  140.029826][T10315] batman_adv: batadv0: Interface activated: batadv_slave_1
[  140.046351][T10578] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.065227][ T4408] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.089359][ T4408] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.101498][T10330] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.108985][ T4408] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.117739][ T4408] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.188415][T10253] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.273640][T10600] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2530'.
[  140.295902][T10603] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2476'.
[  140.364202][T10330] veth0_vlan: entered promiscuous mode
[  140.388243][T10330] veth1_vlan: entered promiscuous mode
[  140.429957][T10330] veth0_macvtap: entered promiscuous mode
[  140.457411][T10330] veth1_macvtap: entered promiscuous mode
[  140.493979][T10330] batman_adv: batadv0: Interface activated: batadv_slave_0
[  140.513208][T10621] loop8: detected capacity change from 0 to 512
[  140.533558][T10330] batman_adv: batadv0: Interface activated: batadv_slave_1
[  140.565821][ T4408] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.578927][T10621] EXT4-fs error (device loop8): ext4_acquire_dquot:6945: comm syz.8.2533: Failed to acquire dquot type 1
[  140.597137][ T4408] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.630698][ T4408] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.641614][T10621] EXT4-fs (loop8): 1 truncate cleaned up
[  140.653345][T10621] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.665957][ T4408] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.688986][T10621] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.735049][T10650] loop0: detected capacity change from 0 to 1024
[  140.750977][T10650] EXT4-fs: Ignoring removed oldalloc option
[  140.771304][T10650] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  140.808740][T10650] EXT4-fs (loop0): re-mounted 00000000-0000-0006-0000-000000000000 ro.
[  140.842713][T10330] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  140.866929][T10670] loop8: detected capacity change from 0 to 1024
[  140.876635][T10675] io-wq is not configured for unbound workers
[  140.888580][T10670] EXT4-fs: Ignoring removed orlov option
[  140.900370][T10670] EXT4-fs: Ignoring removed nomblk_io_submit option
[  140.935132][T10670] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.988612][ T4426] ip6gretap1: left promiscuous mode
[  141.079816][T10703] netlink: 'syz.7.2547': attribute type 39 has an invalid length.
[  141.140408][T10253] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.776996][T10698] Set syz1 is full, maxelem 65536 reached
[  142.024491][T10789] loop7: detected capacity change from 0 to 1024
[  142.033007][T10789] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.046145][T10798] ref_ctr_offset mismatch. inode: 0x3f offset: 0x7 ref_ctr_offset(old): 0x2 ref_ctr_offset(new): 0x0
[  142.060555][T10789] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.091153][T10789] netlink: 132 bytes leftover after parsing attributes in process `syz.7.2569'.
[  142.139283][T10808] loop9: detected capacity change from 0 to 1024
[  142.149995][T10808] EXT4-fs: Ignoring removed oldalloc option
[  142.156674][ T9994] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.170134][T10808] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  142.193626][T10808] EXT4-fs (loop9): re-mounted 00000000-0000-0006-0000-000000000000 ro.
[  142.226803][T10819] tipc: Started in network mode
[  142.231801][T10819] tipc: Node identity c650f44ce413, cluster identity 4711
[  142.239025][T10819] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  142.249053][T10315] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  142.252195][T10823] loop7: detected capacity change from 0 to 164
[  142.266613][T10823] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  142.276607][T10823] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  142.285052][T10823] Symlink component flag not implemented
[  142.290694][T10828] loop9: detected capacity change from 0 to 512
[  142.297152][T10823] Symlink component flag not implemented
[  142.297488][T10828] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  142.303235][T10811] tipc: Resetting bearer <eth:syzkaller0>
[  142.312156][T10823] Symlink component flag not implemented (7)
[  142.323701][T10823] Symlink component flag not implemented (116)
[  142.351243][T10828] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  142.356861][T10811] tipc: Disabling bearer <eth:syzkaller0>
[  142.372196][T10828] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.2583: bg 0: block 248: padding at end of block bitmap is not set
[  142.387179][T10828] EXT4-fs error (device loop9): ext4_acquire_dquot:6945: comm syz.9.2583: Failed to acquire dquot type 1
[  142.400403][T10828] EXT4-fs (loop9): 1 truncate cleaned up
[  142.408532][T10828] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  142.427190][T10828] EXT4-fs error (device loop9): ext4_acquire_dquot:6945: comm syz.9.2583: Failed to acquire dquot type 1
[  142.455587][T10315] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  142.515407][T10844] loop8: detected capacity change from 0 to 1024
[  142.534526][T10844] EXT4-fs: inline encryption not supported
[  142.540531][T10844] EXT4-fs: Ignoring removed orlov option
[  142.564485][T10844] EXT4-fs (loop8): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  142.660972][T10844] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[  142.669384][T10844] System zones: 0-1, 3-12
[  142.675653][T10844] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.712550][T10253] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.754485][T10859] loop8: detected capacity change from 0 to 512
[  142.802364][T10859] EXT4-fs warning (device loop8): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  142.828957][T10859] EXT4-fs (loop8): mount failed
[  142.840590][T10866] netlink: 5 bytes leftover after parsing attributes in process `syz.9.2595'.
[  142.849768][T10866] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  142.857829][T10866] 0ªî{X¹¦: entered allmulticast mode
[  142.864265][T10866] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  142.921043][T10872] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.980893][T10877] ref_ctr_offset mismatch. inode: 0x188 offset: 0x7 ref_ctr_offset(old): 0x2 ref_ctr_offset(new): 0x0
[  142.993727][T10872] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.041287][T10872] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.053692][   T29] kauditd_printk_skb: 148 callbacks suppressed
[  143.053708][   T29] audit: type=1326 audit(143.031:5505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10882 comm="syz.9.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  143.094484][ T9695] hid_parser_main: 19 callbacks suppressed
[  143.094506][ T9695] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  143.097011][   T29] audit: type=1326 audit(143.031:5506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10882 comm="syz.9.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  143.130803][   T29] audit: type=1326 audit(143.041:5507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10882 comm="syz.9.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  143.153781][   T29] audit: type=1326 audit(143.041:5508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10884 comm="syz.9.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fbc0d5e1f85 code=0x7ffc0000
[  143.176699][   T29] audit: type=1326 audit(143.041:5509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10882 comm="syz.9.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  143.176929][ T9695] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  143.199674][   T29] audit: type=1326 audit(143.041:5510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10882 comm="syz.9.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  143.199776][   T29] audit: type=1326 audit(143.041:5511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10882 comm="syz.9.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  143.255101][   T29] audit: type=1326 audit(143.041:5512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10882 comm="syz.9.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  143.295102][T10893] loop0: detected capacity change from 0 to 512
[  143.304233][T10893] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  143.315143][T10872] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.338892][T10893] EXT4-fs (loop0): 1 orphan inode deleted
[  143.344774][T10893] EXT4-fs (loop0): 1 truncate cleaned up
[  143.352424][T10893] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.372329][T10897] netlink: 96 bytes leftover after parsing attributes in process `syz.9.2607'.
[  143.390503][ T4443] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  143.419230][ T4443] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  143.429450][T10330] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.450955][ T4443] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  143.459453][ T4443] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  143.513364][T10907] netlink: 5 bytes leftover after parsing attributes in process `syz.0.2609'.
[  143.522820][T10907] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  143.532347][T10907] 0ªî{X¹¦: entered allmulticast mode
[  143.538552][T10907] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  143.560136][T10910] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2613'.
[  143.735848][   T29] audit: type=1400 audit(143.701:5513): avc:  denied  { setopt } for  pid=10927 comm="syz.0.2622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  143.763950][T10933] netlink: 64 bytes leftover after parsing attributes in process `syz.7.2623'.
[  143.846408][T10942] netlink: 'syz.9.2626': attribute type 1 has an invalid length.
[  143.869718][T10942] ipvlan1: entered promiscuous mode
[  143.875070][T10942] ipvlan1: entered allmulticast mode
[  143.880454][T10942] veth0_vlan: entered allmulticast mode
[  143.899266][   T29] audit: type=1326 audit(143.861:5514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10938 comm="syz.0.2624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  143.971377][T10952] bridge: RTM_NEWNEIGH with invalid ether address
[  144.264537][T10994] 8021q: adding VLAN 0 to HW filter on device bond1
[  144.300707][T10999] netlink: 'syz.8.2646': attribute type 10 has an invalid length.
[  144.358315][T10994] bond1 (unregistering): Released all slaves
[  144.387788][T10999] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  144.429063][T10999] team0: Failed to send options change via netlink (err -105)
[  144.436572][T10999] team0: Port device dummy0 added
[  144.568150][T11028] macsec0: entered allmulticast mode
[  144.585971][T11028] veth1_macvtap: entered allmulticast mode
[  144.599534][T11028] macsec0: entered promiscuous mode
[  144.685553][T11039] __nla_validate_parse: 9 callbacks suppressed
[  144.685572][T11039] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2654'.
[  144.723530][T11047] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  144.736573][T11039] 0ªî{X¹¦: renamed from gretap0
[  144.756832][T11039] 0ªî{X¹¦: entered allmulticast mode
[  144.786004][T11039] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  144.902318][ T7788] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  144.931742][ T7788] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  145.185750][T11089] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.281097][T11089] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.362719][T11089] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.404222][T11106] loop7: detected capacity change from 0 to 512
[  145.420163][T11089] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.452888][T11106] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  145.472495][T11106] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  145.504708][T11106] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.2664: bg 0: block 248: padding at end of block bitmap is not set
[  145.521705][T11106] EXT4-fs error (device loop7): ext4_acquire_dquot:6945: comm syz.7.2664: Failed to acquire dquot type 1
[  145.538561][T11106] EXT4-fs (loop7): 1 truncate cleaned up
[  145.549065][T11106] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  145.602781][T11106] EXT4-fs error (device loop7): ext4_acquire_dquot:6945: comm syz.7.2664: Failed to acquire dquot type 1
[  145.629889][ T9994] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  145.718884][T11133] serio: Serial port ptm0
[  145.827448][T11140] netlink: 'syz.0.2676': attribute type 7 has an invalid length.
[  145.835294][T11140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2676'.
[  146.045584][T11153] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  146.121224][T11157] bridge: RTM_NEWNEIGH with invalid ether address
[  146.207470][T11161] tipc: Started in network mode
[  146.212452][T11161] tipc: Node identity aab6e40a7e55, cluster identity 4711
[  146.219737][T11161] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  146.236679][T11160] tipc: Resetting bearer <eth:syzkaller0>
[  146.253754][T11160] tipc: Disabling bearer <eth:syzkaller0>
[  146.654015][T11178] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  146.671389][T11175] loop7: detected capacity change from 0 to 8192
[  146.785505][T11186] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11186 comm=syz.2.2696
[  147.070678][ T4390] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.082852][ T4390] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.112524][ T4390] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.141315][ T4390] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.224086][T11224] loop0: detected capacity change from 0 to 1024
[  147.231390][T11224] EXT4-fs: Ignoring removed nomblk_io_submit option
[  147.249360][T11224] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.321840][T10330] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.376251][T11233] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2716'.
[  147.403872][T11233] hsr_slave_1 (unregistering): left promiscuous mode
[  147.605492][T11243] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.671970][T11243] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.735003][T11243] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.781904][T11243] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.843302][ T4426] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.858153][ T4426] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.875682][ T4426] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.884454][ T4426] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.062958][   T29] kauditd_printk_skb: 153 callbacks suppressed
[  148.062987][   T29] audit: type=1326 audit(148.036:5664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.9.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  148.328187][   T29] audit: type=1326 audit(148.116:5665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.9.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  148.351160][   T29] audit: type=1326 audit(148.126:5666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.9.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  148.374202][   T29] audit: type=1326 audit(148.136:5667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.9.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  148.397196][   T29] audit: type=1326 audit(148.146:5668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.9.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  148.420219][   T29] audit: type=1326 audit(148.166:5669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.9.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  148.443116][   T29] audit: type=1326 audit(148.176:5670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.9.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  148.466057][   T29] audit: type=1326 audit(148.186:5671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.9.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  148.488945][   T29] audit: type=1326 audit(148.196:5672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.9.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  148.511850][   T29] audit: type=1326 audit(148.206:5673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11254 comm="syz.9.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fbc0d5af6c9 code=0x7ffc0000
[  148.878238][T11293] netlink: 132 bytes leftover after parsing attributes in process `syz.7.2741'.
[  148.891071][T11293] netlink: 'syz.7.2741': attribute type 10 has an invalid length.
[  148.899441][T11293] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.906692][T11293] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.929086][T11293] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.936272][T11293] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.943721][T11293] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.950847][T11293] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.975610][T11293] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  148.981344][T11299] loop9: detected capacity change from 0 to 1024
[  148.992185][T11299] EXT4-fs: inline encryption not supported
[  148.998273][T11299] EXT4-fs: Ignoring removed orlov option
[  149.008947][T11299] EXT4-fs (loop9): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  149.040277][T11299] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[  149.056643][T11299] System zones: 0-1, 3-12
[  149.065095][T11299] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.095610][T11299] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  149.108227][T11299] EXT4-fs (loop9): This should not happen!! Data will be lost
[  149.108227][T11299] 
[  149.117882][T11299] EXT4-fs (loop9): Total free blocks count 0
[  149.123936][T11299] EXT4-fs (loop9): Free/Dirty block details
[  149.129920][T11299] EXT4-fs (loop9): free_blocks=0
[  149.134896][T11299] EXT4-fs (loop9): dirty_blocks=0
[  149.140081][T11299] EXT4-fs (loop9): Block reservation details
[  149.146072][T11299] EXT4-fs (loop9): i_reserved_data_blocks=0
[  149.188802][T11320] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  149.196262][T10315] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.275271][T11332] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  149.814065][T11368] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2773'.
[  149.823249][T11368] unsupported nlmsg_type 40
[  150.276763][T11415] loop7: detected capacity change from 0 to 512
[  150.290079][T11415] EXT4-fs warning (device loop7): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  150.298432][T11405] netlink: 68 bytes leftover after parsing attributes in process `syz.9.2791'.
[  150.305392][T11415] EXT4-fs (loop7): mount failed
[  150.337616][T11415] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  150.408722][T11424] tipc: Started in network mode
[  150.413616][T11424] tipc: Node identity 4, cluster identity 4711
[  150.419920][T11424] tipc: Node number set to 4
[  150.533955][T11426] lo speed is unknown, defaulting to 1000
[  151.443690][T11465] loop9: detected capacity change from 0 to 1024
[  151.451117][T11465] EXT4-fs: inline encryption not supported
[  151.457132][T11465] EXT4-fs: Ignoring removed nobh option
[  151.462888][T11465] EXT4-fs: Ignoring removed bh option
[  151.499618][T11465] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.540124][T11465] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4193: comm syz.9.2810: Allocating blocks 449-513 which overlap fs metadata
[  151.568657][T11472] EXT4-fs (loop9): pa ffff8881057d68c0: logic 48, phys. 177, len 21
[  151.576697][T11472] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  151.588357][T11474] sctp: [Deprecated]: syz.2.2814 (pid 11474) Use of struct sctp_assoc_value in delayed_ack socket option.
[  151.588357][T11474] Use struct sctp_sack_info instead
[  151.653341][T11124] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.675911][ T4390] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.739599][ T4390] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.783514][T11490] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2824'.
[  151.793899][T11490] netlink: 'syz.2.2824': attribute type 10 has an invalid length.
[  151.812889][T11490] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  151.823165][ T4390] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.870936][ T4390] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.913203][T11484] lo speed is unknown, defaulting to 1000
[  151.956587][T11504] netlink: 'syz.8.2828': attribute type 4 has an invalid length.
[  151.968831][T11506] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2829'.
[  151.982483][T11504] netlink: 'syz.8.2828': attribute type 4 has an invalid length.
[  152.048905][T11484] chnl_net:caif_netlink_parms(): no params data found
[  152.117390][T11525] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2836'.
[  152.124098][T11529] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2838'.
[  152.146991][T11484] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.154244][T11484] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.167000][T11484] bridge_slave_0: entered allmulticast mode
[  152.177028][T11484] bridge_slave_0: entered promiscuous mode
[  152.189030][T11484] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.196119][T11484] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.203509][T11535] netlink: 'syz.0.2836': attribute type 10 has an invalid length.
[  152.203710][T11484] bridge_slave_1: entered allmulticast mode
[  152.218627][T11484] bridge_slave_1: entered promiscuous mode
[  152.252733][ T3403] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  152.261265][T11535] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.268664][T11535] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.269116][T11537] loop8: detected capacity change from 0 to 2048
[  152.279584][T11535] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.289222][T11535] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.289439][ T3403] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  152.296644][T11535] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.309120][T11537] EXT4-fs: quotafile must be on filesystem root
[  152.313311][T11535] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.342026][T11535] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  152.352594][T11484] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  152.363868][T11484] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  152.406155][ T4390] bridge_slave_1: left allmulticast mode
[  152.412016][ T4390] bridge_slave_1: left promiscuous mode
[  152.417750][ T4390] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.447556][ T4390] bridge_slave_0: left allmulticast mode
[  152.453328][ T4390] bridge_slave_0: left promiscuous mode
[  152.459090][ T4390] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.466344][T11546] loop8: detected capacity change from 0 to 512
[  152.532067][T11546] EXT4-fs error (device loop8): ext4_xattr_inode_iget:446: comm syz.8.2841: error while reading EA inode 32 err=-116
[  152.554735][T11546] EXT4-fs (loop8): Remounting filesystem read-only
[  152.561536][T11546] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  152.574600][T11546] EXT4-fs (loop8): 1 orphan inode deleted
[  152.580991][T11546] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.596550][ T4390] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  152.606798][ T4390] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  152.622324][ T4390] bond0 (unregistering): Released all slaves
[  152.734299][T11484] team0: Port device team_slave_0 added
[  152.747677][T11484] team0: Port device team_slave_1 added
[  152.819161][ T4390] hsr_slave_0: left promiscuous mode
[  152.830544][ T4390] hsr_slave_1: left promiscuous mode
[  152.837658][ T4390] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.845114][ T4390] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.853251][ T4390] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  152.860685][ T4390] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.886763][ T4390] veth1_macvtap: left promiscuous mode
[  152.892497][ T4390] veth0_macvtap: left promiscuous mode
[  152.898185][ T4390] veth1_vlan: left promiscuous mode
[  152.903636][ T4390] veth0_vlan: left promiscuous mode
[  152.984726][ T4390] team0 (unregistering): Port device team_slave_1 removed
[  152.995551][ T4390] team0 (unregistering): Port device team_slave_0 removed
[  153.039225][T11484] batman_adv: batadv0: Adding interface: batadv_slave_0
[  153.046201][T11484] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  153.072247][T11484] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  153.095841][T10253] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.096064][T11484] batman_adv: batadv0: Adding interface: batadv_slave_1
[  153.111852][T11484] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  153.137824][T11484] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  153.168219][T11484] hsr_slave_0: entered promiscuous mode
[  153.174575][T11484] hsr_slave_1: entered promiscuous mode
[  153.180605][T11484] debugfs: 'hsr0' already exists in 'hsr'
[  153.186356][T11484] Cannot create hsr debugfs directory
[  153.558300][T11582] tipc: Cannot configure node identity twice
[  153.603013][T11484] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  153.613110][T11484] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  153.613263][T11584] netlink: 'syz.8.2856': attribute type 1 has an invalid length.
[  153.627649][T11584] netlink: 224 bytes leftover after parsing attributes in process `syz.8.2856'.
[  153.644454][T11484] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  153.654095][T11484] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  153.756907][T11484] 8021q: adding VLAN 0 to HW filter on device bond0
[  153.805420][T11484] 8021q: adding VLAN 0 to HW filter on device team0
[  154.002500][ T4390] .` (unregistering): (slave dummy0): Releasing backup interface
[  154.019090][ T4390] .` (unregistering): Released all slaves
[  154.042521][ T4426] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.049662][ T4426] bridge0: port 1(bridge_slave_0) entered forwarding state
[  154.063619][ T4420] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.070712][ T4420] bridge0: port 2(bridge_slave_1) entered forwarding state
[  154.096677][ T4390] tipc: Left network mode
[  154.109045][ T4390] hsr_slave_0: left promiscuous mode
[  154.115008][ T4390] hsr_slave_1: left promiscuous mode
[  154.235885][T11603] ip6gre1: entered allmulticast mode
[  154.251807][T11609] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2863'.
[  154.333631][T11484] 8021q: adding VLAN 0 to HW filter on device batadv0
[  154.334189][T11617] netlink: 132 bytes leftover after parsing attributes in process `syz.8.2866'.
[  154.353544][T11617] netlink: 'syz.8.2866': attribute type 10 has an invalid length.
[  154.362640][T11617] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.369915][T11617] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.379989][T11617] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.387065][T11617] bridge0: port 2(bridge_slave_1) entered forwarding state
[  154.394448][T11617] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.401564][T11617] bridge0: port 1(bridge_slave_0) entered forwarding state
[  154.411361][T11617] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  154.503429][ T4390] IPVS: stop unused estimator thread 0...
[  154.583996][T11484] veth0_vlan: entered promiscuous mode
[  154.593154][T11641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2871'.
[  154.595658][T11484] veth1_vlan: entered promiscuous mode
[  154.665841][T11484] veth0_macvtap: entered promiscuous mode
[  154.673442][T11484] veth1_macvtap: entered promiscuous mode
[  154.685435][T11484] batman_adv: batadv0: Interface activated: batadv_slave_0
[  154.696853][T11484] batman_adv: batadv0: Interface activated: batadv_slave_1
[  154.707992][ T4443] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.722388][ T4443] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.732552][ T4443] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.745749][ T4443] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.923884][   T29] kauditd_printk_skb: 223 callbacks suppressed
[  154.923897][   T29] audit: type=1326 audit(154.896:5896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11657 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  154.953991][   T29] audit: type=1326 audit(154.896:5897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11657 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  154.977175][   T29] audit: type=1326 audit(154.906:5898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11657 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  155.000208][   T29] audit: type=1326 audit(154.906:5899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11657 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  155.023222][   T29] audit: type=1326 audit(154.906:5900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11657 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  155.047529][   T29] audit: type=1326 audit(155.026:5901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f398d991f85 code=0x7ffc0000
[  155.174928][   T29] audit: type=1400 audit(155.146:5902): avc:  denied  { create } for  pid=11670 comm="syz.7.2882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  155.210823][   T29] audit: type=1326 audit(155.166:5903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  155.233834][   T29] audit: type=1326 audit(155.176:5904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11657 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  155.256982][   T29] audit: type=1326 audit(155.176:5905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11657 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  155.313123][T11679] netlink: 'syz.7.2885': attribute type 30 has an invalid length.
[  155.352298][T11683] syzkaller0: entered allmulticast mode
[  155.358283][T11683] syzkaller0: entered promiscuous mode
[  155.368666][T11683] syzkaller0 (unregistering): left allmulticast mode
[  155.375387][T11683] syzkaller0 (unregistering): left promiscuous mode
[  155.471914][T11685] lo speed is unknown, defaulting to 1000
[  156.233838][T11704] loop4: detected capacity change from 0 to 1024
[  156.270923][T11704] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.293249][T11704] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  156.353466][T11713] loop7: detected capacity change from 0 to 512
[  156.380055][T11714] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[  156.392686][T11714] EXT4-fs (loop4): This should not happen!! Data will be lost
[  156.392686][T11714] 
[  156.402470][T11714] EXT4-fs (loop4): Total free blocks count 0
[  156.408495][T11714] EXT4-fs (loop4): Free/Dirty block details
[  156.414471][T11714] EXT4-fs (loop4): free_blocks=20480
[  156.419787][T11714] EXT4-fs (loop4): dirty_blocks=3248
[  156.419988][T11713] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.425201][T11714] EXT4-fs (loop4): Block reservation details
[  156.425215][T11714] EXT4-fs (loop4): i_reserved_data_blocks=203
[  156.515112][ T9994] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.777358][T11728] siw: device registration error -23
[  156.846806][T11735] loop0: detected capacity change from 0 to 128
[  156.921788][T11735] syz.0.2906: attempt to access beyond end of device
[  156.921788][T11735] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[  157.085659][ T4443] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  157.251224][T11755] netlink: 'syz.7.2914': attribute type 1 has an invalid length.
[  157.279534][   T44] Bluetooth: hci0: sending frame failed (-49)
[  157.285685][ T3581] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  157.304156][T11755] bond1: entered promiscuous mode
[  157.309283][T11755] bond1: entered allmulticast mode
[  157.314648][T11755] 8021q: adding VLAN 0 to HW filter on device bond1
[  157.316905][T11767] __nla_validate_parse: 1 callbacks suppressed
[  157.316923][T11767] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2918'.
[  157.339697][T11755] veth7: entered promiscuous mode
[  157.344889][T11755] veth7: entered allmulticast mode
[  157.355370][T11755] bond1: (slave veth7): Enslaving as a backup interface with a down link
[  157.362159][T11771] loop4: detected capacity change from 0 to 128
[  157.459238][T11775] loop8: detected capacity change from 0 to 1024
[  157.466265][T11775] EXT4-fs: Ignoring removed bh option
[  157.477083][T11771] syz.4.2920: attempt to access beyond end of device
[  157.477083][T11771] loop4: rw=0, sector=121, nr_sectors = 920 limit=128
[  157.479309][T11783] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '
'
[  157.496046][T11775] EXT4-fs: inline encryption not supported
[  157.506039][T11775] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  157.512500][T11783] loop0: detected capacity change from 0 to 1024
[  157.524178][T11783] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  157.535249][T11775] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  157.543745][T11783] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  157.549729][T11775] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 2: comm syz.8.2922: lblock 2 mapped to illegal pblock 2 (length 1)
[  157.551906][T11783] EXT4-fs (loop0): orphan cleanup on readonly fs
[  157.565953][T11775] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 48: comm syz.8.2922: lblock 0 mapped to illegal pblock 48 (length 1)
[  157.582344][T11783] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  157.600735][T11783] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  157.609215][T11775] EXT4-fs error (device loop8): ext4_acquire_dquot:6945: comm syz.8.2922: Failed to acquire dquot type 0
[  157.609310][T11783] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.2926: Freeing blocks not in datazone - block = 0, count = 4096
[  157.634100][T11775] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  157.643648][T11775] EXT4-fs error (device loop8): ext4_evict_inode:254: inode #11: comm syz.8.2922: mark_inode_dirty error
[  157.655307][T11775] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  157.665577][T11775] EXT4-fs (loop8): 1 orphan inode deleted
[  157.671916][T11775] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.684273][T11783] EXT4-fs (loop0): Remounting filesystem read-only
[  157.684389][T11783] EXT4-fs (loop0): 1 truncate cleaned up
[  157.684966][T11783] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  157.691432][ T4390] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:9: lblock 1 mapped to illegal pblock 1 (length 1)
[  157.728784][ T4390] EXT4-fs error (device loop8): ext4_release_dquot:6981: comm kworker/u8:9: Failed to release dquot type 0
[  157.756371][T11794] kernel profiling enabled (shift: 63)
[  157.761988][T11794] profiling shift: 63 too large
[  157.778473][T10253] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.787934][T10253] EXT4-fs error (device loop8): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  157.818272][T10253] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  157.828781][T10253] EXT4-fs error (device loop8): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  157.856184][T10330] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.906352][T11803] ip6gre1: entered allmulticast mode
[  157.945672][T11802] loop8: detected capacity change from 0 to 2048
[  157.999393][T11802] GPT:first_usable_lbas don't match.
[  158.004726][T11802] GPT:34 != 290
[  158.008225][T11802] GPT: Use GNU Parted to correct GPT errors.
[  158.014328][T11802]  loop8: p1 p2 p3
[  158.038622][T11802] 9pnet_fd: Insufficient options for proto=fd
[  158.047032][T11811] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2935'.
[  158.201185][T11816] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2940'.
[  158.230711][T11816] IPVS: Unknown mcast interface: 
[  158.340182][T11825] loop4: detected capacity change from 0 to 4096
[  158.376640][T11825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.953462][T11484] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.016163][T11852] netlink: 'syz.4.2950': attribute type 12 has an invalid length.
[  159.099620][T11862] netlink: '+}[@': attribute type 10 has an invalid length.
[  159.222661][T11872] syz_tun: entered allmulticast mode
[  159.230112][T11872] syz_tun: left allmulticast mode
[  159.259886][T11878] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2961'.
[  159.297926][T11882] bridge: RTM_NEWNEIGH with invalid ether address
[  159.383883][T11894] loop7: detected capacity change from 0 to 512
[  159.390971][T11894] ext2: Unknown parameter 'subj_user'
[  159.424220][T11900] loop7: detected capacity change from 0 to 1024
[  159.440134][T11900] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.452471][T11902] loop4: detected capacity change from 0 to 512
[  159.459120][T11902] EXT4-fs: Ignoring removed oldalloc option
[  159.465415][T11902] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  159.478757][T11902] EXT4-fs (loop4): 1 truncate cleaned up
[  159.484873][T11902] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.538149][T11902] loop4: detected capacity change from 512 to 64
[  159.546663][T11902] syz.4.2973: attempt to access beyond end of device
[  159.546663][T11902] loop4: rw=524288, sector=54, nr_sectors = 18 limit=64
[  159.582657][T11484] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -12)
[  159.594359][T11484] EXT4-fs error (device loop4): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[  159.606871][T11484] EXT4-fs error (device loop4): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[  159.723902][T11922] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  159.759190][T11929] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2982'.
[  159.772069][T11929] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2982'.
[  159.783018][T11922] tipc: Disabling bearer <eth:syzkaller0>
[  159.822328][ T4430] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  159.837882][ T4430] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  159.850162][ T4430] EXT4-fs (loop7): This should not happen!! Data will be lost
[  159.850162][ T4430] 
[  159.859896][ T4430] EXT4-fs (loop7): Total free blocks count 0
[  159.865929][ T4430] EXT4-fs (loop7): Free/Dirty block details
[  159.871931][ T4430] EXT4-fs (loop7): free_blocks=68451041280
[  159.877731][ T4430] EXT4-fs (loop7): dirty_blocks=8208
[  159.883132][ T4430] EXT4-fs (loop7): Block reservation details
[  159.889138][ T4430] EXT4-fs (loop7): i_reserved_data_blocks=513
[  159.900965][T11484] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.914934][ T4390] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.915148][ T4430] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 2048 with error 28
[  159.982687][ T4390] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.028208][T11945] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2993'.
[  160.040894][ T4390] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.101903][ T4390] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.195423][ T4390] bridge_slave_1: left allmulticast mode
[  160.201223][ T4390] bridge_slave_1: left promiscuous mode
[  160.206873][ T4390] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.218227][ T4390] bridge_slave_0: left allmulticast mode
[  160.223969][ T4390] bridge_slave_0: left promiscuous mode
[  160.229660][ T4390] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.322733][T11968] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2998'.
[  160.360843][ T4390] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  160.371203][ T4390] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  160.381023][ T4390] bond0 (unregistering): Released all slaves
[  160.389323][T11965] bridge: RTM_NEWNEIGH with invalid ether address
[  160.467929][T11973] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3000'.
[  160.502247][ T4390] hsr_slave_0: left promiscuous mode
[  160.512224][ T4390] hsr_slave_1: left promiscuous mode
[  160.528880][ T4390] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.536386][ T4390] batman_adv: batadv0: Removing interface: batadv_slave_0
[  160.565106][ T4390] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  160.572565][ T4390] batman_adv: batadv0: Removing interface: batadv_slave_1
[  160.594162][ T4390] veth1_macvtap: left promiscuous mode
[  160.601530][ T4390] veth0_macvtap: left promiscuous mode
[  160.607154][ T4390] veth1_vlan: left promiscuous mode
[  160.612511][ T4390] veth0_vlan: left promiscuous mode
[  160.643032][T11987] loop7: detected capacity change from 0 to 512
[  160.651952][T11987] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  160.662285][T11987] FAT-fs (loop7): Filesystem has been set read-only
[  160.668943][T11987] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  160.679155][T11987] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  160.689597][T11987] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  160.700035][T11987] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  160.710345][T11987] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  160.721578][T11987] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  160.731961][T11987] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  160.732251][ T4390] team0 (unregistering): Port device team_slave_1 removed
[  160.742220][T11987] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  160.742261][T11987] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  160.774303][ T4390] team0 (unregistering): Port device team_slave_0 removed
[  160.827138][T11946] lo speed is unknown, defaulting to 1000
[  160.857685][T11992] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3005'.
[  160.963888][T11946] chnl_net:caif_netlink_parms(): no params data found
[  160.977391][ T4426] Bluetooth: hci0: Frame reassembly failed (-84)
[  161.082465][T11946] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.089820][T11946] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.105197][T11946] bridge_slave_0: entered allmulticast mode
[  161.112617][T11946] bridge_slave_0: entered promiscuous mode
[  161.126231][T11946] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.133545][T11946] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.153779][T11946] bridge_slave_1: entered allmulticast mode
[  161.165386][T11946] bridge_slave_1: entered promiscuous mode
[  161.214875][T11946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  161.238120][T11946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  161.287030][T11946] team0: Port device team_slave_0 added
[  161.294136][T11946] team0: Port device team_slave_1 added
[  161.314863][T11946] batman_adv: batadv0: Adding interface: batadv_slave_0
[  161.321923][T11946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  161.347922][T11946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  161.359777][T11946] batman_adv: batadv0: Adding interface: batadv_slave_1
[  161.366784][T11946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  161.392728][T11946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  161.476043][T11946] hsr_slave_0: entered promiscuous mode
[  161.482495][   T29] kauditd_printk_skb: 320 callbacks suppressed
[  161.482512][   T29] audit: type=1326 audit(161.456:6222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12006 comm="syz.0.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  161.489343][T11946] hsr_slave_1: entered promiscuous mode
[  161.538935][T11946] debugfs: 'hsr0' already exists in 'hsr'
[  161.544702][T11946] Cannot create hsr debugfs directory
[  161.550484][   T29] audit: type=1326 audit(161.456:6223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12006 comm="syz.0.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  161.573534][   T29] audit: type=1326 audit(161.456:6224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12006 comm="syz.0.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  161.596444][   T29] audit: type=1326 audit(161.486:6225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12006 comm="syz.0.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  161.619626][   T29] audit: type=1326 audit(161.496:6226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12006 comm="syz.0.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  161.642548][   T29] audit: type=1326 audit(161.496:6227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12006 comm="syz.0.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  161.665552][   T29] audit: type=1326 audit(161.496:6228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12006 comm="syz.0.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  161.688980][   T29] audit: type=1326 audit(161.496:6229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12006 comm="syz.0.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  161.711927][   T29] audit: type=1326 audit(161.496:6230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12006 comm="syz.0.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  161.734884][   T29] audit: type=1326 audit(161.496:6231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12006 comm="syz.0.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f398d95f6c9 code=0x7ffc0000
[  161.786533][T12017] loop7: detected capacity change from 0 to 128
[  161.827045][T12017] syz.7.3013: attempt to access beyond end of device
[  161.827045][T12017] loop7: rw=0, sector=121, nr_sectors = 920 limit=128
[  161.943643][T12028] bridge: RTM_NEWNEIGH with invalid ether address
[  162.030723][T12036] serio: Serial port ptm1
[  162.083704][T11946] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  162.095481][T11946] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  162.109176][T11946] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  162.118889][T11946] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  162.181327][T11946] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.196883][T11946] 8021q: adding VLAN 0 to HW filter on device team0
[  162.207947][ T4406] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.215069][ T4406] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.234448][ T4443] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.241619][ T4443] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.379401][T12065] loop7: detected capacity change from 0 to 1024
[  162.384573][T11946] 8021q: adding VLAN 0 to HW filter on device batadv0
[  162.402701][T12065] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.423467][T12065] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  162.483855][T12075] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[  162.496472][T12075] EXT4-fs (loop7): This should not happen!! Data will be lost
[  162.496472][T12075] 
[  162.506242][T12075] EXT4-fs (loop7): Total free blocks count 0
[  162.512396][T12075] EXT4-fs (loop7): Free/Dirty block details
[  162.518380][T12075] EXT4-fs (loop7): free_blocks=20480
[  162.523738][T12075] EXT4-fs (loop7): dirty_blocks=3568
[  162.529193][T12075] EXT4-fs (loop7): Block reservation details
[  162.535202][T12075] EXT4-fs (loop7): i_reserved_data_blocks=254
[  162.553722][T11946] veth0_vlan: entered promiscuous mode
[  162.562618][T11946] veth1_vlan: entered promiscuous mode
[  162.594705][T11946] veth0_macvtap: entered promiscuous mode
[  162.607321][T11946] veth1_macvtap: entered promiscuous mode
[  162.625321][T11946] batman_adv: batadv0: Interface activated: batadv_slave_0
[  162.639665][T11946] batman_adv: batadv0: Interface activated: batadv_slave_1
[  162.650177][ T4443] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  162.690014][ T4443] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  162.708345][ T4443] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  162.720180][T12083] loop0: detected capacity change from 0 to 2048
[  162.720565][ T4443] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  162.733417][T12085] xt_CT: You must specify a L4 protocol and not use inversions on it
[  162.751721][T12083] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.780346][T12083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  162.787780][T12083] batman_adv: batadv0: Removing interface: batadv_slave_0
[  162.814269][T12083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  162.821706][T12083] batman_adv: batadv0: Removing interface: batadv_slave_1
[  162.864842][ T4406] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  162.944637][T10330] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.991284][T12098] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3046'.
[  163.001240][T12098] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3046'.
[  163.048236][ T3581] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  163.048481][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  163.206633][T12111] loop8: detected capacity change from 0 to 512
[  163.219670][T12111] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  163.228866][T12111] EXT4-fs (loop8): invalid journal inode
[  163.234932][T12111] EXT4-fs (loop8): can't get journal size
[  163.250512][T12111] EXT4-fs (loop8): 1 truncate cleaned up
[  163.258975][T12111] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.495681][T12121] loop0: detected capacity change from 0 to 512
[  163.545159][T12121] ------------[ cut here ]------------
[  163.550709][T12121] EA inode 11 i_nlink=2
[  163.551052][T12121] WARNING: CPU: 0 PID: 12121 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380
[  163.565551][T12121] Modules linked in:
[  163.569596][T12121] CPU: 0 UID: 0 PID: 12121 Comm: syz.0.3043 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  163.579570][T12121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  163.589935][T12121] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380
[  163.596715][T12121] Code: 90 49 8d 7e 40 e8 e6 f9 b8 ff 4d 8b 6e 40 4c 89 e7 e8 fa f4 b8 ff 41 8b 56 48 48 c7 c7 66 d4 55 86 4c 89 ee e8 a7 f5 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 28 f4 b5 03 0f 1f 84 00 00 00 00 00
[  163.616452][T12121] RSP: 0018:ffffc90002d7b5a0 EFLAGS: 00010246
[  163.622824][T12121] RAX: 7e50ba0e9c7f8a00 RBX: ffff88816ad1ed18 RCX: 0000000000080000
[  163.631003][T12121] RDX: ffffc90006121000 RSI: 000000000000416c RDI: 000000000000416d
[  163.639086][T12121] RBP: 0000000000000002 R08: 0001c90002d7b427 R09: 0000000000000000
[  163.647341][T12121] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88816ad1ecc8
[  163.655494][T12121] R13: 000000000000000b R14: ffff88816ad1ec80 R15: 0000000000000001
[  163.663608][T12121] FS:  00007f398c3bf6c0(0000) GS:ffff8882aee11000(0000) knlGS:0000000000000000
[  163.672827][T12121] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  163.679582][T12121] CR2: 0000001b2d918ff8 CR3: 00000001636c8000 CR4: 00000000003506f0
[  163.687634][T12121] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  163.695737][T12121] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  163.703854][T12121] Call Trace:
[  163.707144][T12121]  <TASK>
[  163.710321][T12121]  ext4_xattr_set_entry+0x77f/0x1020
[  163.715894][T12121]  ext4_xattr_ibody_set+0x184/0x3c0
[  163.721265][T12121]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[  163.727238][T12121]  __ext4_expand_extra_isize+0x246/0x280
[  163.733035][T12121]  __ext4_mark_inode_dirty+0x29d/0x3f0
[  163.738707][T12121]  ext4_evict_inode+0x80e/0xd90
[  163.743655][T12121]  ? __pfx_ext4_evict_inode+0x10/0x10
[  163.749199][T12121]  evict+0x2e3/0x550
[  163.753174][T12121]  ? __dquot_initialize+0x146/0x7c0
[  163.758647][T12121]  iput+0x4ed/0x650
[  163.762494][T12121]  ext4_process_orphan+0x1a9/0x1c0
[  163.767636][T12121]  ext4_orphan_cleanup+0x6a8/0xa00
[  163.772952][T12121]  ext4_fill_super+0x3483/0x3810
[  163.777933][T12121]  ? snprintf+0x86/0xb0
[  163.782282][T12121]  ? set_blocksize+0x1a8/0x310
[  163.787151][T12121]  ? sb_set_blocksize+0xe3/0x100
[  163.792243][T12121]  ? setup_bdev_super+0x30e/0x370
[  163.797300][T12121]  ? __pfx_ext4_fill_super+0x10/0x10
[  163.802731][T12121]  get_tree_bdev_flags+0x291/0x300
[  163.807943][T12121]  ? __pfx_ext4_fill_super+0x10/0x10
[  163.813367][T12121]  get_tree_bdev+0x1f/0x30
[  163.817824][T12121]  ext4_get_tree+0x1c/0x30
[  163.822325][T12121]  vfs_get_tree+0x57/0x1d0
[  163.826764][T12121]  do_new_mount+0x24d/0x660
[  163.831332][T12121]  path_mount+0x4a5/0xb70
[  163.835689][T12121]  ? user_path_at+0x109/0x130
[  163.840410][T12121]  __se_sys_mount+0x28c/0x2e0
[  163.845128][T12121]  __x64_sys_mount+0x67/0x80
[  163.849764][T12121]  x64_sys_call+0x2b51/0x3000
[  163.854472][T12121]  do_syscall_64+0xd2/0x200
[  163.859032][T12121]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  163.865167][T12121]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  163.870968][T12121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.876864][T12121] RIP: 0033:0x7f398d960e6a
[  163.881330][T12121] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.900982][T12121] RSP: 002b:00007f398c3bee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  163.909416][T12121] RAX: ffffffffffffffda RBX: 00007f398c3beef0 RCX: 00007f398d960e6a
[  163.917495][T12121] RDX: 0000200000000180 RSI: 0000200000000340 RDI: 00007f398c3beeb0
[  163.925532][T12121] RBP: 0000200000000180 R08: 00007f398c3beef0 R09: 0000000000800700
[  163.933541][T12121] R10: 0000000000800700 R11: 0000000000000246 R12: 0000200000000340
[  163.942003][T12121] R13: 00007f398c3beeb0 R14: 000000000000047d R15: 000000000000002c
[  163.950035][T12121]  </TASK>
[  163.953107][T12121] ---[ end trace 0000000000000000 ]---
[  163.960403][T12121] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #18: comm syz.0.3043: iget: bad extra_isize 90 (inode size 256)
[  163.974075][T12121] EXT4-fs (loop0): Remounting filesystem read-only
[  163.983398][T12121] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -30)
[  163.992452][T12121] EXT4-fs (loop0): 1 orphan inode deleted
[  163.998928][T12121] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.027335][T12131] netlink: 'syz.2.3048': attribute type 21 has an invalid length.
[  164.035279][T12131] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3048'.
[  164.044555][T12131] netlink: 'syz.2.3048': attribute type 4 has an invalid length.
[  164.052403][T12131] netlink: 'syz.2.3048': attribute type 3 has an invalid length.
[  164.060195][T12131] netlink: 3 bytes leftover after parsing attributes in process `syz.2.3048'.
[  164.116691][T10330] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.138586][T10253] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.169888][T12143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3056'.
[  164.193440][T12148] loop0: detected capacity change from 0 to 512
[  164.227928][T12148] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  164.238399][T12148] FAT-fs (loop0): Filesystem has been set read-only
[  164.249621][T12148] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  164.265511][T12153] loop1: detected capacity change from 0 to 128
[  164.265920][T12148] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  164.288154][T12148] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  164.298889][T12148] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  164.330053][T12148] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  164.341475][T12153] syz.1.3058: attempt to access beyond end of device
[  164.341475][T12153] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  164.357053][T12148] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  164.367535][T12148] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  164.377850][T12148] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  164.388304][T12148] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000)
[  164.408939][T12156] wg2: entered promiscuous mode
[  164.413987][T12156] wg2: entered allmulticast mode
[  164.496317][T12165] loop8: detected capacity change from 0 to 128
[  164.619825][T12177] netlink: 'syz.8.3067': attribute type 10 has an invalid length.
[  164.630446][T12177] netlink: 'syz.8.3067': attribute type 10 has an invalid length.
[  164.665317][T12177] team0: Port device dummy0 removed
[  164.700688][T12177] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  164.872562][T12189] loop8: detected capacity change from 0 to 128
[  164.961674][T12189] syz.8.3073: attempt to access beyond end of device
[  164.961674][T12189] loop8: rw=0, sector=121, nr_sectors = 920 limit=128
[  165.056389][T12193] loop7: detected capacity change from 0 to 2048
[  165.105409][T12199] loop1: detected capacity change from 0 to 1024
[  165.140555][T12199] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.154931][T12193] Alternate GPT is invalid, using primary GPT.
[  165.161354][T12193]  loop7: p2 p3 p7
[  165.238228][T12206] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3080'.
[  165.264996][T11946] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.375479][T12218] $Hÿ: renamed from bond0 (while UP)
[  165.393372][T12218] $Hÿ: entered promiscuous mode
[  165.398532][T12218] bond_slave_0: entered promiscuous mode
[  165.404275][T12218] bond_slave_1: entered promiscuous mode
[  165.410133][T12218] bridge0: entered promiscuous mode
[  165.431771][T12218] dummy0: entered promiscuous mode
[  165.467919][T12216] lo speed is unknown, defaulting to 1000
[  165.669170][T12230] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3089'.
[  165.716307][T12238] netlink: 508 bytes leftover after parsing attributes in process `syz.8.3093'.
[  165.741733][T12235] usb usb8: usbfs: process 12235 (syz.1.3091) did not claim interface 0 before use
[  165.752702][T12235] loop1: detected capacity change from 0 to 128
[  165.765409][T12237] loop0: detected capacity change from 0 to 8192
[  165.765603][T12242] netlink: 'syz.8.3095': attribute type 1 has an invalid length.
[  165.786327][T12242] bond0: entered promiscuous mode
[  165.791428][T12242] bond0: entered allmulticast mode
[  165.793753][T10330] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1)
[  165.797051][T12242] 8021q: adding VLAN 0 to HW filter on device bond0
[  165.804536][T10330] FAT-fs (loop0): Filesystem has been set read-only
[  165.828330][T12235] loop1: detected capacity change from 128 to 0
[  165.828676][    C1] I/O error, dev loop1, sector 33 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  165.840015][T12242] bond0: (slave gretap1): making interface the new active one
[  165.844211][T12244] FAT-fs (loop1): Directory bread(block 33) failed
[  165.851685][T12242] gretap1: entered promiscuous mode
[  165.851798][T12242] gretap1: entered allmulticast mode
[  165.852922][T12242] bond0: (slave gretap1): Enslaving as an active interface with an up link
[  165.875113][T12244] FAT-fs (loop1): Directory bread(block 34) failed
[  165.887145][T12244] FAT-fs (loop1): Directory bread(block 35) failed
[  165.893827][T12244] FAT-fs (loop1): Directory bread(block 36) failed
[  165.900624][T12244] FAT-fs (loop1): Directory bread(block 37) failed
[  165.907519][T12244] FAT-fs (loop1): Directory bread(block 38) failed
[  165.914350][T12244] FAT-fs (loop1): Directory bread(block 39) failed
[  165.927839][T12242] vlan2: entered allmulticast mode
[  165.928183][T12244] FAT-fs (loop1): Directory bread(block 40) failed
[  165.935851][T12242] bond0: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  165.940841][T12244] FAT-fs (loop1): FAT read failed (blocknr 32)
[  165.994861][T11946] FAT-fs (loop1): Directory bread(block 33) failed
[  166.012637][ T4443] FAT-fs (loop1): bread failed in fat_clusters_flush
[  166.019759][T11946] FAT-fs (loop1): unable to read boot sector to mark fs as dirty
[  166.262149][T12270] netlink: 'syz.7.3105': attribute type 1 has an invalid length.
[  166.295527][T12270] bond2: (slave veth11): Enslaving as an active interface with a down link
[  166.372897][T12270] bond2: entered promiscuous mode
[  166.377984][T12270] bond2: entered allmulticast mode
[  166.383546][T12270] 8021q: adding VLAN 0 to HW filter on device bond2
[  166.435941][T12283] pimreg: entered allmulticast mode
[  166.443359][T12283] pimreg: left allmulticast mode
[  166.512609][   T29] kauditd_printk_skb: 107 callbacks suppressed
[  166.512626][   T29] audit: type=1326 audit(166.486:6339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12287 comm="syz.8.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d856ff6c9 code=0x7ffc0000
[  166.542273][   T29] audit: type=1326 audit(166.486:6340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12287 comm="syz.8.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d856ff6c9 code=0x7ffc0000
[  166.565261][   T29] audit: type=1326 audit(166.486:6341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12287 comm="syz.8.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d856ff6c9 code=0x7ffc0000
[  166.588295][   T29] audit: type=1326 audit(166.486:6342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12287 comm="syz.8.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d856ff6c9 code=0x7ffc0000
[  166.611233][   T29] audit: type=1326 audit(166.486:6343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12287 comm="syz.8.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d856ff6c9 code=0x7ffc0000
[  166.634161][   T29] audit: type=1326 audit(166.486:6344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12287 comm="syz.8.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d856ff6c9 code=0x7ffc0000
[  166.657123][   T29] audit: type=1326 audit(166.496:6345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12287 comm="syz.8.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d856ff6c9 code=0x7ffc0000
[  166.680042][   T29] audit: type=1326 audit(166.496:6346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12287 comm="syz.8.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d856ff6c9 code=0x7ffc0000
[  166.702988][   T29] audit: type=1326 audit(166.496:6347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12287 comm="syz.8.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d856ff6c9 code=0x7ffc0000
[  166.725879][   T29] audit: type=1326 audit(166.496:6348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12287 comm="syz.8.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d856ff6c9 code=0x7ffc0000
[  166.845726][T12295] netlink: 'syz.8.3116': attribute type 4 has an invalid length.
[  166.894900][T12305] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3121'.
[  166.940657][T12308] netlink: 1272 bytes leftover after parsing attributes in process `syz.7.3120'.
[  167.039351][ T4406] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.097613][ T4406] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.161657][ T4406] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.175740][T12313] lo speed is unknown, defaulting to 1000
[  167.213284][ T4406] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.237863][T12327] loop8: detected capacity change from 0 to 8192
[  167.263177][T12313] chnl_net:caif_netlink_parms(): no params data found
[  167.288090][T12334] netlink: 'syz.2.3128': attribute type 1 has an invalid length.
[  167.302616][T12334] bond3: entered promiscuous mode
[  167.307746][T12334] bond3: entered allmulticast mode
[  167.313165][T12334] 8021q: adding VLAN 0 to HW filter on device bond3
[  167.334218][T12334] bond3: (slave gretap0): making interface the new active one
[  167.341914][T12334] gretap0: entered promiscuous mode
[  167.347150][T12334] gretap0: entered allmulticast mode
[  167.353498][T12334] bond3: (slave gretap0): Enslaving as an active interface with an up link
[  167.374587][T12334] vlan2: entered allmulticast mode
[  167.380970][T12334] bond3: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  167.415935][ T4406] bridge_slave_1: left allmulticast mode
[  167.421672][ T4406] bridge_slave_1: left promiscuous mode
[  167.427326][ T4406] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.435216][ T4406] bridge_slave_0: left allmulticast mode
[  167.441354][ T4406] bridge_slave_0: left promiscuous mode
[  167.447044][ T4406] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.562314][ T4406] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  167.572394][ T4406] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  167.588077][ T4406] bond0 (unregistering): Released all slaves
[  167.596980][T12313] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.604358][T12313] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.612163][T12313] bridge_slave_0: entered allmulticast mode
[  167.618997][T12313] bridge_slave_0: entered promiscuous mode
[  167.648701][T12347] veth1_macvtap: left allmulticast mode
[  167.736114][ T4406] hsr_slave_0: left promiscuous mode
[  167.746870][ T4406] hsr_slave_1: left promiscuous mode
[  167.773141][ T4406] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  167.780699][ T4406] batman_adv: batadv0: Removing interface: batadv_slave_0
[  167.808394][ T4406] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  167.815977][ T4406] batman_adv: batadv0: Removing interface: batadv_slave_1
[  167.868293][ T4406] veth1_macvtap: left promiscuous mode
[  167.882232][ T4406] veth0_macvtap: left promiscuous mode
[  167.902082][ T4406] veth1_vlan: left promiscuous mode
[  167.917496][ T4406] veth0_vlan: left promiscuous mode
[  168.090437][ T4406] team0 (unregistering): Port device team_slave_1 removed
[  168.108180][ T4406] team0 (unregistering): Port device team_slave_0 removed
[  168.170254][T12313] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.177398][T12313] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.198098][T12313] bridge_slave_1: entered allmulticast mode
[  168.211307][T12313] bridge_slave_1: entered promiscuous mode
[  168.263421][T12313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.274912][T12313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.300015][T12313] team0: Port device team_slave_0 added
[  168.306821][T12313] team0: Port device team_slave_1 added
[  168.332336][T12313] batman_adv: batadv0: Adding interface: batadv_slave_0
[  168.339374][T12313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  168.365322][T12313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  168.377097][T12313] batman_adv: batadv0: Adding interface: batadv_slave_1
[  168.384190][T12313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  168.410390][T12313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  168.440775][T12313] hsr_slave_0: entered promiscuous mode
[  168.446979][T12313] hsr_slave_1: entered promiscuous mode
[  168.462422][T12313] debugfs: 'hsr0' already exists in 'hsr'
[  168.468232][T12313] Cannot create hsr debugfs directory
[  168.476953][T12377] netlink: 'syz.0.3145': attribute type 1 has an invalid length.
[  168.497144][T12377] bond1: entered promiscuous mode
[  168.502254][T12377] bond1: entered allmulticast mode
[  168.507724][T12377] 8021q: adding VLAN 0 to HW filter on device bond1
[  168.529659][T12377] bond1: (slave gretap0): making interface the new active one
[  168.537169][T12377] gretap0: entered promiscuous mode
[  168.542611][T12377] gretap0: entered allmulticast mode
[  168.549532][T12377] bond1: (slave gretap0): Enslaving as an active interface with an up link
[  168.568534][T12377] vlan0: entered allmulticast mode
[  168.574505][T12377] bond1: (slave vlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  168.683648][T12385] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3147'.
[  168.755584][T12385] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3147'.
[  168.797141][T12391] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3150'.
[  168.859266][T12401] lo speed is unknown, defaulting to 1000
[  168.917939][T12406] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3158'.
[  168.969172][T12313] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  168.984500][T12313] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  168.995573][T12313] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  169.021342][T12313] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  169.098808][T12313] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.110453][T12431] netlink: 1276 bytes leftover after parsing attributes in process `syz.0.3164'.
[  169.118897][T12313] 8021q: adding VLAN 0 to HW filter on device team0
[  169.132446][ T4406] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.139568][ T4406] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.177318][ T4390] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.184426][ T4390] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.197587][T12434] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3167'.
[  169.208997][T12434] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3167'.
[  169.222295][T12436] lo speed is unknown, defaulting to 1000
[  169.238822][T12434] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3167'.
[  169.298660][T12313] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.398396][T12459] loop8: detected capacity change from 0 to 1024
[  169.406338][T12459] EXT4-fs: Ignoring removed nobh option
[  169.412032][T12459] EXT4-fs: Ignoring removed bh option
[  169.413441][T12313] veth0_vlan: entered promiscuous mode
[  169.417478][T12459] EXT4-fs: Ignoring removed i_version option
[  169.434193][T12313] veth1_vlan: entered promiscuous mode
[  169.465595][T12313] veth0_macvtap: entered promiscuous mode
[  169.477496][T12465] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3176'.
[  169.486562][T12465] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3176'.
[  169.497991][T12313] veth1_macvtap: entered promiscuous mode
[  169.506638][T12459] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.512032][T12313] batman_adv: batadv0: Interface activated: batadv_slave_0
[  169.539927][T12313] batman_adv: batadv0: Interface activated: batadv_slave_1
[  169.561539][ T4390] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  169.577948][ T4390] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  169.595184][ T4390] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  169.604587][ T4393] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  169.615044][T10253] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.685358][T12487] loop7: detected capacity change from 0 to 256
[  169.701863][T12487] FAT-fs (loop7): bogus number of FAT sectors
[  169.707979][T12487] FAT-fs (loop7): Can't find a valid FAT filesystem
[  169.850356][T12496] netlink: 'syz.3.3185': attribute type 12 has an invalid length.
[  169.907877][T12504] loop0: detected capacity change from 0 to 128
[  169.938668][T12504] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  170.169081][T12525] netlink: 'syz.7.3197': attribute type 1 has an invalid length.
[  170.170422][T12523] loop8: detected capacity change from 0 to 256
[  170.183768][T12523] FAT-fs (loop8): bogus number of FAT sectors
[  170.188663][T12525] bond3: entered promiscuous mode
[  170.189950][T12523] FAT-fs (loop8): Can't find a valid FAT filesystem
[  170.194925][T12525] bond3: entered allmulticast mode
[  170.207037][T12525] 8021q: adding VLAN 0 to HW filter on device bond3
[  170.232396][T12525] bond3: (slave gretap1): making interface the new active one
[  170.239954][T12525] gretap1: entered promiscuous mode
[  170.245333][T12525] gretap1: entered allmulticast mode
[  170.252485][T12525] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  170.271562][T12525] vlan0: entered allmulticast mode
[  170.277285][T12525] bond3: (slave vlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  170.312578][T12530] loop8: detected capacity change from 0 to 128
[  170.319607][T12530] EXT4-fs: Ignoring removed nobh option
[  170.326580][T12530] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  170.344963][T12530] EXT4-fs (loop8): shut down requested (1)
[  170.441281][T10253] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.442326][T12537] netlink: 'syz.7.3202': attribute type 21 has an invalid length.
[  170.546175][T12546] team0: Port device team_slave_0 removed
[  170.671082][T12557] lo speed is unknown, defaulting to 1000
[  170.754179][T12559] ip6gre1: entered promiscuous mode
[  170.762453][T12563] loop0: detected capacity change from 0 to 128
[  171.763520][T12591] 9p: Unknown access argument : -22
[  171.794653][   T29] kauditd_printk_skb: 206 callbacks suppressed
[  171.794666][   T29] audit: type=1326 audit(171.766:6555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c985f6c9 code=0x7ffc0000
[  171.826349][   T29] audit: type=1326 audit(171.796:6556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80c985f6c9 code=0x7ffc0000
[  171.849414][   T29] audit: type=1326 audit(171.796:6557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c985f6c9 code=0x7ffc0000
[  171.872626][   T29] audit: type=1326 audit(171.796:6558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80c985f6c9 code=0x7ffc0000
[  171.895575][   T29] audit: type=1326 audit(171.796:6559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c985f6c9 code=0x7ffc0000
[  171.919078][   T29] audit: type=1326 audit(171.796:6560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c985f6c9 code=0x7ffc0000
[  171.942278][   T29] audit: type=1326 audit(171.796:6561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f80c985f6c9 code=0x7ffc0000
[  171.967413][   T29] audit: type=1326 audit(171.946:6562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c985f6c9 code=0x7ffc0000
[  171.990524][   T29] audit: type=1326 audit(171.946:6563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c985f6c9 code=0x7ffc0000
[  172.013531][   T29] audit: type=1326 audit(171.946:6564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f80c985f6c9 code=0x7ffc0000
[  172.095478][T12604] loop0: detected capacity change from 0 to 8192
[  172.139899][T12604]  loop0: p1 p2 p4 < >
[  172.144025][T12604] loop0: partition table partially beyond EOD, truncated
[  172.151619][T12604] loop0: p1 start 16777216 is beyond EOD, truncated
[  172.158446][T12604] loop0: p2 size 515840 extends beyond EOD, truncated
[  172.168715][T12604] loop0: p4 start 16777216 is beyond EOD, truncated
[  172.440964][T12618] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  172.643747][T12626] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.677096][T12628] lo speed is unknown, defaulting to 1000
[  172.762536][T12634] loop7: detected capacity change from 0 to 128
[  172.769395][T12634] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  172.998636][T12626] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.067161][T12626] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.114139][T12626] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.175456][ T4420] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.187279][ T4420] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.198792][ T4420] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.210608][ T4420] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.294158][T12661] loop0: detected capacity change from 0 to 128
[  173.300751][T12661] EXT4-fs: Ignoring removed nobh option
[  173.307831][T12661] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  173.326748][T12661] EXT4-fs (loop0): shut down requested (1)
[  173.359511][T10330] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  173.380738][T12666] netlink: 'syz.0.3252': attribute type 21 has an invalid length.
[  173.670941][T12678] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  173.679937][T12677] tipc: Resetting bearer <eth:syzkaller0>
[  173.711804][T12677] tipc: Disabling bearer <eth:syzkaller0>
[  173.792105][T12682] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.850789][T12682] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.958116][T12682] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.020975][T12682] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.098280][ T4430] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.118181][ T4430] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.130781][ T4430] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.143460][ T4430] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.628555][T12710] 9p: Unknown access argument : -22
[  174.905452][T12717] loop8: detected capacity change from 0 to 1024
[  174.914606][T12717] EXT4-fs: Ignoring removed orlov option
[  174.930664][T12717] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.263839][T10253] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.389382][T12728] __nla_validate_parse: 16 callbacks suppressed
[  175.389401][T12728] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3279'.
[  175.412535][T12728] bridge_slave_1: left allmulticast mode
[  175.418233][T12728] bridge_slave_1: left promiscuous mode
[  175.423976][T12728] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.438603][T12728] bridge_slave_0: left allmulticast mode
[  175.444367][T12728] bridge_slave_0: left promiscuous mode
[  175.450253][T12728] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.476022][T12728] bond0: (slave bridge0): Releasing backup interface
[  175.605211][T12739] loop3: detected capacity change from 0 to 2048
[  175.650830][T12739] Alternate GPT is invalid, using primary GPT.
[  175.657265][T12739]  loop3: p2 p3 p7
[  175.765909][T12743] netlink: 19 bytes leftover after parsing attributes in process `syz.2.3285'.
[  175.782577][T12745] loop8: detected capacity change from 0 to 1024
[  175.808999][T12745] EXT4-fs: Ignoring removed orlov option
[  175.837185][T12745] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.876240][T12748] netlink: 'syz.2.3287': attribute type 7 has an invalid length.
[  175.884061][T12748] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3287'.
[  176.514801][T12751] ==================================================================
[  176.522938][T12751] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[  176.530072][T12751] 
[  176.532407][T12751] write to 0xffff88811a54f6ac of 4 bytes by task 12745 on cpu 1:
[  176.540134][T12751]  xas_set_mark+0x12b/0x140
[  176.544659][T12751]  __folio_start_writeback+0x155/0x390
[  176.550147][T12751]  ext4_bio_write_folio+0x5ad/0x9f0
[  176.555374][T12751]  mpage_process_page_bufs+0x4a1/0x620
[  176.560841][T12751]  mpage_prepare_extent_to_map+0x786/0xc00
[  176.566660][T12751]  ext4_do_writepages+0xa05/0x2750
[  176.571773][T12751]  ext4_writepages+0x176/0x300
[  176.576543][T12751]  do_writepages+0x1c6/0x310
[  176.581138][T12751]  file_write_and_wait_range+0x156/0x2c0
[  176.586785][T12751]  generic_buffers_fsync_noflush+0x45/0x120
[  176.592691][T12751]  ext4_sync_file+0x1ab/0x690
[  176.597373][T12751]  vfs_fsync_range+0x10d/0x130
[  176.602152][T12751]  ext4_buffered_write_iter+0x34f/0x3c0
[  176.607702][T12751]  ext4_file_write_iter+0x387/0xf60
[  176.612903][T12751]  iter_file_splice_write+0x666/0xa60
[  176.618431][T12751]  direct_splice_actor+0x156/0x2a0
[  176.623576][T12751]  splice_direct_to_actor+0x312/0x680
[  176.628971][T12751]  do_splice_direct+0xda/0x150
[  176.633767][T12751]  do_sendfile+0x380/0x650
[  176.638197][T12751]  __x64_sys_sendfile64+0x105/0x150
[  176.643404][T12751]  x64_sys_call+0x2bb4/0x3000
[  176.648090][T12751]  do_syscall_64+0xd2/0x200
[  176.652593][T12751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.658485][T12751] 
[  176.660806][T12751] read to 0xffff88811a54f6ac of 4 bytes by task 12751 on cpu 0:
[  176.668429][T12751]  xas_find_marked+0x5dc/0x620
[  176.673199][T12751]  find_get_entry+0x5d/0x380
[  176.677796][T12751]  filemap_get_folios_tag+0x92/0x210
[  176.683096][T12751]  mpage_prepare_extent_to_map+0x320/0xc00
[  176.688909][T12751]  ext4_do_writepages+0xa05/0x2750
[  176.694028][T12751]  ext4_writepages+0x176/0x300
[  176.698796][T12751]  do_writepages+0x1c6/0x310
[  176.703386][T12751]  file_write_and_wait_range+0x156/0x2c0
[  176.709026][T12751]  generic_buffers_fsync_noflush+0x45/0x120
[  176.714936][T12751]  ext4_sync_file+0x1ab/0x690
[  176.719616][T12751]  vfs_fsync_range+0x10d/0x130
[  176.724388][T12751]  ext4_buffered_write_iter+0x34f/0x3c0
[  176.729931][T12751]  ext4_file_write_iter+0x387/0xf60
[  176.735133][T12751]  iter_file_splice_write+0x666/0xa60
[  176.740503][T12751]  direct_splice_actor+0x156/0x2a0
[  176.745615][T12751]  splice_direct_to_actor+0x312/0x680
[  176.750990][T12751]  do_splice_direct+0xda/0x150
[  176.755771][T12751]  do_sendfile+0x380/0x650
[  176.760207][T12751]  __x64_sys_sendfile64+0x105/0x150
[  176.765435][T12751]  x64_sys_call+0x2bb4/0x3000
[  176.770121][T12751]  do_syscall_64+0xd2/0x200
[  176.774623][T12751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.780517][T12751] 
[  176.782832][T12751] value changed: 0x0a000021 -> 0x04000021
[  176.788576][T12751] 
[  176.790910][T12751] Reported by Kernel Concurrency Sanitizer on:
[  176.797074][T12751] CPU: 0 UID: 0 PID: 12751 Comm: syz.8.3286 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  176.808456][T12751] Tainted: [W]=WARN
[  176.812257][T12751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  176.822308][T12751] ==================================================================
[  176.925962][T10253] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.