last executing test programs:

1m29.668063062s ago: executing program 0 (id=6):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x9, 0x3, 0x0, 'queue0\x00', 0x300004})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3, 0x0, 0x7}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000140)={0x3, 0xffff, 0x46, 0x0, 0xe})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

1m29.596061692s ago: executing program 0 (id=9):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1, 0x8}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x5c, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x74, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x1, 0xfff3}, {0x0, 0x1}, {0x10, 0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x44, 0x2, [@TCA_FLOW_EMATCHES={0x40, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xfffffffffffffe9e, 0x1, 0x0, 0x0, {{0xe6a7, 0x0, 0xfffe}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x5, 0x3, 0xa}, {0x72, 0x8, 0x10, 0x80}}}, @TCF_EM_NBYTE={0x0, 0x3, 0x0, 0x0, {{0x6, 0x2, 0xffff}, {0x10, 0x0, 0x1, "f18d"}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1000}}]}]}}]}, 0x74}, 0x1, 0x0, 0x0, 0x40004}, 0x2008c010)

1m29.348080954s ago: executing program 0 (id=12):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_format(r2, &(0x7f0000000800)='-1\x00', 0x3)

1m29.255350425s ago: executing program 0 (id=15):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2405, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0xd)

1m28.963201256s ago: executing program 0 (id=19):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000005c0)={0x0, 0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

1m28.905104297s ago: executing program 0 (id=22):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x3200890, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)

1m23.344639773s ago: executing program 3 (id=126):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x24, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x4050)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

1m23.250477313s ago: executing program 3 (id=132):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000180), 0x1)
sendto$inet6(r1, &(0x7f0000000040)='l', 0x1, 0x0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

1m23.228355003s ago: executing program 3 (id=133):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x2300, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=@newtfilter={0x54, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x8, 0xfff3}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x24, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x10, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3}]}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}]}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

1m23.146269304s ago: executing program 3 (id=138):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000280)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

1m22.887845876s ago: executing program 3 (id=142):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)=ANY=[@ANYBLOB="60b80000", @ANYRES16, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32, @ANYBLOB="4400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005"], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x4040084)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x1, 0x70bd2c, 0x4, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0xa, 0xffe0}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_BYTEMODE={0x8, 0xb, 0x1}]}}]}, 0x3c}}, 0x24044855)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1m22.538577478s ago: executing program 32 (id=148):
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)='%-010d \x00'}, 0x20)
faccessat(r2, &(0x7f0000000000)='./file0\x00', 0x5)

1m22.466143498s ago: executing program 3 (id=152):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x8, 0x7}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0x10, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x4}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

1m22.397011159s ago: executing program 33 (id=152):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x8, 0x7}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0x10, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x4}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

1m18.839541402s ago: executing program 4 (id=196):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

1m18.759992602s ago: executing program 4 (id=197):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x80}, 0x18)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000180)=0x2, 0x4)
syz_emit_ethernet(0xbe, &(0x7f00000014c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3e, 0xb0, 0x1000, 0x0, 0x7, 0x11, 0x0, @empty, @empty}, {0x4e21, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "44cb6d37c6818e519c60ca92b05c8ad4ae74ea79fdb58e2b7f29fa51c12f5cbb", "529ce0c19fb809804c2ff3c5412218a7d847fbc93cfef70c00506d947ea54e7f53d1fdc46c7f32f5461c69dbb12ae334", "93789889a9e2835b672961b74d925e86afc527fa482ea332ce27b8a5", {"2e5da89a0ace8edabc766b388285d39f", "375c5bef000000000d4600"}}}}}}}, 0x0)

1m18.713588293s ago: executing program 4 (id=199):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff47}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r2, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b0050000000000002900000036"], 0x5b0}, 0x20008001)
sendmsg$inet6(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000600)="e5f1fddfe175759743a2d6055bef6ad67f4806ff6ac3a93555c1b5b84294df29b09e92680ca8bd3dc842c3147716237f0ad0c3ab59f41083aeb894e76f3c7fc753f2fca40d24553fdd9396171c35ecfd0932f37aa306040bd37f78526b319e572be0ae8b40f01b3835c385e789683bed9c65ccd19545b738fb470ef7c7247c631882fe3cee1ad627ad729a685446e0c1b6ca16a98bececc6ed604084f0de672a6143", 0xa2}, {&(0x7f0000001840)="fa4930e2f7feb52241e739006ef78c0aeb4dd989f1bf69e01e4eb4bb743569e49e3db4ab502ed6980a5794e38f83ba0c77252adc9d177719cb1f7991ee501ad1ff9d69f88d4bb7a70b76402fd5b363", 0x4f}, {&(0x7f0000000840)="3b9eccc918ce8c50894cb802b04e9492b64a02d85d3ed05eac49318868ad13e4fa9e2f1b165dfcc79e43ed30bb0c212bebb71afc79347f2f1a90e936a487e1ce171789626d34ffa8e3b4415ad869955133f81fab7f450d7ef6df7bf6a16cc39fd78e88662ffd1c3b31ffe836682b1ad9c331a068a75d12fd346d77f5cdacee9fee2203a321c260b0b5fdc8b5d7d43148f4b0fb550dd9d8746f0a0444cfa52af90a966921f9cb48b0c99727166a2f59c12dae2fcc4d891258bd723b5fd1fcb4cb219c87fadebe2582802ef18165f5ff67ba0d4eb4d3ef1f80ba9dff1a74dd5874b3d8017ff61b5174d9660e54f2b5f94f29f6665567b2ca6d0549a500a428ce29b197f754f8e3b6c7dc21260ce97551074886667837db75c9a21cdf92b14dcb2e1f997bab3bf1902b8d8e9eb238c021fdbe48675473dac385e2fada25f767ce5e7576c2dc496841123c81314f100e0648405f0ca9b5aa012d9316f3945e613aba10d1fbc2917143ed606c5513394343c9fac6f95ee678031ba5f4a81d8c2ae0d31c5711c91845f07b0add2bb4bd0f700217044582adf1850b0af5f04b63906918b7312fc3a800d67d8293604321633c41153f83662b2cbec354cf9c33e9eaa8ab2c5e4d86f82d379e98ad8d749595829b548ad77596448bf718c5e52a7dac04f62fde8ab1cc55ee5b6fd57327c8e678c1c8f9b8c235c132faffc553d54253f67d40075d91b7abaa303e5844ee31871fcdded3d8de8df952ae53e60d73e57267117129a4b42df34faa3287bb1c475d9ef904b7a4d33f1f8014e59905c3dc145e3974d71487ce05c9149fb4f9788ef0f519151d82391d783df5753819a0d967d842e60d28257741fb8b794b18a4e2f2f4f10412aa580062d0ef3691f4bdc14d283d672ae10fbbe23fa15f9225642aad56cc8a36538afe97750a0bf313cf3b9fdd881aa067b3b6ad9a69c04b50c9b4f8e29c11d7dcaf08b57ecd5cfd8a01b0e50313d09ea6b3634867f0c23c06055e04c36bddcdc6f4e30b2b6c0b0fa25a20843570bd582df937f7f48cd8e07abcfeaef4f8a72b34978ba5c95d65731943cdf2df8357311bb28d7d72fb9226dcbd059b14242c6fd4ab1ac90367a27ab715ebe553416966ceb79db37cd2dc45687269e4da211fbfdd77a44c730a4732a12ff99fd151d205379bee91935a7bf4eef879d564872fdb2d7c399972ce5d44b59ea05d19a6b00c717b1dd3401a169b4402152b6f21c84c865f00ed0a9da758decaf1ad20138b80bee54a918d5d7dd5432c7ee34ae786cf7f55ea7f67229c39b81cccf80ccb424d139df240a9b18b3c4223de42e71ee7264a1c5db8da2d7fb3dfae2befb2f26e0c996d204ba3df39b111c445f3affed9c9fc8c2b67630de56b5a922f3fd7e0c2ef97df3ad486354937c4606a91874c7403dadaeabd03fe82c92cde4d67c6ac2ad7eedc9761224bf0c6b73ba60934f5c2db9846de4c41c6cb2f5ac6a7ad47418279f6cdd951679c1530ee4dab6d81a8cb41db64fc28ab9598c26fe51f6ddb0900a971aacc92a7e2dfbb596a1571609a4b8bc86c5c218b9220ceca304b7052a58e8c6ce427e4c9b127a133e625c02bf77a89ebff746f829401230f2a757c3ce04a6d01b35350973d24637526278fa724cb3053fd04cba673f682992041dc1cbebe9b574e5ab39307d695b2470cc21122e9c58730", 0x4b4}], 0x3}, 0x20000044)

1m18.603141163s ago: executing program 4 (id=200):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, &(0x7f0000000500), &(0x7f0000000540)=r1}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000880)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000013c0)="d0", 0x1}], 0x1}, 0x20000801)
recvmsg(r3, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x10020)

1m18.245502826s ago: executing program 5 (id=149):
r0 = fsopen(&(0x7f0000000080)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='\x00', &(0x7f00000001c0)='dE\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f00000000c0)='dE\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000007c0)='\xd5@=\b\a:\x993\x00', &(0x7f0000000600)='dU|\xcbM\xe6\x91q\b', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='.]:&\x00', &(0x7f0000000140)='\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000001700)='\x01\x01\x00\x00\x11M\\+\x10\x9eDU#UA\xd0~\vZ\x14\xffc\x11w[O\xa5\xe1\xe3&,\x13\xb8^\xe2\x95:\xdfot\xa9\x7fU<\x1f\x1c\xc9j\xa6\x84m,\xe4e\x01\xf7b\xfc\xa8\xab\xb6\xcd\xf5\x8a.|\xd3\xdc \xfd\xbf\xb27\tr\x8a\xb3\xb2lh\x06\xb8\xffo@\xfb\xceV\x97\xa1\x11\b\x00\x00\x00\xec\xfem*\xe8:T\xda*\a\xc2B\x8c\x053v7dz]H\xe06\xbe\x01\xb2(n\xdc\xf5\xb4\xb1\x1b}\x0e\xbd\b0\x19\xfd[),\x10\x00\x00\x005\xd8G\xfc\xedg\xe5\x92\x12\x17\xfe\xe8\xca]\xba\a\a\x06Y\xfc\x14`\x19u\x00#\xe6 -9e\x02\x84\xa5\x88\x16\xc8\x14A\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe7\xff\x00\x00M`\a\x86\x15\xd5\x04\x13\xf1\xd0\x1f\xd4_\x9e\x14\x001\x84)\f\xd3\x02\xa5v\xe6\xeb\xe7A\\Ja}?\xc39\xbb!\xb7\x06\x00\x00\x00\xea\xebT\xa6\xb9=\xa6chZ\xf4\x1e\x15\xb4\xee\xe5g\xf7N\x90<e\xb1\xf2\xb1\x18V\x04\xf9\xef\xf3\x95\x88\x8e\xb8\x1c\x85A\xb8\x85\x9a[\x9fvO\xe8ou\f\x16\xcb\xe3Z\x89\xbc\xdb&v.\xf5.\xa6\xb9\x96ww\xa00\x16\x919\xc7\xa6\xe2\"\'\xc1ng\xf0\xe1L\x9ac\xa5u\xfb\xb4\xac\x13\xceA\x87\b\xdf\x92\xb7\x9d\xda\xc5\xcf\xab\xca;:\nu\xa2x\xf7\xa8:\x05\xd8\x14\x94\xda\x8di\xb2p\xd1\x11\x01\bs\x16\xc3\f8\xa9\x8b\x9bz\xf7\xc5p\xfe/\xb5\x8f\x01\x00\xa46\xeb57\xdb9\xf1\xf6\x8a}\x06\xc6h\xac\xe2\xc0\x88\xf2i\t_u\xd9\xa6\x92\xc2\xaex\xfcwF\vq\n\xa6;o&\xfb6\xc4\xe3;u\x9a\xf0|$\xb5\x0f\x10\xf6\x1f\aB\xbc\x16\xa82\xa5|\x9d\xf5\xc1\xed$\xe4&\"\x12\xfd\xed\xbf\xb3oL\x9aJ\xce\xd9\x1e\xb94\xdb^', &(0x7f0000000b40)='\x00', 0x1)
close(r0)

1m18.175057936s ago: executing program 5 (id=202):
r0 = socket(0x2, 0x80805, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x1}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='lp', 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000080)={0x2, 0x4c21, @private=0xa010100}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{&(0x7f00000002c0)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd01b4c6da297669f098bee986b95e389a2d003539ca9dec8c26b9f6bbb5f7fe6f0b764d99bc0dafcad4121ed6a749ac71fc5deeee54d0e8a2d9dccc87df818258d73c8816b78c1be3670fb14dded879caf925e0f8abf63f55ffee02bbffb465f0303338bd12e22fe94fdaa3f033127ecaf41649232c38e83850fd3ebc890ea5db2763a8389ac49bd9b7f6b81f381d3eeb90d0f596e2b7f7dfa2a0e9453c1f5f359b56aae9e97a51f6c092d25a031843e351f5733a25c5905706618ab569359bdca4932f6471f4f2d152f84cfc0c563885b0d93fd015095a8eb9422e3d17ddaf3f20dde5eeea415f76c0617964198c824b98f4d53ab0d4d734dcd6d07dddd5b77c1bd71208632941973bd5b5aca981137ec21dcd86ba518b3d4979b68f704a2a7d7cfeb9be3edf4b4b3560e930d9dba0bc358cba36a129748c1fa73483a69759ba0c4f2ee2a936899e163c213bb3fe5a28e68669fb2da6bbcdf4c55e933d127a8bc68b8d0e6c6c757fe8ea47f26ceb7c1b3ca8b962eb31a081756ed56fe4385dccc5e2a7a53300e9c8a1a55bcf8db3f828cb3db8485110da631a50199a5c1932b5538a2b1c3cddb4451868a413418e3f761530fd477b2ebb449070c73171964203ad7bad4302af13fa6fe55fb88ede096a7aba95ef3665da778250daa9dd4bd5ecb8a807d83fe6dcf2f0cf5de7a4ef742979afd7d93bb2672ad45f6537640313b1ca8838f3fdc08e57455af6398ce5b253312fe1a88206210831e0de59d1e3f9442fb9dd43f1b9c00d151d3234028990f8bcaf65c0ad9ea1bc20e4b7641ff26969b02ccd60d2d8d2d72fe5fd58068cd6d7525c9e24c4246cd776ecf1f57550bb6bddad5093618797547cde5c07e165bc979bfbb5479c58e89c29efa5fdfa5b4a87917a4275609afc849384458ca980ba5a2aa4d10c761bb3b3a57e3d3b41001cdf6", 0x541}], 0x1}}], 0x2, 0x0)

1m18.134421026s ago: executing program 5 (id=204):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000100000028"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="ca000000006ae85934", @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0, 0x0, 0x800000000000000}, 0x18)
statfs(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=""/6)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@newlink={0x8c, 0x10, 0x403, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x64, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x50, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r3}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e20}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e23}, @IFLA_GRE_LOCAL={0x14, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}}, @IFLA_GRE_ERSPAN_DIR={0x5}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_FLOWINFO={0x8, 0xc, 0xfffffff4}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x8c}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r8, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10)
connect$vsock_stream(r8, &(0x7f0000000600)={0x28, 0x0, 0x0, @local}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket(0x1, 0x803, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2500}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r11}, @IFLA_MASTER={0x8, 0xa, r11}]}, 0x4c}}, 0x0)
r12 = socket$pppl2tp(0x18, 0x1, 0x1)
r13 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r12, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r13, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r14 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r14, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x23}}, 0x2, 0x1}}, 0x2e)
getsockopt(r14, 0x111, 0x4, 0x0, &(0x7f0000000080))
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

1m17.751023689s ago: executing program 4 (id=213):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x196c82f6}, [@call={0x85, 0x0, 0x0, 0x8}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x34, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
io_setup(0x4, 0x0)
syz_open_procfs(0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

1m17.693520439s ago: executing program 4 (id=215):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x4050)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

1m17.62088566s ago: executing program 5 (id=218):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r0, &(0x7f0000000000)="fa", 0xfffffdef)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000080)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0)

1m16.723156115s ago: executing program 5 (id=226):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x196c82f6}, [@call={0x85, 0x0, 0x0, 0x8}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x34, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
io_setup(0x4, 0x0)
syz_open_procfs(0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

1m16.700255976s ago: executing program 5 (id=228):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_local\x00', r2, 0x0, 0x80000001}, 0x18)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x4000000)
close_range(r1, 0xffffffffffffffff, 0x0)

1m13.818462174s ago: executing program 34 (id=22):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x3200890, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)

1m6.63088668s ago: executing program 7 (id=336):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x40289}, &(0x7f00000004c0)=<r4=>0x0, &(0x7f0000000480)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r3, 0x3498, 0x969, 0xffff000000000000, 0x0, 0x0)

1m6.624352971s ago: executing program 7 (id=337):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x18)
write$tun(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001011ff00000000000100070000000000000000ff020000000000000000000000000001"], 0xfdef)

1m6.525464471s ago: executing program 7 (id=338):
open(0x0, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000002900)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x96, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xb9)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000010000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f3ca1664fe2f3ced8416dc180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8070000001fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491d04aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de453f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291a76456ed7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124ee3df3a35e8014d6cb5fd6c054a10bb2146174c1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba5187fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4db5a5df9d62ea6d805dfce568b885a50ed8e2eaf8a932287a1d3bfac17774e58875a63b77e07298e4b4f515189c6fcac3cd35dac9240e633219bb6a5a25865e6ed8e16caa5406b56702afe0befcabbc9a2a772a1a087f0d633d457bceb695b2cba3a1a2daa2dda796373cc0fe0a53236d028fc1076bb746b2717c8b6052f58c91bb8cc19474ab9d4d2160773829f078727f6c684ca749136a7f46ca28b00bb4237695b409859a3cb7dbf298c7802264387811e20a0d78489eab0b0e"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x2e0, 0x12c, 0x60000004, &(0x7f0000000100)="b9ff03076044238cb89e0cf086dd0de0ffff00184000630677fbac141414e000000162079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x25, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b311453dcbb62932a01105d0a8066ca8e5e1f2f575d0d6e996b57fd408d420abb7337934e59815d75b4eb3e7206afce", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7acee366e6fb0b94314f90931dec60fed6c9fee64af416c29f65e47110b81f6b4da06db5e1aad1f627acb", 0x0, 0x3}, 0x2c)

1m6.366962992s ago: executing program 7 (id=339):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x2964, 0x0, 0x10000, 0x2, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
syz_mount_image$ext4(&(0x7f0000000240)='ext2\x00', &(0x7f0000000f00)='./file0\x00', 0x800, &(0x7f0000000180), 0x1, 0x27e, &(0x7f0000000500)="$eJzs3T1oO2UcB/DfXZJ/34JWBRHFFxARLZS6CSLoolAQKSKCChURJ2mFanFrnFwcdFbp5FLEzeooLsVF6Fq1Q0UQsThYHHSIXC6RmCZaL82l/+TzgfTuubsnv0vJ97mH0lwCmFqLEfFYRFQiYikiahGRdB9wT/5YbDd35w7WI5rNZ35NWsfl7Vyn30JENCLi4YhqZ9/2/gsnvx89ef+7b9bu+3j/+bkSXlqld8PpyfFTZx89/c5nqw9tp+1t9fay+3Vcottv7LOxmkTcPIJiV0VSHfcZcBFrb336bRaSWyLi3lb+a5G2I/ve1rWvavHgh4P6vv/L4R1lnitw+ZrNWnYNbDSBqZO25sBJuhwR+XqaLi/nc/jvKvPpa5tbbyy9ulnZeKV71Chj+g6MSj3i+IkvZj5f6Mn/T5U8/8DkyvL/7Nre99n62bm/lAET6c58keV/6aWdB0L+YerIP0yG+QJ95B8mQr1gJ/mH613B7BbI/60/Hj5arBhwpVww/z+XeU5AOcz/YYLVOiuNvrvlH6bXhfPvX31h4nTy79IP06f7+g8ATJfmzLg/gQyMy7jHHwAAAAAAAAAAAAAAAAAA4LzduYP1ziMiKaXm1x9EnD4eEdXe+tH6YoO0tZxt/Zz/LckO+1uSd2u7Vqj+i3cPc/bD+2T0n76u9rRnuxs3/DDy+v/qm7tG87xv/7M58A6WOxsRjezglWr1/Psvab//irvpP/bXXh6ywP/Um+pHniuj6uDf4p97ZdQfbPUo4sts/FnpN/6kcVtr2X/8qXffYrmg1/8Y8gkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAozV8BAAD///BWbAI=")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0)
mount$bind(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000800)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1a9851, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000003c0), 0x200044, 0x0)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x9)

1m6.237334403s ago: executing program 7 (id=341):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000000)=0x1, 0x4)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)

1m5.535696237s ago: executing program 7 (id=344):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
fremovexattr(0xffffffffffffffff, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000280)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0xffffffff, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000000)={0x0, {}, 0x0, {}, 0x10000, 0x1, 0x11, 0x8, "b3958e2e14aea5f2cde4972efd849cee329b6e5c98ef3ad1f493c83174c43def737436256573c3bc9b4820d63f22e619de468606596d7aac5f4c61c95f3be09e", "84a689348b1ee6f93de959b382d096f84dfdd20e93530546f31286fb65cff137", [0xfffffffffffffffe, 0x5]})

1m5.501663148s ago: executing program 35 (id=344):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
fremovexattr(0xffffffffffffffff, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000280)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0xffffffff, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000000)={0x0, {}, 0x0, {}, 0x10000, 0x1, 0x11, 0x8, "b3958e2e14aea5f2cde4972efd849cee329b6e5c98ef3ad1f493c83174c43def737436256573c3bc9b4820d63f22e619de468606596d7aac5f4c61c95f3be09e", "84a689348b1ee6f93de959b382d096f84dfdd20e93530546f31286fb65cff137", [0xfffffffffffffffe, 0x5]})

1m2.638611026s ago: executing program 36 (id=215):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x4050)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

1m1.556658993s ago: executing program 37 (id=228):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_local\x00', r2, 0x0, 0x80000001}, 0x18)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x4000000)
close_range(r1, 0xffffffffffffffff, 0x0)

4.130441744s ago: executing program 2 (id=1550):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_pidfd_open(r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000b40)=ANY=[@ANYRESDEC=r1], &(0x7f0000000240)=""/9, 0x68, 0x9, 0x2000, 0x2}, 0x28)
r2 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100)
readv(r4, &(0x7f0000000300)=[{&(0x7f0000000000)=""/47, 0x2f}], 0x1)

2.928363901s ago: executing program 2 (id=1563):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
io_setup(0x23, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="fdff0000", @ANYRES16=r2, @ANYBLOB="01002bbd7000ffdbdf25110000000c00098008000100fbffffff"], 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x8090)
pipe2$watch_queue(0x0, 0x80)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'wrr\x00', 0x23, 0x81, 0x5}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x4e23, 0x10000, 0x1cb, 0x12d61, 0x12d58}}, 0x44)
sendmsg$sock(r4, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

2.768958702s ago: executing program 2 (id=1564):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@barrier_val={'barrier', 0x3d, 0x101}}, {@errors_remount}]}, 0x2, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000001480)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = socket(0x8000000010, 0x2, 0x0)
write(r2, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000001a00000a8500000007000000c50000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

2.454755615s ago: executing program 1 (id=1567):
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)

2.439692885s ago: executing program 1 (id=1568):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
ioctl$SG_BLKTRACESTART(r0, 0x1274, 0x0)

2.316063735s ago: executing program 6 (id=1569):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
recvmmsg(0xffffffffffffffff, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000780)=""/120, 0x78}], 0x2}, 0x2}], 0x1, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_LOOPBACK(r2, 0x65, 0x3, &(0x7f0000000000)=0x1, 0x4)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x1)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

2.244050486s ago: executing program 2 (id=1570):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
ioctl$TCXONC(r0, 0x4b3a, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @local, @void, {@ipv4={0x800, @tcp={{0xa, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0xfe, 0x6, 0x0, @private=0xa010102, @private=0xa010102, {[@noop, @generic={0x44, 0x10, "0d8d23d251f204177777f02fa2fb"}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f00000001c0)='./file0\x00', 0x800082, &(0x7f0000000680)=ANY=[@ANYBLOB="756d61736b3d30303030303030303030303030303030303030333737372c616c6c6f775f7574696d653d30303030303030332c000000000083ec4c0d6e84de0249d09f31ef580c3d00000000"], 0x1, 0x1b1, &(0x7f0000000240)="$eJzs3cFqE0EYB/Bv23UbxEPP4mHBi6egPkFUWiguCMoe9KRQvbQi2MvqqW/hG/gqvo7k1FskTmhoWcEetrvJ/n6XfOx/wnwzgcwpk/cPPp8cfzn79PPXj5hMsshnMYuLLPZjJ3YjOY8rstanAMDGuFgs4vci+Y/hz2+hJQCgYzc8/wGALeD8B4Dxcf4DwPi8efvu5bOqOnhdlpOI+XlTN3V6TfnhUXXwuPxrf/2uedPUu5f5k5SXV/M7cXeVP23Ni3j0MOXL7MWrKuV5GtHUe3Hc1vAs62AXAAAAAAAAAAAAAAAAAAAAAADgdk3LS633+0ynxT/yVB0eFatn1+/3yeN+3jJh0ckyAAAAAAAAAAAAAAAAAAAAYKOdfft+8uH09OPX4RbzYbQxtOJe55/g3mqGvle67cVynwfQxrWixy8lAAAAAAAAAAAAAAAAAAAYqfWPfvvuBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6s/7//+6K5Tw7fS8UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBR+xMAAP//+cFD/w==")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x21)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)

2.207621356s ago: executing program 6 (id=1571):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
getdents64(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f00000001c0)={0xbc, 0x400, 0x9})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x1)

2.163735806s ago: executing program 2 (id=1572):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_clone(0xa5144411, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
ioprio_set$pid(0x2, 0x0, 0x4007)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0xf, &(0x7f00000000c0)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000040)={0x2000, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
close_range(r1, 0xffffffffffffffff, 0x0)

1.730829329s ago: executing program 9 (id=1573):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$l2tp(0x2, 0x2, 0x73)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x9, 0x2000)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000300)={&(0x7f0000000000)="8d", &(0x7f0000000040)=""/93, &(0x7f00000000c0)="282e0f944f641c2f4fe0b0787c05549df9d8cf2f157546396cdc1e627f537591145f112f4823deb022ff95ba8d312da63a74da562724d06e1518c545b361a26cbb3a515355722d58216e1ef25e67f52a9e09dd253762691e6987f03e9471f6081589108e8dae73fac1b5a8e8024e9e0d7dffef03703d49a393608f698f4e58ce13f6d846b1a2d3a6a44513d533bae073c871cd85a9f3187e0d7c9a87c26caaa00f48766319824f206a7cb8cab71b9b1b44179f4dfc83", &(0x7f0000000180)="2a67192b10821fdc96a02a87076b5c82dea85496c2513f07d8e4a8074c14da60af44ae8d83a5002254415a247b5d360a53d123af9af8a60fe6d5d10cf6ef6ec661829e1236484ab219efb92593361dcdbfa5b1fc193d9c90440f6a8eb9744253d53547eef5ba7b063c2cf7f7147cca3ae75bb0a7144c4565bd210894f8bfd8", 0x8, r1}, 0x38)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, 0x2}, 0x94)
r2 = socket(0x11, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'gre0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @remote}, 0x14)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000300)=0xe9, 0x4)
sendmsg$netlink(r2, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="3f011400e0dc14"], 0xdd12}], 0x1}, 0x20040051)
sendto$l2tp(r0, &(0x7f0000000200)="e5786a9a66b8a6d06837df6ac96f5fee0077a6f807c1ed94b6e48b80795500"/44, 0xfffffffffffffebf, 0x8000, &(0x7f0000000240)={0x2, 0x0, @broadcast}, 0x10)

1.707659469s ago: executing program 9 (id=1574):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r0}, &(0x7f00000003c0), &(0x7f0000000400)='%-010d \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a0104000000ce000000000a0000040900010073797a3100000000080005400000002b0900020073797a310000000008000a40fffffffc140000001100"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.672021689s ago: executing program 6 (id=1575):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x6, 0x1)
sendmmsg$inet6(r0, &(0x7f0000002040)=[{{&(0x7f0000000200)={0xa, 0x4e23, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}, 0x4}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000280)="cfe0bd3b0da11ef41b173ee8a4237d8adf61cc91455aa112e84e0a2a038a39998c9e1d22a708dde48328ec6f0a157ba8689cab1430c0217f298d7558094eff87208432b3fd781ae8354abf2c4801720304116ad4e8d572aa6d84b3a6931241325e70d6", 0x63}], 0x1, &(0x7f0000000500)=[@flowinfo={{0x14, 0x29, 0xb, 0x101}}, @rthdrdstopts={{0x28, 0x29, 0x37, {0x1, 0x1, '\x00', [@ra={0x5, 0x2, 0x5}, @jumbo={0xc2, 0x4, 0x8}]}}}, @hopopts_2292={{0x68, 0x29, 0x36, {0x2f, 0x9, '\x00', [@calipso={0x7, 0x30, {0x3, 0xa, 0x6, 0x3ff, [0x3, 0xa2, 0xfffffffffffffffb, 0x2, 0x7ff]}}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @mcast2}]}}}, @rthdr_2292={{0x78, 0x29, 0x39, {0x88, 0xc, 0x1, 0x0, 0x0, [@private2, @loopback, @mcast1, @remote, @private1, @private1={0xfc, 0x1, '\x00', 0x1}]}}}, @hoplimit={{0x14}}, @tclass={{0x14, 0x29, 0x43, 0x6}}, @rthdr={{0xa8, 0x29, 0x39, {0x8, 0x12, 0x2, 0x8, 0x0, [@loopback, @private1, @private2, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty]}}}], 0x1f8}}, {{&(0x7f0000000380)={0xa, 0x4e22, 0x7f, @private0={0xfc, 0x0, '\x00', 0x1}, 0x101}, 0x1c, &(0x7f0000000780)=[{&(0x7f00000003c0)="f43b1d98c881c5e258c334f6b3d570142a9cefde51f31b922716e893c86e4b9b432e02be469192ca57207b4e56e273dd71c5a1e17dbeca9af92d13c95f587ea78bd9144112fe", 0x46}, {&(0x7f0000000700)="93dad691f009f2230be5b81c5b557ae7dbee49740e92cf2d25e9c6dad52acc0ac1c98387a67d271f6a1afa057f16e419b47d633a4b383ce6ebef98", 0x3b}, {&(0x7f0000000740)="479f65fc31b07c613d05959cc678a2a3cd6938a43743cd42a1fc6fa3cbe95e0bad3d46924684fb2ac05693d38934b87112573fe4e77b867455a24399d94a", 0x3e}], 0x3}}, {{&(0x7f00000007c0)={0xa, 0x4e21, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffff8}, 0x1c, &(0x7f0000000b00)=[{&(0x7f0000000800)="6861a4dd9a78aeb9bd1d", 0xa}, {&(0x7f0000000980)="934e70442051e20dcff484356c73e3dcc62c5ff2f94c6a3b60f883b7d81c17aac41bdbd3d523e3d773db72de58f8ee9f09febb6f964ebca41065f3becbf88534cfcc1fe0ee996fafdb4968bd60f7ee86d9614cf5ad7eec1a22ba882169a77d2fac5d47f510779b0470de9a03d9f27cf6271c508c0431c8245460a2ef0820d3028c96c0e7c27a83b06f70dece300d3dc54159408fd19d9ec05ca9c184209920b25b4b", 0xa2}, {&(0x7f0000000840)="583fdafcf448829f210d981bcd17fcab4557cf8f1c2a7754ae8cc3ade6", 0x1d}, {&(0x7f0000000a40)="9536419640f43dfb3e33d54106d28a822e0bac5cbc8ddd51fbbc0b096c847045c0e2235c65688149f68d7aa571bbb372e26941c217d15f8ae0fbd1281708793db9fa406f493b49900d0b3a9270650e6858cae34439c401c65429c4046e2b69d063dd343e71e7908bb7bd9284f0d22aaa65b64209e6527859cfa1751ad310d732b6d907e3b0bcbae709e71017a110467eb4211568ee0ccf17c8ac2b9194f673cc", 0xa0}], 0x4, &(0x7f0000000b80)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x1}}, @hopopts_2292={{0x38, 0x29, 0x36, {0x3a, 0x3, '\x00', [@calipso={0x7, 0x10, {0x1, 0x2, 0x3, 0x4, [0x0]}}, @ra={0x5, 0x2, 0x1}, @jumbo={0xc2, 0x4, 0x9}]}}}, @rthdr={{0x78, 0x29, 0x39, {0x73, 0xc, 0x0, 0x4, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @private2={0xfc, 0x2, '\x00', 0x1}, @private1, @empty, @private0]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x6}}], 0xe0}}, {{&(0x7f0000000880)={0xa, 0x4e21, 0x42, @mcast2, 0xfffffffd}, 0x1c, 0x0, 0x0, &(0x7f0000002000)}}], 0x4, 0x854)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './bus\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0x86c9460748f085ce})
socket$nl_route(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_flash={0x33, 0xea6, '.\x00'}})

1.5332388s ago: executing program 9 (id=1577):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000880)={[{@grpjquota}, {@journal_dev={'journal_dev', 0x3d, 0x4}}, {@norecovery}, {@noinit_itable}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@minixdf}, {@usrjquota}, {@noquota}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
chdir(&(0x7f0000000400)='./file0\x00')
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = accept(r1, 0x0, &(0x7f0000000040))
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r5, 0x800448d2, &(0x7f0000000100))

1.480108401s ago: executing program 8 (id=1578):
socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
accept$packet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1c9200, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r1}], 0x2b, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x2, @empty, 0xa098}, {0xa, 0x4e21, 0x8000009, @loopback}, r3, 0x4040099d}}, 0x48)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

1.346801532s ago: executing program 1 (id=1579):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="2703", 0x2}], 0x1}, 0x4)

1.279495572s ago: executing program 1 (id=1580):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x9, @empty, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303, 0x37}, "475566172f45f029", "000000010000662b00", "00001000", "4e67cb72f328ac2f"}, 0x28)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0xffffffff}, 0x18)
ftruncate(0xffffffffffffffff, 0xf4ff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = fsopen(0x0, 0x0)
fsmount(r3, 0x1, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.273122022s ago: executing program 8 (id=1581):
socket$can_raw(0x1d, 0x3, 0x1)
socket$isdn_base(0x22, 0x3, 0x0)
unshare(0x2040400)
fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$rds(0x15, 0x5, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x2000000}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000180)=@gcm_128={{0x304}, "fb0fda000000cc00", "4cb42692506aed242aa8b6f46fcbc0c6", "aa4bc766", "5f3a3962aad66cc0"}, 0x28)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
shutdown(r0, 0x1)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x3, 0x80000002}, 0x0, 0x0)

1.235031642s ago: executing program 2 (id=1582):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2, &(0x7f00000001c0)=0x7ff, 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
splice(r3, 0x0, r2, 0x0, 0x406f413, 0x0)

1.189866913s ago: executing program 1 (id=1583):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="666c7573682c756e695f786c6174653d312c6e6f6e756d7461696c3d302c726f6469722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c6e6f6e756d7461696c3d302c756e695f786c6174653d302c757466383d312c756e695f786c6174653d302c757466383d312c756e695f786c6174653d312c6e6f6e756d7461696c3d302c646f733178666c6f7070792c726f6469722c756e695f786c6174653d312c71756965742c00aaed2e6322e12ca43d55f4e47d9fb6f319fab9c81cd7b9b508d5df5619dad30ed85701f46d5bb2b85a6aecd28cb992054878a859b15b1598ee0b05192ff4df579d2dd72fb9a6a092bb22740cfe0636a3d8ff4e975e21fc6d6e2d6ece2beac2098361fe652ea69917e6d47463ceb0b35bc7a2f8799debe5e7b6e82c84ab25d06157c08f006d90e62a8026a845835dbf4ac25eec51c3ec73c82014eee15eaaa12308449afc6ca2e37c23d441b343cec1f74e52bc1f21eb18053a9b98d3a304fba3751bd0121940bc9d276f1e5352b9f4e674bb80ffeaaff6843ef1c8a7a7e0d592893a77ae91e025a35840e7ff4fdb3571d1986ed6f5a23d9ee6bf1cec17af0627c04bf47586ce288a466c039a1ead7fd99feacc51d9f7a2e67f46a0b86b45e5d7cb4affc1c539a764f5"], 0x1, 0x30a, &(0x7f0000001040)="$eJzs3c1rE00cwPFf0iZp+vK0p4eHB4WhggjSpSl482CRFsSA0jaCFYSt3WrINinZUIiI7UHw6tlDDx5FEMGbFxGvvfgX+HbrpTcLFkc2+9I0Wbax0trW7+fQTHd+v9nZndk2nSabjYtPFksLjvFdd0sLvSKS8cvv1z6dnn7X732j1OT4TG5MqaSI3HrwYvhtre/G63/eZGR96PbG5tjX9VMzIj9m7klSFR1V1lprNVep1BJu8nzRKRlKXbct07FUsexY1ZoyG/XmnG2pBbuytFRXZnl+oHepajmOMst1VbLqqlZRtWpdmXfNYlkZhqEGelv7/HcaCkvJtrpEXGLh+ZbWsukOUGZVtNYR0atBIeU/Zn6vszhKWsY/NrZtcnQdZM9wGLZ0dzj+6T3GHyePd/1/ftrJ9Y+TZ/rm7NXxfH5iSqkekcXHy4Xlgvfo1X/sk6LYYsna1PnZbXHniE8S7tfJK/mJUdUwJGcXV/z8leWC98thfMHPz8mg+zylKV+C/JyXr3bnp6S3KT940hGVPxbkS7IpPy3nzjTt35BB+XBHKmLLfKOdnfyHOaUuX8u37D/biAMAAAAAAAAA4DgyVGhn/T4R/qs3axiZxis+wvqsu9mN8wLC9fVRGZTt6PX50cj1/W75v+0lJwAAAAAA4CA49fsl07at6q8XpIOYrmfZmF2kRMQtiDwadjsT2+C/fo9bqtw2IrLSItLeTlcnffYL2Qve/l5O+R2T/Z6oAywkRaR5i/dmDffg7Vd+TH/k+XGS8ROgUZcIz+FIuv3Mm7bdc6iHnGkaU9FaRwZLz/4mdibyADspJLaDLf9FxuiEndqrHW0GMcGFudfeL0VfDvGFcCa4o++NYOuJGvnitWvH/ND4Fi7xAQAAADhGmv5wAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf8i+7sQW3Ld/d5X4HxHffku21s+J577/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6gnwEAAP//aQCoKQ==")
recvmsg(0xffffffffffffffff, 0x0, 0x1f00)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003"], 0x0, 0x37, 0x0, 0xffffffff}, 0x28)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'lo\x00'})

1.074639594s ago: executing program 1 (id=1584):
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={<r0=>0x0}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000140)={r0, 0xfb4}, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = getpid()
syz_pidfd_open(r1, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xc0100, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="140100002900010000000000fcdbdf250301f2800c001c000bac0f00000000001400050000000000000000000000ffff7f00000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c808004500ac1414bb008ff6c7ceb20989cf7012879d834d615c00270767239d067b197678c60ec0bbf9b5ea23c51fe2e06d657cb535325ebaecae2f435734d53e43af5234199a718bcc0b75cb5205db65bc4907a3a45abd6c5348e15545c24e24fa1475570e72fe61b6abb82c9b0ea64e526ca2c38b1b88ce7726aac7f5a8611f51869e00059e3bc734692b2bd2aa2fea80ff865ef41e21729e192cdb793c9295cb8bbde418524334b6d611b73ec02e2ad303eb4d81c4c524d2f60586af33ec6294d9045b90ce4052b763b80fd2a2424b3f4ad485cef311f234277dcec0401bbaaad2d782fc5e0a0e7e4a"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='\a\x00!\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES16=r0, @ANYBLOB='\x00'/28], 0x50)
r6 = gettid()
r7 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$lock(r7, 0x25, &(0x7f0000000300)={0x2, 0x0, 0x0, 0xffffffff, r6})
r8 = syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r8)
ptrace$pokeuser(0x6, r8, 0x358, 0xffff888237c16e50)
capget(&(0x7f00000003c0)={0x19980330, r8}, &(0x7f0000000400)={0xe, 0x1ff, 0x7fff, 0x0, 0x7fff, 0x6})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x18)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r10 = socket(0x1f, 0x3, 0x9)
sendmsg$NFT_BATCH(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000ea27210000000000000217d16a2800000a00000a0000001100010000000000000026a369b22c18c7331774b7d953186385a2760c7d9acf34cd4e4efe902f5006436735d4069b9b0a994b465091fd165b1cba041042f779f9eecc43201b3f006de4a6e58d240043b414080e4fdae9db1d547a5f4c5dc815d30f012a72c2b744abaa99e9210826548d3556325197f402aea7c4f7b2d5ac4185e4671d82dc"], 0x28}}, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7030000e2000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000007c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x38e38e38e38e53f, [{{0x9, 0x2, 0x48}}]}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2000000)

815.679495ms ago: executing program 6 (id=1585):
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{}, 0x0, 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000b80)=[{0x6}]}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2, 0x0, 0x7}, 0x18)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x400448de, 0x0)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

796.975855ms ago: executing program 6 (id=1586):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x15)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000040)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
syz_clone3(&(0x7f0000000080)={0x801400, 0x0, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r1 = socket(0xbfa115ac85aabd5f, 0x803, 0xc4d3)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000004780)={'wg2\x00', &(0x7f0000000200)=@ethtool_link_settings={0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x20, [0x0, 0x400, 0x0, 0xc, 0xfffffffc, 0x0, 0x1]}})
pipe2$9p(&(0x7f0000000240), 0x0)

642.820576ms ago: executing program 9 (id=1587):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
setxattr$system_posix_acl(&(0x7f0000000000)='./file2\x00', &(0x7f00000001c0)='system.posix_acl_access\x00', 0x0, 0x0, 0x1)
r6 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r6, &(0x7f0000000040)=ANY=[], 0x101d0)

505.078727ms ago: executing program 9 (id=1588):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x10002)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
creat(&(0x7f0000000100)='./bus\x00', 0x8c)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0xe340, 0x103)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x69000}], 0x1, 0x7000, 0x0, 0x3)

413.292098ms ago: executing program 8 (id=1589):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0x8}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000940)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r4, {0xf000, 0xffff}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r9, {0xf000, 0xff11}, {}, {0x7, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x20004884}, 0x20000800)

395.087778ms ago: executing program 9 (id=1590):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000010000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file0\x00', 0x14510, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r2, 0x2000009)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r5, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

329.666368ms ago: executing program 8 (id=1591):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
eventfd(0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x181002, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0xfffc, 0xbfff, 0x19, "ec28a144f13d7607"})
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0xfffffffc, 0x0, 0x0, 0x10, "0062ba5d8200"})
r2 = syz_open_pts(r1, 0x20800)
dup3(r2, r1, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000000c0)=0x3)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x44)

186.690289ms ago: executing program 6 (id=1592):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000001c0)={0x1, &(0x7f0000000140)=[{0x6, 0x8, 0x3, 0x6}]})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x60040, 0x0)
close(r4)
socket$unix(0x1, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

98.84405ms ago: executing program 8 (id=1593):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
recvmmsg(r6, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f00000052c0)=""/235, 0xeb}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x3}, 0x3}], 0x1b00, 0x0, 0x0)

0s ago: executing program 8 (id=1594):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000700)='/proc/stat\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x7, 0x1, 0x7, 0x5, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x81, 0x2, @perf_config_ext={0x7, 0x7fff}, 0x0, 0x5, 0x1, 0x3, 0xfffffffffffffffb, 0x1, 0x8, 0x0, 0x9, 0x0, 0x1ff}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
futimesat(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

kernel console output (not intermixed with test programs):

r
[   78.519247][ T5438] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   78.529595][ T5438] EXT4-fs (loop1): 1 orphan inode deleted
[   78.535835][ T5438] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.547989][  T271] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[   78.564667][  T271] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:5: Failed to release dquot type 0
[   78.582272][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   78.855386][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.865275][ T3323] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[   78.866215][ T5447] netlink: 200 bytes leftover after parsing attributes in process `syz.6.595'.
[   78.878570][ T3323] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   78.899357][ T3323] EXT4-fs error (device loop1): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[   78.965049][ T5452] loop8: detected capacity change from 0 to 2048
[   78.990753][ T5452] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.019736][ T4467] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   79.020910][ T5459] netlink: 28 bytes leftover after parsing attributes in process `wޣ�'.
[   79.043356][ T5459] netem: change failed
[   79.056085][ T4467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.100688][ T5465] loop6: detected capacity change from 0 to 512
[   79.119135][ T5465] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   79.163177][ T5465] EXT4-fs (loop6): 1 truncate cleaned up
[   79.180241][ T5465] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.253438][ T3891] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.323089][ T5487] loop2: detected capacity change from 0 to 512
[   79.361049][ T5487] EXT4-fs (loop2): orphan cleanup on readonly fs
[   79.413782][ T5487] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.614: EA inode hash validation failed
[   79.426595][ T5487] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   79.437770][ T5516] loop9: detected capacity change from 0 to 512
[   79.443234][ T5487] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.614: corrupted inode contents
[   79.464173][ T5487] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #15: comm syz.2.614: mark_inode_dirty error
[   79.464744][ T5516] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[   79.482696][ T5487] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.614: corrupted inode contents
[   79.489064][ T5516] EXT4-fs warning (device loop9): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   79.510599][ T5487] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #15: comm syz.2.614: mark_inode_dirty error
[   79.513829][ T5516] EXT4-fs (loop9): 1 truncate cleaned up
[   79.523398][ T5487] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #15: comm syz.2.614: mark inode dirty (error -117)
[   79.528668][ T5516] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.541681][ T5487] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[   79.561703][ T5487] EXT4-fs (loop2): 1 orphan inode deleted
[   79.567901][ T5487] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   79.648145][ T5487] SELinux: ebitmap: truncated map
[   79.655971][ T5487] SELinux: failed to load policy
[   79.680058][ T4565] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.705719][ T4614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.152598][ T5579] pim6reg1: entered promiscuous mode
[   80.158082][ T5579] pim6reg1: entered allmulticast mode
[   80.212324][ T5586] netlink: 28 bytes leftover after parsing attributes in process `wޣ�'.
[   80.221048][ T5586] netem: change failed
[   80.427303][ T5611] lo: entered allmulticast mode
[   80.433878][ T5611] tunl0: entered allmulticast mode
[   80.440251][ T5611] gre0: entered allmulticast mode
[   80.447174][ T5611] gretap0: entered allmulticast mode
[   80.453830][ T5611] erspan0: entered allmulticast mode
[   80.460797][ T5611] ip_vti0: entered allmulticast mode
[   80.467495][ T5611] ip6_vti0: entered allmulticast mode
[   80.474274][ T5611] sit0: entered allmulticast mode
[   80.480680][ T5611] ip6tnl0: entered allmulticast mode
[   80.487643][ T5611] ip6gre0: entered allmulticast mode
[   80.494988][ T5611] syz_tun: entered allmulticast mode
[   80.501412][ T5611] ip6gretap0: entered allmulticast mode
[   80.508559][ T5611] bridge0: entered allmulticast mode
[   80.515195][ T5611] vcan0: entered allmulticast mode
[   80.521697][ T5611] bond0: entered allmulticast mode
[   80.526883][ T5611] bond_slave_0: entered allmulticast mode
[   80.532669][ T5611] bond_slave_1: entered allmulticast mode
[   80.540985][ T5611] team0: entered allmulticast mode
[   80.546152][ T5611] team_slave_0: entered allmulticast mode
[   80.551914][ T5611] team_slave_1: entered allmulticast mode
[   80.560870][ T5611] dummy0: entered allmulticast mode
[   80.568103][ T5611] nlmon0: entered allmulticast mode
[   80.578260][ T5611] caif0: entered allmulticast mode
[   80.584300][ T5611] batadv0: entered allmulticast mode
[   80.592356][ T5611] vxcan0: entered allmulticast mode
[   80.598794][ T5611] vxcan1: entered allmulticast mode
[   80.607326][ T5611] veth0: entered allmulticast mode
[   80.614824][ T5611] veth1: entered allmulticast mode
[   80.621533][ T5624] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[   80.632889][ T5611] wg0: entered allmulticast mode
[   80.639053][ T5611] wg1: entered allmulticast mode
[   80.657008][ T5611] veth0_to_bridge: entered allmulticast mode
[   80.665872][ T5628] netlink: 200 bytes leftover after parsing attributes in process `syz.2.648'.
[   80.667444][ T5611] veth1_to_bridge: entered allmulticast mode
[   80.685101][ T5611] veth0_to_bond: entered allmulticast mode
[   80.694365][ T5611] veth1_to_bond: entered allmulticast mode
[   80.703312][ T5611] veth0_to_team: entered allmulticast mode
[   80.713129][ T5611] veth1_to_team: entered allmulticast mode
[   80.722387][ T5611] veth0_to_batadv: entered allmulticast mode
[   80.730040][ T5611] batadv_slave_0: entered allmulticast mode
[   80.737609][ T5611] veth1_to_batadv: entered allmulticast mode
[   80.745180][ T5611] batadv_slave_1: entered allmulticast mode
[   80.752027][ T5611] xfrm0: entered allmulticast mode
[   80.759786][ T5611] veth0_to_hsr: entered allmulticast mode
[   80.766913][ T5611] hsr_slave_0: entered allmulticast mode
[   80.775587][ T5611] veth1_to_hsr: entered allmulticast mode
[   80.783743][ T5611] hsr_slave_1: entered allmulticast mode
[   80.790964][ T5611] hsr0: entered allmulticast mode
[   80.797882][ T5611] veth1_virt_wifi: entered allmulticast mode
[   80.806373][ T5611] veth0_virt_wifi: entered allmulticast mode
[   80.814239][ T5611] veth1_vlan: entered allmulticast mode
[   80.821006][ T5611] veth0_vlan: entered allmulticast mode
[   80.829309][ T5611] : entered allmulticast mode
[   80.836168][ T5611] vlan1: entered allmulticast mode
[   80.842885][ T5611] macvlan0: entered allmulticast mode
[   80.849353][ T5611] macvlan1: entered allmulticast mode
[   80.856156][ T5611] ipvlan0: entered allmulticast mode
[   80.861604][ T5611] ipvlan1: entered allmulticast mode
[   80.867567][ T5611] veth1_macvtap: entered allmulticast mode
[   80.875159][ T5611] veth0_macvtap: entered allmulticast mode
[   80.883277][ T5611] macvtap0: entered allmulticast mode
[   80.889986][ T5611] macsec0: entered allmulticast mode
[   80.897196][ T5611] geneve0: entered allmulticast mode
[   80.906219][ T5611] geneve1: entered allmulticast mode
[   80.913384][ T5611] netdevsim netdevsim8 netdevsim0: entered allmulticast mode
[   80.922652][ T5611] netdevsim netdevsim8 netdevsim1: entered allmulticast mode
[   80.931396][ T5611] netdevsim netdevsim8 netdevsim2: entered allmulticast mode
[   80.940626][ T5611] netdevsim netdevsim8 netdevsim3: entered allmulticast mode
[   80.950244][ T5611] veth2: entered allmulticast mode
[   80.955973][ T5611] veth3: entered allmulticast mode
[   80.961449][ T5611] syzkaller0: entered allmulticast mode
[   80.967514][ T5621] syzkaller0: entered promiscuous mode
[   81.073002][ T5632] syzkaller1: entered promiscuous mode
[   81.078564][ T5632] syzkaller1: entered allmulticast mode
[   81.486828][ T5674] loop6: detected capacity change from 0 to 512
[   81.508437][ T5676] netlink: 4 bytes leftover after parsing attributes in process `syz.2.671'.
[   81.521131][ T5680] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[   81.543899][ T5674] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.560668][ T5674] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.563557][ T5676] team0 (unregistering): Port device team_slave_0 removed
[   81.600684][ T5676] team0 (unregistering): Port device team_slave_1 removed
[   81.641743][ T5683] pim6reg: entered allmulticast mode
[   81.656367][ T5674] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   81.657785][ T5686] pim6reg: left allmulticast mode
[   81.664350][ T5674] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   81.708060][ T5674] netlink: 4 bytes leftover after parsing attributes in process `syz.6.670'.
[   81.810695][ T3891] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.861610][ T5693] loop8: detected capacity change from 0 to 512
[   81.874230][ T5693] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.887102][ T5693] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.919060][ T4467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.936195][ T5699] netlink: 224 bytes leftover after parsing attributes in process `syz.6.677'.
[   81.961670][ T5699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   81.971013][ T5699] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   81.985712][ T5541] Bluetooth: hci0: Frame reassembly failed (-84)
[   82.041696][ T5708] loop8: detected capacity change from 0 to 512
[   82.063661][ T5708] EXT4-fs error (device loop8): ext4_orphan_get:1418: comm syz.8.680: bad orphan inode 11862016
[   82.074670][ T5708] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   82.087495][ T5708] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.126128][ T4467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   82.348812][ T5729] loop9: detected capacity change from 0 to 2048
[   82.418413][ T5729]  loop9: p1 < > p4
[   82.424223][ T5729] loop9: p4 size 8388608 extends beyond EOD, truncated
[   82.587546][ T5746] loop9: detected capacity change from 0 to 512
[   82.594612][ T5746] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[   82.612724][ T5746] EXT4-fs error (device loop9): ext4_init_orphan_info:618: comm syz.9.696: orphan file block 0: bad magic
[   82.622218][   T29] kauditd_printk_skb: 514 callbacks suppressed
[   82.622237][   T29] audit: type=1400 audit(1762121542.003:1878): avc:  denied  { allowed } for  pid=5745 comm="syz.1.697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   82.631759][ T5746] EXT4-fs (loop9): mount failed
[   82.649619][   T29] audit: type=1400 audit(1762121542.003:1879): avc:  denied  { create } for  pid=5745 comm="syz.1.697" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   82.675731][   T29] audit: type=1400 audit(1762121542.003:1880): avc:  denied  { map } for  pid=5745 comm="syz.1.697" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13040 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   82.700212][   T29] audit: type=1400 audit(1762121542.003:1881): avc:  denied  { read write } for  pid=5745 comm="syz.1.697" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13040 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   82.773227][   T29] audit: type=1326 audit(1762121542.173:1882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5755 comm="syz.1.700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[   82.796650][   T29] audit: type=1326 audit(1762121542.173:1883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5755 comm="syz.1.700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[   82.799999][ T5756] loop1: detected capacity change from 0 to 128
[   82.820321][   T29] audit: type=1326 audit(1762121542.173:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5755 comm="syz.1.700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[   82.843159][ T5756] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   82.849787][   T29] audit: type=1326 audit(1762121542.173:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5755 comm="syz.1.700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[   82.884838][   T29] audit: type=1326 audit(1762121542.173:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5755 comm="syz.1.700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[   82.885153][ T5756] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   82.908727][   T29] audit: type=1326 audit(1762121542.173:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5755 comm="syz.1.700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[   82.990696][ T5761] netlink: 76 bytes leftover after parsing attributes in process `syz.1.703'.
[   83.026611][ T5764] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   83.093816][ T5766] loop9: detected capacity change from 0 to 4096
[   83.100567][ T5766] EXT4-fs: Ignoring removed nomblk_io_submit option
[   83.111112][ T5766] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.467573][ T4565] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.520273][ T5800] pim6reg1: entered promiscuous mode
[   83.523537][ T5802] loop9: detected capacity change from 0 to 128
[   83.525828][ T5800] pim6reg1: entered allmulticast mode
[   83.534287][ T5802] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   83.551926][ T5802] ext4 filesystem being mounted at /58/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   83.618631][ T5806] tipc: Started in network mode
[   83.623644][ T5806] tipc: Node identity ac14140f, cluster identity 4711
[   83.630682][ T5806] tipc: New replicast peer: 255.255.255.83
[   83.631723][ T4565] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   83.636752][ T5806] tipc: Enabled bearer <udp:�>, priority 10
[   83.710971][ T5799] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.719570][ T5799] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.758993][ T5819] loop2: detected capacity change from 0 to 512
[   83.774281][ T5819] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.729: bad orphan inode 11862016
[   83.790915][ T5819] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   83.808315][ T5819] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.865017][ T4614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   83.909473][ T5833] lo: entered allmulticast mode
[   83.915497][ T5833] tunl0: entered allmulticast mode
[   83.921600][ T5833] gre0: entered allmulticast mode
[   83.928022][ T5833] gretap0: entered allmulticast mode
[   83.934506][ T5833] erspan0: entered allmulticast mode
[   83.941266][ T5833] ip_vti0: entered allmulticast mode
[   83.948812][ T5833] ip6_vti0: entered allmulticast mode
[   83.955430][ T5833] sit0: entered allmulticast mode
[   83.962186][ T5833] ip6tnl0: entered allmulticast mode
[   83.968504][ T5833] ip6gre0: entered allmulticast mode
[   83.975330][ T5833] syz_tun: entered allmulticast mode
[   83.982221][ T5833] ip6gretap0: entered allmulticast mode
[   83.988900][ T5833] bridge0: entered allmulticast mode
[   83.995742][ T5833] vcan0: entered allmulticast mode
[   84.001985][ T5833] bond0: entered allmulticast mode
[   84.007184][ T5833] bond_slave_0: entered allmulticast mode
[   84.012950][ T5833] bond_slave_1: entered allmulticast mode
[   84.021099][ T5833] team0: entered allmulticast mode
[   84.022419][ T4319] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   84.026278][ T5833] team_slave_0: entered allmulticast mode
[   84.038085][ T5833] team_slave_1: entered allmulticast mode
[   84.047238][ T5833] dummy0: entered allmulticast mode
[   84.053727][ T5833] nlmon0: entered allmulticast mode
[   84.060051][ T5833] caif0: entered allmulticast mode
[   84.065559][ T5833] batadv0: entered allmulticast mode
[   84.074682][ T5833] vxcan0: entered allmulticast mode
[   84.081224][ T5833] vxcan1: entered allmulticast mode
[   84.087599][ T5833] veth0: entered allmulticast mode
[   84.093853][ T5833] veth1: entered allmulticast mode
[   84.100047][ T5833] wg0: entered allmulticast mode
[   84.106220][ T5833] wg1: entered allmulticast mode
[   84.112412][ T5833] wg2: entered allmulticast mode
[   84.118506][ T5833] veth0_to_bridge: entered allmulticast mode
[   84.127808][ T5833] veth1_to_bridge: entered allmulticast mode
[   84.134110][ T5846] netlink: 3672 bytes leftover after parsing attributes in process `syz.2.736'.
[   84.146295][ T5833] veth0_to_bond: entered allmulticast mode
[   84.164778][ T5833] veth1_to_bond: entered allmulticast mode
[   84.173471][ T5833] veth0_to_team: entered allmulticast mode
[   84.184708][ T5833] veth1_to_team: entered allmulticast mode
[   84.193718][ T5833] veth0_to_batadv: entered allmulticast mode
[   84.200881][ T5833] batadv_slave_0: entered allmulticast mode
[   84.208445][ T5833] veth1_to_batadv: entered allmulticast mode
[   84.216117][ T5833] batadv_slave_1: entered allmulticast mode
[   84.223530][ T5833] xfrm0: entered allmulticast mode
[   84.229874][ T5833] veth0_to_hsr: entered allmulticast mode
[   84.237296][ T5833] hsr_slave_0: entered allmulticast mode
[   84.244269][ T5833] veth1_to_hsr: entered allmulticast mode
[   84.251263][ T5833] hsr_slave_1: entered allmulticast mode
[   84.258276][ T5833] hsr0: entered allmulticast mode
[   84.265758][ T5833] veth1_virt_wifi: entered allmulticast mode
[   84.274965][ T5833] veth0_virt_wifi: entered allmulticast mode
[   84.282192][ T5833] veth1_vlan: entered allmulticast mode
[   84.289667][ T5833] veth0_vlan: entered allmulticast mode
[   84.298211][ T5833] vlan0: entered allmulticast mode
[   84.305403][ T5833] vlan1: entered allmulticast mode
[   84.311783][ T5833] macvlan0: entered allmulticast mode
[   84.319214][ T5833] macvlan1: entered allmulticast mode
[   84.326307][ T5833] ipvlan0: entered allmulticast mode
[   84.331975][ T5833] ipvlan1: entered allmulticast mode
[   84.338152][ T5833] veth1_macvtap: entered allmulticast mode
[   84.347131][ T5833] veth0_macvtap: entered allmulticast mode
[   84.357218][ T5833] macvtap0: entered allmulticast mode
[   84.366537][ T5833] macsec0: entered allmulticast mode
[   84.373297][ T5833] geneve0: entered allmulticast mode
[   84.379957][ T5833] geneve1: entered allmulticast mode
[   84.386516][ T5833] netdevsim netdevsim9 netdevsim0: entered allmulticast mode
[   84.396708][ T5833] netdevsim netdevsim9 netdevsim1: entered allmulticast mode
[   84.406248][ T5833] netdevsim netdevsim9 netdevsim2: entered allmulticast mode
[   84.416744][ T5833] netdevsim netdevsim9 netdevsim3: entered allmulticast mode
[   84.425609][ T5833] syzkaller0: entered allmulticast mode
[   84.445095][ T5841] syzkaller0: entered promiscuous mode
[   84.461852][ T5855] netlink: 'syz.8.739': attribute type 10 has an invalid length.
[   84.469669][ T5855] netlink: 40 bytes leftover after parsing attributes in process `syz.8.739'.
[   84.491416][ T5855] batadv0: entered promiscuous mode
[   84.497684][ T5855] bridge0: port 3(batadv0) entered blocking state
[   84.504246][ T5855] bridge0: port 3(batadv0) entered disabled state
[   84.514930][ T5855] bridge0: port 3(batadv0) entered blocking state
[   84.521475][ T5855] bridge0: port 3(batadv0) entered forwarding state
[   84.614277][ T5866] loop9: detected capacity change from 0 to 512
[   84.627568][ T5864] SELinux: ebitmap: truncated map
[   84.633199][ T5866] EXT4-fs error (device loop9): ext4_orphan_get:1418: comm syz.9.744: bad orphan inode 11862016
[   84.635784][ T5864] SELinux: failed to load policy
[   84.663205][ T5866] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   84.735926][ T5866] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.762217][ T1041] tipc: Node number set to 2886997007
[   84.855550][ T4565] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   84.872368][ T5543] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   84.881596][ T5543] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   84.922535][ T5888] netlink: 76 bytes leftover after parsing attributes in process `syz.9.752'.
[   84.934564][ T5885] loop2: detected capacity change from 0 to 2048
[   84.982839][ T5885]  loop2: p1 < > p4
[   84.987217][ T5885] loop2: p4 size 8388608 extends beyond EOD, truncated
[   85.063126][ T5900] pim6reg1: entered promiscuous mode
[   85.068483][ T5900] pim6reg1: entered allmulticast mode
[   85.164353][ T5903] tipc: Started in network mode
[   85.169283][ T5903] tipc: Node identity ac14140f, cluster identity 4711
[   85.176426][ T5903] tipc: New replicast peer: 255.255.255.83
[   85.182483][ T5903] tipc: Enabled bearer <udp:�>, priority 10
[   85.723211][ T5912] netlink: 'syz.9.764': attribute type 10 has an invalid length.
[   85.734674][ T5912] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.743228][ T5912] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   85.769590][ T5912] loop9: detected capacity change from 0 to 4096
[   85.776375][ T5912] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   85.793531][ T5912] netlink: 'syz.9.764': attribute type 10 has an invalid length.
[   85.801437][ T5912] netlink: 40 bytes leftover after parsing attributes in process `syz.9.764'.
[   85.810643][ T5912] batadv0: entered promiscuous mode
[   85.821099][ T5912] bond0: (slave batadv0): Releasing backup interface
[   85.832121][ T5912] bridge0: port 3(batadv0) entered blocking state
[   85.838887][ T5912] bridge0: port 3(batadv0) entered disabled state
[   85.852903][ T5920] loop6: detected capacity change from 0 to 2048
[   85.869890][ T5922] netlink: 224 bytes leftover after parsing attributes in process `syz.1.769'.
[   85.892737][ T5920]  loop6: p1 < > p4
[   85.906143][ T5920] loop6: p4 size 8388608 extends beyond EOD, truncated
[   85.916967][ T5922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.926266][ T5922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.936621][ T5501] Bluetooth: hci0: Frame reassembly failed (-84)
[   86.052134][ T5935] loop2: detected capacity change from 0 to 164
[   86.194044][   T23] tipc: Node number set to 2886997007
[   86.218721][ T5944] loop9: detected capacity change from 0 to 512
[   86.226646][ T5944] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002]
[   86.234816][ T5944] System zones: 1-12
[   86.239068][ T5944] EXT4-fs error (device loop9): ext4_iget_extra_inode:5075: inode #15: comm syz.9.777: corrupted in-inode xattr: e_value size too large
[   86.253922][ T5944] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.777: couldn't read orphan inode 15 (err -117)
[   86.265715][ T5542] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   86.265730][ T5542] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   86.284991][ T5944] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.339142][ T5952] loop6: detected capacity change from 0 to 1024
[   86.346036][ T5952] EXT4-fs: inline encryption not supported
[   86.373986][ T5952] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.410317][ T3891] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.421258][ T4565] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.451578][ T5960] netlink: 4 bytes leftover after parsing attributes in process `�'.
[   86.640979][ T5967] netlink: 3672 bytes leftover after parsing attributes in process `syz.9.786'.
[   86.655361][ T5970] netlink: 'syz.2.787': attribute type 10 has an invalid length.
[   86.663303][ T5970] netlink: 40 bytes leftover after parsing attributes in process `syz.2.787'.
[   86.672687][ T5970] batadv0: entered promiscuous mode
[   86.678009][ T5970] batadv0: entered allmulticast mode
[   86.684622][ T5970] bridge0: port 3(batadv0) entered blocking state
[   86.691091][ T5970] bridge0: port 3(batadv0) entered disabled state
[   86.699383][ T5970] bridge0: port 3(batadv0) entered blocking state
[   86.705961][ T5970] bridge0: port 3(batadv0) entered forwarding state
[   86.765554][ T5972] can0: slcan on ttyS3.
[   86.802974][ T5978] bridge: RTM_NEWNEIGH with invalid ether address
[   86.831966][ T5543] Bluetooth: hci1: Frame reassembly failed (-84)
[   86.838811][ T5972] can0 (unregistered): slcan off ttyS3.
[   86.892310][ T5501] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   86.901651][ T5501] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   86.948631][ T5990] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   86.948631][ T5990]    program syz.8.797 not setting count and/or reply_len properly
[   86.991646][ T5992] netlink: 4 bytes leftover after parsing attributes in process `�'.
[   87.074268][ T5998] loop8: detected capacity change from 0 to 512
[   87.080838][ T5998] EXT4-fs: Ignoring removed nobh option
[   87.094027][ T5998] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #3: comm syz.8.801: corrupted inode contents
[   87.106031][ T5998] EXT4-fs error (device loop8): ext4_dirty_inode:6517: inode #3: comm syz.8.801: mark_inode_dirty error
[   87.117598][ T5998] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #3: comm syz.8.801: corrupted inode contents
[   87.129811][ T5998] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #3: comm syz.8.801: mark_inode_dirty error
[   87.141350][ T5998] EXT4-fs error (device loop8): ext4_acquire_dquot:6945: comm syz.8.801: Failed to acquire dquot type 0
[   87.153402][ T5998] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #16: comm syz.8.801: corrupted inode contents
[   87.165522][ T5998] EXT4-fs error (device loop8): ext4_dirty_inode:6517: inode #16: comm syz.8.801: mark_inode_dirty error
[   87.177089][ T5998] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #16: comm syz.8.801: corrupted inode contents
[   87.188959][ T5998] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #16: comm syz.8.801: mark_inode_dirty error
[   87.200448][ T5998] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #16: comm syz.8.801: corrupted inode contents
[   87.212600][ T5998] EXT4-fs error (device loop8) in ext4_orphan_del:301: Corrupt filesystem
[   87.221449][ T5998] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #16: comm syz.8.801: corrupted inode contents
[   87.233527][ T5998] EXT4-fs error (device loop8): ext4_truncate:4637: inode #16: comm syz.8.801: mark_inode_dirty error
[   87.244672][ T5998] EXT4-fs error (device loop8) in ext4_process_orphan:343: Corrupt filesystem
[   87.254119][ T5998] EXT4-fs (loop8): 1 truncate cleaned up
[   87.260298][ T5998] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.272875][ T5998] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.308443][ T6005] bridge: RTM_NEWNEIGH with invalid ether address
[   87.315836][ T4467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.335361][ T6007] netlink: 4 bytes leftover after parsing attributes in process `syz.6.805'.
[   87.349389][ T6007] team0 (unregistering): Port device team_slave_0 removed
[   87.357277][ T6002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.359045][ T6007] team0 (unregistering): Port device team_slave_1 removed
[   87.366002][ T6002] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.389000][ T6010] pim6reg: entered allmulticast mode
[   87.397801][ T6010] pim6reg: left allmulticast mode
[   87.942214][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   87.949350][   T29] kauditd_printk_skb: 286 callbacks suppressed
[   87.949367][   T29] audit: type=1326 audit(1762121547.343:2172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[   87.979953][   T29] audit: type=1326 audit(1762121547.343:2173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[   88.249564][ T6019] loop6: detected capacity change from 0 to 1024
[   88.257686][ T6019] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   88.269861][ T6019] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #3: comm syz.6.808: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 0, max 0(0), depth 0(0)
[   88.287806][ T6019] EXT4-fs error (device loop6): ext4_quota_enable:7139: comm syz.6.808: Bad quota inode: 3, type: 0
[   88.298888][ T6019] EXT4-fs warning (device loop6): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   88.314147][ T6019] EXT4-fs (loop6): mount failed
[   88.348072][   T29] audit: type=1400 audit(1762121547.743:2174): avc:  denied  { name_bind 0x1000000 } for  pid=6022 comm="syz.6.809" path="socket:[14547]" dev="sockfs" ino=14547 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[   88.402192][   T29] audit: type=1400 audit(1762121547.783:2175): avc:  denied  { listen } for  pid=6026 comm="syz.6.811" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   88.421665][   T29] audit: type=1400 audit(1762121547.783:2176): avc:  denied  { write } for  pid=6026 comm="syz.6.811" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   88.441407][   T29] audit: type=1400 audit(1762121547.783:2177): avc:  denied  { accept } for  pid=6026 comm="syz.6.811" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   88.490786][   T29] audit: type=1326 audit(1762121547.883:2178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6030 comm="syz.6.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[   88.514251][   T29] audit: type=1326 audit(1762121547.883:2179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6030 comm="syz.6.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[   88.538151][   T29] audit: type=1326 audit(1762121547.913:2180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6030 comm="syz.6.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[   88.561613][   T29] audit: type=1326 audit(1762121547.913:2181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6030 comm="syz.6.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7eff4c9bf003 code=0x7ffc0000
[   88.585961][ T6031] loop6: detected capacity change from 0 to 164
[   88.658593][ T6042] smc: net device bond0 applied user defined pnetid SYZ0
[   88.669732][ T6042] smc: net device bond0 erased user defined pnetid SYZ0
[   88.715828][ T6046] loop1: detected capacity change from 0 to 4096
[   88.726027][ T6046] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.846055][ T6056] can0: slcan on ptm10.
[   88.902244][ T4723] Bluetooth: hci1: command 0x1003 tx timeout
[   88.904713][ T6056] can0 (unregistered): slcan off ptm10.
[   88.909106][ T4319] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   88.915321][ T6056] Falling back ldisc for ptm10.
[   88.975994][ T6061] netlink: 4 bytes leftover after parsing attributes in process `syz.9.826'.
[   89.044618][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.070535][ T6066] loop1: detected capacity change from 0 to 164
[   89.111861][ T6069] smc: net device bond0 applied user defined pnetid SYZ0
[   89.119344][ T6069] smc: net device bond0 erased user defined pnetid SYZ0
[   89.356868][ T6093] loop1: detected capacity change from 0 to 128
[   89.374882][ T6093] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   89.409985][ T6093] ext4 filesystem being mounted at /214/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   89.468810][ T3323] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   89.548711][ T6111] loop6: detected capacity change from 0 to 512
[   89.573938][ T6111] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.850: Failed to acquire dquot type 1
[   89.590886][ T6111] EXT4-fs (loop6): 1 truncate cleaned up
[   89.639927][ T6111] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.709195][ T6129] loop1: detected capacity change from 0 to 164
[   89.729063][ T6111] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.750054][ T6129] : attempt to access beyond end of device
[   89.750054][ T6129] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   89.779918][ T6134] loop8: detected capacity change from 0 to 128
[   89.812806][ T6129] : attempt to access beyond end of device
[   89.812806][ T6129] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   89.839371][ T6134] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   89.875393][ T3891] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.885654][ T6134] ext4 filesystem being mounted at /123/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   89.979928][ T4467] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   90.027878][ T6146] loop9: detected capacity change from 0 to 512
[   90.063983][ T6146] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.077127][ T6146] ext4 filesystem being mounted at /87/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   90.091222][ T6146] EXT4-fs (loop9): shut down requested (1)
[   90.102280][ T6146] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=15
[   90.111377][ T6146] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=15
[   90.158192][ T6132] loop2: detected capacity change from 0 to 2048
[   90.216429][ T4565] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.283810][ T6132] Alternate GPT is invalid, using primary GPT.
[   90.290316][ T6132]  loop2: p2 p3 p7
[   91.663364][ T6235] loop2: detected capacity change from 0 to 512
[   91.674002][ T6235] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.697833][ T6235] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   91.718616][ T6235] EXT4-fs (loop2): shut down requested (1)
[   91.739143][ T6235] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   91.761228][ T6235] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   91.781261][ T6245] loop6: detected capacity change from 0 to 128
[   91.801845][ T4614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.877502][ T6259] netlink: 224 bytes leftover after parsing attributes in process `syz.2.912'.
[   91.899808][ T6259] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   91.908671][ T6259] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   91.918607][ T5542] Bluetooth: hci0: Frame reassembly failed (-84)
[   91.921756][ T6264] bridge0: port 4(gretap0) entered blocking state
[   91.931723][ T6264] bridge0: port 4(gretap0) entered disabled state
[   91.939021][ T6264] gretap0: entered promiscuous mode
[   91.952834][ T6264] bridge0: port 4(gretap0) entered blocking state
[   91.959323][ T6264] bridge0: port 4(gretap0) entered forwarding state
[   91.973524][ T6266] loop1: detected capacity change from 0 to 128
[   91.981866][ T6266] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   91.982521][ T6264] gretap0: left promiscuous mode
[   91.996205][ T6264] bridge0: port 4(gretap0) entered disabled state
[   92.003122][ T6266] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   92.010969][ T6266] FAT-fs (loop1): Filesystem has been set read-only
[   92.017849][ T6266] syz.1.914: attempt to access beyond end of device
[   92.017849][ T6266] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   92.084396][ T6271] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   92.140222][ T6279] loop6: detected capacity change from 0 to 128
[   92.155675][ T6277] loop9: detected capacity change from 0 to 2048
[   92.162619][ T6277] EXT4-fs: Ignoring removed mblk_io_submit option
[   92.169081][ T6277] EXT4-fs: Ignoring removed i_version option
[   92.195011][ T6277] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.198230][ T6279] syz.6.919: attempt to access beyond end of device
[   92.198230][ T6279] loop6: rw=0, sector=121, nr_sectors = 920 limit=128
[   92.236995][ T4565] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.374768][ T6293] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(7)
[   92.381340][ T6293] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   92.389378][ T6293] vhci_hcd vhci_hcd.0: Device attached
[   92.400461][ T6294] vhci_hcd: connection closed
[   92.400706][ T5536] vhci_hcd: stop threads
[   92.409780][ T5536] vhci_hcd: release socket
[   92.414258][ T5536] vhci_hcd: disconnect device
[   92.462419][   T23] usb usb4-port3: attempt power cycle
[   92.985758][   T29] kauditd_printk_skb: 224 callbacks suppressed
[   92.985775][   T29] audit: type=1400 audit(1762121552.383:2404): avc:  denied  { create } for  pid=6310 comm="syz.9.932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   93.019776][   T29] audit: type=1400 audit(1762121552.413:2405): avc:  denied  { accept } for  pid=6310 comm="syz.9.932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   93.038937][ T3411] IPVS: starting estimator thread 0...
[   93.060014][   T29] audit: type=1326 audit(1762121552.453:2406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.9.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0224efc9 code=0x7ffc0000
[   93.083589][   T29] audit: type=1326 audit(1762121552.453:2407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.9.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0224efc9 code=0x7ffc0000
[   93.106955][   T29] audit: type=1326 audit(1762121552.453:2408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.9.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fba0224efc9 code=0x7ffc0000
[   93.130353][   T29] audit: type=1326 audit(1762121552.453:2409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.9.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fba0224f003 code=0x7ffc0000
[   93.134383][ T6312] IPVS: using max 2016 ests per chain, 100800 per kthread
[   93.153567][   T29] audit: type=1326 audit(1762121552.453:2410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.9.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fba0224f003 code=0x7ffc0000
[   93.183995][   T29] audit: type=1326 audit(1762121552.453:2411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.9.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0224efc9 code=0x7ffc0000
[   93.207400][   T29] audit: type=1326 audit(1762121552.453:2412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.9.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0224efc9 code=0x7ffc0000
[   93.230791][   T29] audit: type=1326 audit(1762121552.453:2413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6313 comm="syz.9.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0224efc9 code=0x7ffc0000
[   93.301083][ T6322] loop6: detected capacity change from 0 to 512
[   93.317701][ T6322] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.330273][ T6322] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.366218][ T6322] EXT4-fs (loop6): shut down requested (0)
[   93.381992][ T3891] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.395660][ T6328] hub 6-0:1.0: USB hub found
[   93.404138][ T6328] hub 6-0:1.0: 8 ports detected
[   93.457414][ T6336] loop9: detected capacity change from 0 to 512
[   93.483482][ T6336] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   93.550899][ T6343] netlink: 224 bytes leftover after parsing attributes in process `syz.1.944'.
[   93.574581][ T6343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   93.583469][ T6343] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.592959][ T5542] Bluetooth: hci1: Frame reassembly failed (-84)
[   93.630006][ T6353] lo: left allmulticast mode
[   93.636918][ T6353] tunl0: left allmulticast mode
[   93.643377][ T6353] gre0: left allmulticast mode
[   93.652648][ T6353] gretap0: left allmulticast mode
[   93.659428][ T6353] erspan0: left allmulticast mode
[   93.666557][ T6353] ip_vti0: left allmulticast mode
[   93.672947][ T6353] ip6_vti0: left allmulticast mode
[   93.680098][ T6353] sit0: left allmulticast mode
[   93.687984][ T6353] ip6tnl0: left allmulticast mode
[   93.694948][ T6353] ip6gre0: left allmulticast mode
[   93.701958][ T6353] syz_tun: left allmulticast mode
[   93.708681][ T6353] ip6gretap0: left allmulticast mode
[   93.715709][ T6353] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.723067][ T6353] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.731056][ T6353] bridge0: left allmulticast mode
[   93.740271][ T6353] bond0: left allmulticast mode
[   93.747837][ T6353] team0: left allmulticast mode
[   93.756605][ T6353] dummy0: left allmulticast mode
[   93.764494][ T6353] nlmon0: left allmulticast mode
[   93.771588][ T6353] caif0: left allmulticast mode
[   93.777606][ T6353] vxcan0: left allmulticast mode
[   93.784042][ T6353] vxcan1: left allmulticast mode
[   93.790276][ T6353] veth0: left allmulticast mode
[   93.799146][ T6353] veth1: left allmulticast mode
[   93.806631][ T6353] wg0: left allmulticast mode
[   93.813445][ T6353] wg1: left allmulticast mode
[   93.820313][ T6353] wg2: left allmulticast mode
[   93.827973][ T6353] veth0_to_bridge: left allmulticast mode
[   93.839093][ T6353] veth1_to_bridge: left allmulticast mode
[   93.848134][ T6353] veth0_to_bond: left allmulticast mode
[   93.857576][ T6353] bond_slave_0: left allmulticast mode
[   93.867900][ T6353] veth1_to_bond: left allmulticast mode
[   93.875039][ T6353] bond_slave_1: left allmulticast mode
[   93.881324][ T6353] veth0_to_team: left allmulticast mode
[   93.888551][ T6353] team_slave_0: left allmulticast mode
[   93.895598][ T6353] veth1_to_team: left allmulticast mode
[   93.902795][ T6353] team_slave_1: left allmulticast mode
[   93.909460][ T6353] veth0_to_batadv: left allmulticast mode
[   93.916701][ T6353] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   93.924592][ T6353] batadv_slave_0: left allmulticast mode
[   93.931776][ T6353] veth1_to_batadv: left allmulticast mode
[   93.939335][ T6353] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   93.946978][ T4319] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   93.953992][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[   93.960121][ T6353] batadv_slave_1: left allmulticast mode
[   93.967608][ T6353] xfrm0: left allmulticast mode
[   93.974710][ T6353] veth0_to_hsr: left allmulticast mode
[   93.982704][ T6353] veth1_to_hsr: left allmulticast mode
[   93.990650][ T6353] hsr0: left allmulticast mode
[   93.995520][ T6353] hsr_slave_0: left allmulticast mode
[   94.000925][ T6353] hsr_slave_1: left allmulticast mode
[   94.007905][ T6353] veth1_virt_wifi: left allmulticast mode
[   94.015405][ T6353] veth0_virt_wifi: left allmulticast mode
[   94.027818][ T6353] vlan0: left allmulticast mode
[   94.032936][ T6353] vlan1: left allmulticast mode
[   94.038477][ T6353] macvlan0: left allmulticast mode
[   94.048814][ T6353] veth1_vlan: left allmulticast mode
[   94.055000][ T6353] macvlan1: left allmulticast mode
[   94.061026][ T6353] ipvlan0: left allmulticast mode
[   94.066225][ T6353] ipvlan1: left allmulticast mode
[   94.071307][ T6353] veth0_vlan: left allmulticast mode
[   94.081136][ T6353] veth0_macvtap: left allmulticast mode
[   94.087987][ T6353] macvtap0: left allmulticast mode
[   94.094262][ T6353] veth1_macvtap: left allmulticast mode
[   94.099982][ T6353] macsec0: left allmulticast mode
[   94.108288][ T6353] geneve0: left allmulticast mode
[   94.117049][ T6353] geneve1: left allmulticast mode
[   94.125566][ T6353] netdevsim netdevsim9 netdevsim0: left allmulticast mode
[   94.134849][ T6353] netdevsim netdevsim9 netdevsim1: left allmulticast mode
[   94.143520][ T6353] netdevsim netdevsim9 netdevsim2: left allmulticast mode
[   94.152694][ T6353] netdevsim netdevsim9 netdevsim3: left allmulticast mode
[   94.160709][ T5542] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.182463][ T5542] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.201279][ T5542] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.219485][ T5542] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.422834][   T23] usb usb4-port3: unable to enumerate USB device
[   94.599003][ T6371] loop6: detected capacity change from 0 to 512
[   94.614128][ T6371] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.679095][ T6384] xt_CT: You must specify a L4 protocol and not use inversions on it
[   94.765648][ T6367] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.774485][ T6367] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.809089][   T23] kernel read not supported for file /vcs (pid: 23 comm: kworker/1:0)
[   94.837859][ T6408] loop8: detected capacity change from 0 to 128
[   94.894344][ T6417] loop8: detected capacity change from 0 to 128
[   94.906835][ T6417] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[   94.914854][ T6417] FAT-fs (loop8): Filesystem has been set read-only
[   94.922730][ T6417] syz.8.973: attempt to access beyond end of device
[   94.922730][ T6417] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[   95.029096][ T6430] loop2: detected capacity change from 0 to 128
[   95.036959][ T6430] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   95.047525][ T6430] ext2 filesystem being mounted at /121/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   95.463409][ T6452] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   95.495305][ T6454] netlink: 28 bytes leftover after parsing attributes in process `syz.2.989'.
[   95.622231][ T4319] Bluetooth: hci1: command 0x1003 tx timeout
[   95.622427][ T4723] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   95.896370][ T6469] syz.8.996 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   95.909594][ T6467] loop2: detected capacity change from 0 to 8192
[   95.996698][ T6476] netlink: 224 bytes leftover after parsing attributes in process `syz.6.1000'.
[   96.033434][ T6476] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.036017][ T6483] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1001'.
[   96.042000][ T6476] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.058157][ T6483] pim6reg: entered allmulticast mode
[   96.066249][ T6481] pim6reg: left allmulticast mode
[   96.130135][ T5542] Bluetooth: hci1: Frame reassembly failed (-84)
[   96.133673][ T6490] netlink: 72 bytes leftover after parsing attributes in process `syz.9.1004'.
[   96.207856][ T6496] loop1: detected capacity change from 0 to 512
[   96.214623][ T6496] EXT4-fs: Ignoring removed nobh option
[   96.223501][ T6496] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #3: comm syz.1.1006: corrupted inode contents
[   96.235749][ T6496] EXT4-fs (loop1): Remounting filesystem read-only
[   96.242944][ T6496] EXT4-fs (loop1): 1 truncate cleaned up
[   96.249232][ T6496] ext4 filesystem being mounted at /232/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.261507][ T6496] netlink: 296 bytes leftover after parsing attributes in process `syz.1.1006'.
[   96.313271][ T6501] tipc: Started in network mode
[   96.318209][ T6501] tipc: Node identity 26389d9cda6e, cluster identity 4711
[   96.325843][ T6501] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   96.332770][ T6494] loop9: detected capacity change from 0 to 512
[   96.339458][ T6500] tipc: Resetting bearer <eth:syzkaller0>
[   96.354207][ T6494] EXT4-fs error (device loop9): ext4_orphan_get:1418: comm syz.9.1005: bad orphan inode 11862016
[   96.354263][ T6500] tipc: Disabling bearer <eth:syzkaller0>
[   96.366102][ T6494] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.749199][ T6527] loop1: detected capacity change from 0 to 2048
[   96.824579][ T6527]  loop1: unable to read partition table
[   96.830455][ T6527] loop1: partition table beyond EOD, truncated
[   96.836681][ T6527] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[   96.926280][ T6536] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[   96.934767][ T6536] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[   97.146539][ T6546] loop1: detected capacity change from 0 to 1024
[   97.446181][ T6562] netlink: 'syz.8.1030': attribute type 10 has an invalid length.
[   97.455510][ T6562] dummy0: left allmulticast mode
[   97.464123][ T6562] dummy0: entered allmulticast mode
[   97.470239][ T6562] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   97.503421][ T6564] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1031'.
[   97.535103][ T6566] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1032'.
[   97.577270][ T6570] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   97.614118][ T6574] loop8: detected capacity change from 0 to 512
[   97.624562][ T6574] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.695287][ T6578] netlink: 100 bytes leftover after parsing attributes in process `syz.8.1037'.
[   97.800745][ T6586] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1041'.
[   98.004392][ T6597] loop9: detected capacity change from 0 to 7
[   98.010687][ T6597] Buffer I/O error on dev loop9, logical block 0, async page read
[   98.018699][ T6597] Buffer I/O error on dev loop9, logical block 0, async page read
[   98.026730][ T6597]  loop9: unable to read partition table
[   98.032586][ T6597] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[   98.032586][ T6597] 
) failed (rc=-5)
[   98.047500][   T29] kauditd_printk_skb: 371 callbacks suppressed
[   98.047516][   T29] audit: type=1400 audit(1762121557.443:2783): avc:  denied  { remount } for  pid=6596 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   98.102232][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[   98.108323][ T4723] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   98.119335][   T29] audit: type=1326 audit(1762121557.513:2784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6475 comm="syz.6.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[   98.142915][   T29] audit: type=1326 audit(1762121557.513:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6475 comm="syz.6.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[   98.182591][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[   98.190478][ T6605] loop1: detected capacity change from 0 to 128
[   98.190772][ T4319] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   98.225909][   T29] audit: type=1400 audit(1762121557.623:2786): avc:  denied  { kexec_image_load } for  pid=6606 comm="syz.8.1049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[   98.273976][   T29] audit: type=1400 audit(1762121557.673:2787): avc:  denied  { egress } for  pid=6610 comm="syz.1.1051" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[   98.297788][   T29] audit: type=1400 audit(1762121557.673:2788): avc:  denied  { sendto } for  pid=6610 comm="syz.1.1051" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[   98.387064][ T6619] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1053'.
[   98.396829][ T6619] netem: change failed
[   98.665230][   T29] audit: type=1400 audit(1762121558.063:2789): avc:  denied  { connect } for  pid=6627 comm="syz.2.1057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   98.688848][ T6624] hub 6-0:1.0: USB hub found
[   98.693770][ T6624] hub 6-0:1.0: 8 ports detected
[   98.724660][ T6633] loop8: detected capacity change from 0 to 512
[   98.732907][ T6633] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002]
[   98.740877][ T6633] System zones: 1-12
[   98.745446][ T6633] EXT4-fs error (device loop8): ext4_iget_extra_inode:5075: inode #15: comm syz.8.1059: corrupted in-inode xattr: e_value size too large
[   98.745718][ T6636] loop6: detected capacity change from 0 to 512
[   98.764902][ T6633] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.1059: couldn't read orphan inode 15 (err -117)
[   98.774806][ T6636] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.806606][ T6633] EXT4-fs warning (device loop8): dx_probe:801: inode #2: comm syz.8.1059: Unrecognised inode hash code 4
[   98.818063][ T6633] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.1059: Corrupt directory, running e2fsck is recommended
[   98.833396][ T6641] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1061'.
[   98.858813][   T29] audit: type=1400 audit(1762121558.243:2790): avc:  denied  { map } for  pid=6635 comm="syz.6.1060" path="/192/file1/cgroup.controllers" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   98.892796][ T6645] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1061'.
[   98.904418][   T29] audit: type=1326 audit(1762121558.303:2791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6643 comm="syz.1.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[   98.928007][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811ada7c00: rx timeout, send abort
[   98.936226][   T29] audit: type=1326 audit(1762121558.303:2792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6643 comm="syz.1.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[   99.005264][ T6655] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1067'.
[   99.040876][ T6662] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0
[   99.052922][ T6658] IPVS: stopping master sync thread 6662 ...
[   99.136036][ T6668] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   99.144819][ T6668] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.385027][ T6694] loop1: detected capacity change from 0 to 512
[   99.391649][ T6694] EXT4-fs: Ignoring removed bh option
[   99.398084][ T6694] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   99.407254][ T6694] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   99.413979][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811ada7800: rx timeout, send abort
[   99.424297][ T6694] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[   99.428068][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811ada7c00: abort rx timeout. Force session deactivation
[   99.434200][ T6694] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[   99.460002][ T6694] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   99.470715][ T6694] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[   99.483592][ T6694] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[   99.491686][ T6694] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   99.537640][ T6704] pim6reg1: entered promiscuous mode
[   99.543676][ T6704] pim6reg1: entered allmulticast mode
[   99.781828][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811ad8b200: rx timeout, send abort
[   99.802723][ T6714] loop2: detected capacity change from 0 to 1024
[   99.923707][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811ada7800: abort rx timeout. Force session deactivation
[   99.969747][ T6728] netlink: 'syz.2.1098': attribute type 10 has an invalid length.
[   99.986472][ T6728] netlink: 'syz.2.1098': attribute type 10 has an invalid length.
[  100.038616][ T6732] loop2: detected capacity change from 0 to 512
[  100.054301][ T6732] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.281826][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811ad8bc00: rx timeout, send abort
[  100.290115][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811ad8b200: abort rx timeout. Force session deactivation
[  100.739409][ T6743] wg2: entered promiscuous mode
[  100.744330][ T6743] wg2: entered allmulticast mode
[  100.781980][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811ad8a200: rx timeout, send abort
[  100.790327][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811ad8bc00: abort rx timeout. Force session deactivation
[  100.842334][ T3385] usb usb4-port3: attempt power cycle
[  100.908501][ T6750] netlink: 'syz.1.1107': attribute type 10 has an invalid length.
[  100.917628][ T6750] team0: Port device dummy0 added
[  100.923863][ T6750] netlink: 'syz.1.1107': attribute type 10 has an invalid length.
[  100.932135][ T6750] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  100.942309][ T6750] team0: Failed to send options change via netlink (err -105)
[  100.950038][ T6750] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  100.959084][ T6750] team0: Port device dummy0 removed
[  100.965580][ T6750] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  101.030028][ T6756] loop1: detected capacity change from 0 to 512
[  101.036646][ T6756] EXT4-fs: Ignoring removed bh option
[  101.056859][ T6756] ext4 filesystem being mounted at /265/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  101.222378][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  101.222468][ T4319] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  101.290269][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811ad8a200: abort rx timeout. Force session deactivation
[  101.604172][ T6782] loop8: detected capacity change from 0 to 2048
[  101.612564][ T6782] EXT4-fs: inline encryption not supported
[  101.636030][ T6782] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.1120: bg 0: block 120: padding at end of block bitmap is not set
[  101.650919][ T6782] EXT4-fs (loop8): Remounting filesystem read-only
[  101.658467][ T6782] EXT4-fs (loop8): error restoring inline_data for inode -- potential data loss! (inode 12, error -30)
[  101.843318][ T6798] loop6: detected capacity change from 0 to 2048
[  101.863622][ T6798] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  102.012603][ T3397] hid_parser_main: 19 callbacks suppressed
[  102.012692][ T3397] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  102.032270][ T3397] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  102.203409][ T4697] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x4
[  102.211139][ T4697] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x2
[  102.218823][ T4697] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  102.226552][ T4697] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  102.234208][ T4697] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  102.241884][ T4697] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  102.249592][ T4697] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  102.257303][ T4697] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  102.265095][ T4697] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  102.712438][ T3385] usb usb4-port3: unable to enumerate USB device
[  102.740166][ T6834] __nla_validate_parse: 6 callbacks suppressed
[  102.740231][ T6834] netlink: 224 bytes leftover after parsing attributes in process `syz.9.1141'.
[  102.775229][ T6834] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  102.783783][ T6834] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  102.794597][ T5527] Bluetooth: hci0: Frame reassembly failed (-84)
[  102.803984][ T6842] loop8: detected capacity change from 0 to 512
[  102.811724][ T6842] EXT4-fs (loop8): orphan cleanup on readonly fs
[  102.818423][ T6842] EXT4-fs error (device loop8): ext4_orphan_get:1418: comm syz.8.1143: bad orphan inode 13
[  102.828598][ T6842] ext4_test_bit(bit=12, block=18) = 1
[  102.834055][ T6842] is_bad_inode(inode)=0
[  102.838229][ T6842] NEXT_ORPHAN(inode)=2130706432
[  102.842314][ T4697] hid-generic 0000:3000000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  102.843230][ T6842] max_ino=32
[  102.856153][ T6842] i_nlink=1
[  102.902226][ T6850] loop2: detected capacity change from 0 to 512
[  102.909277][ T6850] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[  102.918616][ T6850] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  102.958321][ T6850] FAT-fs (loop2): FAT read failed (blocknr 128)
[  103.009235][ T6857] syzkaller0: entered allmulticast mode
[  103.016001][ T6857] syzkaller0: entered promiscuous mode
[  103.023104][ T6857] syzkaller0 (unregistering): left allmulticast mode
[  103.029825][ T6857] syzkaller0 (unregistering): left promiscuous mode
[  103.250526][ T6863] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1151'.
[  103.305289][ T6865] loop1: detected capacity change from 0 to 8192
[  103.352479][ T6865]  loop1: p1 p2 p3 p4
[  103.356656][ T6865] loop1: p1 size 196608 extends beyond EOD, truncated
[  103.364191][ T6865] loop1: p2 start 164919041 is beyond EOD, truncated
[  103.370994][ T6865] loop1: p3 size 66846464 extends beyond EOD, truncated
[  103.378660][ T6865] loop1: p4 size 37048832 extends beyond EOD, truncated
[  103.388127][   T29] kauditd_printk_skb: 934 callbacks suppressed
[  103.388144][   T29] audit: type=1400 audit(1762121562.783:3727): avc:  denied  { write } for  pid=6864 comm="syz.1.1152" name="loop1p3" dev="devtmpfs" ino=581 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  103.602856][ T6870] loop1: detected capacity change from 0 to 512
[  103.614042][ T6870] EXT4-fs (loop1): 1 orphan inode deleted
[  103.620810][ T6870] ext4 filesystem being mounted at /276/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.636543][ T6870] EXT4-fs warning (device loop1): __ext4_unlink:3278: inode #16: comm syz.1.1163: Deleting file 'file2' with no links
[  103.640492][   T29] audit: type=1400 audit(1762121563.033:3728): avc:  denied  { unlink } for  pid=6867 comm="syz.1.1163" name="file2" dev="loop1" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  103.748379][ T6880] loop1: detected capacity change from 0 to 128
[  103.752707][ T3397] hid-generic 0000:3000000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  103.758118][ T6880] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  103.772514][ T6880] FAT-fs (loop1): Filesystem has been set read-only
[  103.779299][ T6880] syz.1.1157: attempt to access beyond end of device
[  103.779299][ T6880] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  103.793116][ T6880] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  103.801042][ T6880] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  103.809215][ T6880] syz.1.1157: attempt to access beyond end of device
[  103.809215][ T6880] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  103.822618][ T6880] syz.1.1157: attempt to access beyond end of device
[  103.822618][ T6880] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  103.836020][ T6880] syz.1.1157: attempt to access beyond end of device
[  103.836020][ T6880] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  103.849296][ T6880] syz.1.1157: attempt to access beyond end of device
[  103.849296][ T6880] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  103.862733][ T6880] syz.1.1157: attempt to access beyond end of device
[  103.862733][ T6880] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  103.876108][ T6880] syz.1.1157: attempt to access beyond end of device
[  103.876108][ T6880] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  103.889570][ T6880] syz.1.1157: attempt to access beyond end of device
[  103.889570][ T6880] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  103.902987][ T6880] syz.1.1157: attempt to access beyond end of device
[  103.902987][ T6880] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  103.916299][ T6880] syz.1.1157: attempt to access beyond end of device
[  103.916299][ T6880] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  104.098320][ T6889] loop2: detected capacity change from 0 to 512
[  104.136059][ T6889] ext4 filesystem being mounted at /158/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.155668][ T6889] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #12: comm syz.2.1160: corrupted xattr block 6: invalid header
[  104.169022][ T6889] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=12
[  104.178011][ T6889] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #12: comm syz.2.1160: corrupted xattr block 6: invalid header
[  104.192898][ T6889] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=12
[  104.216080][ T6889] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #12: comm syz.2.1160: corrupted xattr block 6: invalid header
[  104.249168][ T6889] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=12
[  104.270396][ T6889] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #12: comm syz.2.1160: corrupted xattr block 6: invalid header
[  104.300052][ T6889] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=12
[  104.321198][ T6889] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #12: comm syz.2.1160: corrupted xattr block 6: invalid header
[  104.321250][   T29] audit: type=1400 audit(1762121563.713:3729): avc:  denied  { add_name } for  pid=6888 comm="syz.2.1160" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  104.349384][ T6889] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=12
[  104.397169][   T29] audit: type=1400 audit(1762121563.793:3730): avc:  denied  { create } for  pid=6888 comm="syz.2.1160" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  104.397903][ T6889] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #12: comm syz.2.1160: corrupted xattr block 6: invalid header
[  104.502416][ T4614] EXT4-fs unmount: 33 callbacks suppressed
[  104.502448][ T4614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.782063][ T6909] syzkaller0: create flow: hash 881807382 index 1
[  104.791246][ T6908] syzkaller0: delete flow: hash 881807382 index 1
[  104.822503][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  104.828666][ T4319] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  104.836556][   T29] audit: type=1326 audit(1762121564.233:3731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6832 comm="syz.9.1141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0224efc9 code=0x7ffc0000
[  104.860460][   T29] audit: type=1326 audit(1762121564.233:3732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6832 comm="syz.9.1141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0224efc9 code=0x7ffc0000
[  105.194777][   T29] audit: type=1400 audit(1762121564.593:3733): avc:  denied  { ioctl } for  pid=6930 comm="syz.8.1174" path="socket:[17144]" dev="sockfs" ino=17144 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1
[  105.549470][   T29] audit: type=1400 audit(1762121564.943:3734): avc:  denied  { setopt } for  pid=6942 comm="syz.9.1179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  105.560302][ T6943] No such timeout policy "syz1"
[  105.650469][ T6947] syzkaller0: create flow: hash 881807382 index 1
[  105.659148][ T6946] syzkaller0: delete flow: hash 881807382 index 1
[  105.763339][ T6953] loop1: detected capacity change from 0 to 128
[  105.771624][ T6953] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  105.784799][ T6953] ext4 filesystem being mounted at /281/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  105.834794][ T3323] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  105.869594][ T6962] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1187'.
[  105.905191][ T6964] capability: warning: `syz.1.1188' uses deprecated v2 capabilities in a way that may be insecure
[  105.917161][ T6964] GUP no longer grows the stack in syz.1.1188 (6964): 200000004000-20000000a000 (200000002000)
[  105.927812][ T6964] CPU: 0 UID: 0 PID: 6964 Comm: syz.1.1188 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  105.927846][ T6964] Tainted: [W]=WARN
[  105.927852][ T6964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  105.927944][ T6964] Call Trace:
[  105.927954][ T6964]  <TASK>
[  105.927963][ T6964]  __dump_stack+0x1d/0x30
[  105.927986][ T6964]  dump_stack_lvl+0xe8/0x140
[  105.928024][ T6964]  dump_stack+0x15/0x1b
[  105.928051][ T6964]  __get_user_pages+0x1968/0x1ed0
[  105.928099][ T6964]  get_user_pages_remote+0x1d5/0x6c0
[  105.928138][ T6964]  __access_remote_vm+0x15c/0x590
[  105.928176][ T6964]  access_remote_vm+0x32/0x40
[  105.928219][ T6964]  proc_pid_cmdline_read+0x32b/0x6c0
[  105.928346][ T6964]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  105.928384][ T6964]  vfs_readv+0x3fb/0x690
[  105.928517][ T6964]  __x64_sys_preadv+0xfd/0x1c0
[  105.928553][ T6964]  x64_sys_call+0x282e/0x3000
[  105.928615][ T6964]  do_syscall_64+0xd2/0x200
[  105.928642][ T6964]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  105.928678][ T6964]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  105.928712][ T6964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.928782][ T6964] RIP: 0033:0x7f299e63efc9
[  105.928809][ T6964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.928908][ T6964] RSP: 002b:00007f299d09f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  105.928934][ T6964] RAX: ffffffffffffffda RBX: 00007f299e895fa0 RCX: 00007f299e63efc9
[  105.928951][ T6964] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  105.928967][ T6964] RBP: 00007f299e6c1f91 R08: 0000000000000000 R09: 0000000000000000
[  105.928982][ T6964] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  105.929038][ T6964] R13: 00007f299e896038 R14: 00007f299e895fa0 R15: 00007ffe487ea218
[  105.929095][ T6964]  </TASK>
[  106.235494][ T6977] loop6: detected capacity change from 0 to 2048
[  106.254263][ T6977] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.267959][ T6977] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.291506][ T3891] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.298061][ T6984] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6984 comm=syz.1.1196
[  106.313302][   T29] audit: type=1107 audit(1762121565.713:3735): pid=6983 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  106.328234][ T6984] lo speed is unknown, defaulting to 1000
[  106.330080][ T6975] loop8: detected capacity change from 0 to 512
[  106.334159][ T6984] lo speed is unknown, defaulting to 1000
[  106.346425][ T6984] lo speed is unknown, defaulting to 1000
[  106.353364][ T6984] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  106.353965][ T6975] EXT4-fs error (device loop8): ext4_xattr_inode_iget:441: inode #18: comm syz.8.1193: iget: bad extra_isize 90 (inode size 256)
[  106.364374][ T6984] lo speed is unknown, defaulting to 1000
[  106.380800][ T6975] EXT4-fs (loop8): Remounting filesystem read-only
[  106.381663][ T6984] lo speed is unknown, defaulting to 1000
[  106.393761][ T6984] lo speed is unknown, defaulting to 1000
[  106.394729][ T6975] EXT4-fs warning (device loop8): ext4_evict_inode:274: xattr delete (err -30)
[  106.399973][ T6984] lo speed is unknown, defaulting to 1000
[  106.414960][ T6984] lo speed is unknown, defaulting to 1000
[  106.421116][ T6984] lo speed is unknown, defaulting to 1000
[  106.427700][ T6975] EXT4-fs (loop8): 1 orphan inode deleted
[  106.435773][ T6975] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.467604][   T29] audit: type=1400 audit(1762121565.863:3736): avc:  denied  { write } for  pid=6991 comm="syz.1.1199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  106.513002][ T4467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.896091][ T7020] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1205'.
[  106.905151][ T7020] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1205'.
[  107.185692][ T7045] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1211'.
[  107.318045][ T7071] netlink: 224 bytes leftover after parsing attributes in process `syz.9.1212'.
[  107.379153][ T7082] Bluetooth: hci0: Frame reassembly failed (-90)
[  107.436997][ T7092] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.448461][ T5553] Bluetooth: hci0: Frame reassembly failed (-84)
[  107.449624][ T7092] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.466132][ T5553] Bluetooth: hci1: Frame reassembly failed (-84)
[  107.630052][ T7104] syz_tun: entered allmulticast mode
[  107.637180][ T7103] syz_tun: left allmulticast mode
[  107.827376][ T7118] 8021q: adding VLAN 0 to HW filter on device .`
[  107.842240][ T7118] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  107.979787][ T7125] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1224'.
[  108.119139][ T7131] loop2: detected capacity change from 0 to 512
[  108.197821][ T7132] lo speed is unknown, defaulting to 1000
[  108.740396][   T29] kauditd_printk_skb: 33 callbacks suppressed
[  108.740419][   T29] audit: type=1400 audit(1762121568.133:3770): avc:  denied  { read } for  pid=7135 comm="syz.8.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  108.968651][ T7153] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1234'.
[  109.054569][ T7158] loop8: detected capacity change from 0 to 256
[  109.258819][ T7172] tipc: Started in network mode
[  109.263885][ T7172] tipc: Node identity feeb078e90be, cluster identity 4711
[  109.271101][ T7172] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  109.294214][ T7172] tipc: Disabling bearer <eth:syzkaller0>
[  109.367840][   T29] audit: type=1326 audit(1762121568.763:3771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7185 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  109.376037][ T7186] netlink: 224 bytes leftover after parsing attributes in process `syz.6.1249'.
[  109.391416][   T29] audit: type=1326 audit(1762121568.763:3772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7185 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  109.391457][   T29] audit: type=1326 audit(1762121568.763:3773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7185 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  109.391484][   T29] audit: type=1326 audit(1762121568.763:3774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7185 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  109.433901][ T4319] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  109.472160][ T4723] Bluetooth: hci0: command 0x1003 tx timeout
[  109.485058][   T29] audit: type=1326 audit(1762121568.763:3775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7185 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  109.487478][ T7189] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.508628][   T29] audit: type=1326 audit(1762121568.763:3776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7185 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  109.540417][   T29] audit: type=1326 audit(1762121568.763:3777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7185 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  109.542401][ T4723] Bluetooth: hci1: command 0x1003 tx timeout
[  109.563915][   T29] audit: type=1326 audit(1762121568.763:3778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7185 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  109.571745][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  109.593305][   T29] audit: type=1326 audit(1762121568.763:3779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7185 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  109.623099][ T7189] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.636301][ T7196] netlink: 224 bytes leftover after parsing attributes in process `syz.8.1251'.
[  109.661313][ T5555] Bluetooth: hci0: Frame reassembly failed (-84)
[  109.675499][ T7196] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.684179][ T7196] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.694270][ T5555] Bluetooth: hci1: Frame reassembly failed (-84)
[  109.884654][ T7204] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1253'.
[  110.200446][ T7224] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1259'.
[  110.374125][ T7245] syzkaller0: entered promiscuous mode
[  110.379681][ T7245] syzkaller0: entered allmulticast mode
[  110.424230][ T7248] netlink: 'syz.1.1270': attribute type 4 has an invalid length.
[  110.433935][ T7248] netlink: 'syz.1.1270': attribute type 4 has an invalid length.
[  110.443411][   T10] lo speed is unknown, defaulting to 1000
[  110.449284][   T10] syz2: Port: 1 Link ACTIVE
[  110.595982][ T7259] loop1: detected capacity change from 0 to 1024
[  110.614026][ T7259] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.640774][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.660624][ T7264] loop1: detected capacity change from 0 to 164
[  110.670717][ T7264] loop9: detected capacity change from 0 to 7
[  110.878405][ T7271] loop1: detected capacity change from 0 to 2048
[  110.893978][ T7271] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.908307][ T7271] ext4 filesystem being mounted at /308/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.001128][ T7274] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1279: bg 0: block 345: padding at end of block bitmap is not set
[  111.016570][ T7274] EXT4-fs (loop1): Remounting filesystem read-only
[  111.024760][ T5520] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  111.133396][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.214943][ T7276] loop9: detected capacity change from 0 to 8192
[  111.252431][ T7276]  loop9: p1 p2 p3 p4
[  111.256659][ T7276] loop9: p1 size 196608 extends beyond EOD, truncated
[  111.264092][ T7276] loop9: p2 start 164919041 is beyond EOD, truncated
[  111.270910][ T7276] loop9: p3 size 66846464 extends beyond EOD, truncated
[  111.279414][ T7276] loop9: p4 size 37048832 extends beyond EOD, truncated
[  111.422490][ T7293] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  111.487898][ T7299] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 64993
[  111.566128][ T7305] netlink: 44 bytes leftover after parsing attributes in process `syz.9.1293'.
[  111.578082][ T7305] loop9: detected capacity change from 0 to 256
[  111.585294][ T7305] FAT-fs (loop9): bogus number of FAT sectors
[  111.591463][ T7305] FAT-fs (loop9): Can't find a valid FAT filesystem
[  111.693092][ T7310] loop1: detected capacity change from 0 to 128
[  111.703716][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  111.710128][ T4723] Bluetooth: hci1: command 0x1003 tx timeout
[  111.716428][ T4319] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  111.718643][ T3742] Bluetooth: hci0: command 0x1003 tx timeout
[  111.772549][ T7310] bio_check_eod: 16804 callbacks suppressed
[  111.772569][ T7310] syz.1.1295: attempt to access beyond end of device
[  111.772569][ T7310] loop1: rw=2049, sector=154, nr_sectors = 6 limit=128
[  111.794755][ T7310] syz.1.1295: attempt to access beyond end of device
[  111.794755][ T7310] loop1: rw=0, sector=158, nr_sectors = 2 limit=128
[  111.810485][ T7309] syz.1.1295: attempt to access beyond end of device
[  111.810485][ T7309] loop1: rw=0, sector=154, nr_sectors = 2 limit=128
[  111.823705][ T7309] Buffer I/O error on dev loop1, logical block 77, async page read
[  111.834481][ T7309] syz.1.1295: attempt to access beyond end of device
[  111.834481][ T7309] loop1: rw=0, sector=156, nr_sectors = 2 limit=128
[  111.847750][ T7309] Buffer I/O error on dev loop1, logical block 78, async page read
[  111.872680][ T7309] syz.1.1295: attempt to access beyond end of device
[  111.872680][ T7309] loop1: rw=0, sector=158, nr_sectors = 2 limit=128
[  111.885988][ T7309] Buffer I/O error on dev loop1, logical block 79, async page read
[  111.895028][ T7309] syz.1.1295: attempt to access beyond end of device
[  111.895028][ T7309] loop1: rw=0, sector=154, nr_sectors = 2 limit=128
[  111.908417][ T7309] Buffer I/O error on dev loop1, logical block 77, async page read
[  111.918981][ T7309] syz.1.1295: attempt to access beyond end of device
[  111.918981][ T7309] loop1: rw=0, sector=156, nr_sectors = 2 limit=128
[  111.932199][ T7309] Buffer I/O error on dev loop1, logical block 78, async page read
[  111.940518][ T7309] syz.1.1295: attempt to access beyond end of device
[  111.940518][ T7309] loop1: rw=0, sector=158, nr_sectors = 2 limit=128
[  111.953725][ T7309] Buffer I/O error on dev loop1, logical block 79, async page read
[  111.961954][ T7309] syz.1.1295: attempt to access beyond end of device
[  111.961954][ T7309] loop1: rw=0, sector=154, nr_sectors = 2 limit=128
[  111.975184][ T7309] Buffer I/O error on dev loop1, logical block 77, async page read
[  111.984863][ T7309] syz.1.1295: attempt to access beyond end of device
[  111.984863][ T7309] loop1: rw=0, sector=156, nr_sectors = 2 limit=128
[  111.998088][ T7309] Buffer I/O error on dev loop1, logical block 78, async page read
[  112.006243][ T7309] Buffer I/O error on dev loop1, logical block 79, async page read
[  112.014652][ T7309] Buffer I/O error on dev loop1, logical block 77, async page read
[  112.301827][ T7336] loop1: detected capacity change from 0 to 128
[  112.325374][ T7336] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  112.333303][ T7336] FAT-fs (loop1): Filesystem has been set read-only
[  112.340015][ T7336] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  112.347960][ T7336] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  112.451200][ T7345] netlink: 'syz.8.1309': attribute type 1 has an invalid length.
[  112.459038][ T7345] netlink: 224 bytes leftover after parsing attributes in process `syz.8.1309'.
[  112.701744][ T7355] SELinux: failed to load policy
[  112.753908][ T7362] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1315'.
[  112.803962][ T7366] netlink: 224 bytes leftover after parsing attributes in process `syz.8.1317'.
[  112.826393][ T7366] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.834852][ T7366] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.844740][ T5522] Bluetooth: hci0: Frame reassembly failed (-84)
[  112.853084][ T7362] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.861615][ T7362] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.873837][ T5533] Bluetooth: hci1: Frame reassembly failed (-84)
[  113.404896][ T7375] netlink: 'syz.6.1320': attribute type 11 has an invalid length.
[  113.491115][ T7382] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.510507][ T7382] 8021q: adding VLAN 0 to HW filter on device team0
[  113.523991][ T7382] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  113.676650][ T7388] lo speed is unknown, defaulting to 1000
[  113.686114][ T7390] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  113.694260][ T7389] tipc: Resetting bearer <eth:syzkaller0>
[  113.714212][ T7389] tipc: Disabling bearer <eth:syzkaller0>
[  113.723793][ T7391] loop9: detected capacity change from 0 to 512
[  113.747371][ T7391] __quota_error: 327 callbacks suppressed
[  113.747390][ T7391] Quota error (device loop9): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  113.763214][ T7391] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  113.773207][ T7391] EXT4-fs error (device loop9): ext4_acquire_dquot:6945: comm syz.9.1324: Failed to acquire dquot type 1
[  113.785292][ T7391] EXT4-fs (loop9): 1 truncate cleaned up
[  113.791952][ T7391] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.804829][ T7391] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.820895][ T7388] Quota error (device loop9): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  113.831081][ T7388] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  113.841225][ T7388] EXT4-fs error (device loop9): ext4_acquire_dquot:6945: comm syz.9.1324: Failed to acquire dquot type 1
[  113.865808][ T4565] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.888345][ T7405] loop9: detected capacity change from 0 to 512
[  113.895281][ T7405] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  113.906053][ T7405] EXT4-fs (loop9): 1 truncate cleaned up
[  113.913043][ T7405] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.970855][   T29] audit: type=1400 audit(1762121573.363:4107): avc:  denied  { wake_alarm } for  pid=7409 comm="syz.1.1331" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  114.015951][ T4565] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.134843][ T7416] loop6: detected capacity change from 0 to 512
[  114.154371][ T7416] EXT4-fs (loop6): 1 orphan inode deleted
[  114.160548][ T7416] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.173109][ T5524] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  114.173149][ T7416] ext4 filesystem being mounted at /242/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.182955][ T5524] EXT4-fs error (device loop6): ext4_release_dquot:6981: comm kworker/u8:34: Failed to release dquot type 1
[  114.248984][ T3891] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.325831][ T7430] loop6: detected capacity change from 0 to 2048
[  114.343746][ T7430] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.356375][ T7430] ext4 filesystem being mounted at /246/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.433881][ T7433] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1338: bg 0: block 345: padding at end of block bitmap is not set
[  114.448719][ T7433] EXT4-fs (loop6): Remounting filesystem read-only
[  114.455419][ T5533] EXT4-fs warning (device loop6): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  114.530632][ T3891] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.656483][ T7442] syzkaller0: entered promiscuous mode
[  114.662030][ T7442] syzkaller0: entered allmulticast mode
[  114.758412][   T29] audit: type=1400 audit(1762121574.153:4108): avc:  denied  { read } for  pid=7443 comm="syz.6.1343" path="socket:[19799]" dev="sockfs" ino=19799 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  114.890551][   T29] audit: type=1326 audit(1762121574.283:4109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.1.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[  114.922383][ T3742] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  114.928784][ T7312] Bluetooth: hci1: command 0x1003 tx timeout
[  114.935014][ T4319] Bluetooth: hci0: command 0x1003 tx timeout
[  114.936673][   T29] audit: type=1326 audit(1762121574.313:4110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.1.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[  114.941184][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  114.964514][   T29] audit: type=1326 audit(1762121574.313:4111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.1.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[  115.014039][ T7456] netlink: 'syz.9.1348': attribute type 27 has an invalid length.
[  115.039736][ T7456] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.048082][ T7456] 8021q: adding VLAN 0 to HW filter on device team0
[  115.059402][ T7456] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  115.063210][ T7458] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1358'.
[  115.085801][ T7459] netlink: 'syz.9.1348': attribute type 27 has an invalid length.
[  115.183469][ T7469] loop9: detected capacity change from 0 to 164
[  115.651527][ T7487] SELinux: failed to load policy
[  115.678120][ T7491] syzkaller0: entered promiscuous mode
[  115.683659][ T7491] syzkaller0: entered allmulticast mode
[  115.848947][ T7495] loop6: detected capacity change from 0 to 128
[  115.879618][ T7495] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  115.887663][ T7495] FAT-fs (loop6): Filesystem has been set read-only
[  115.896376][ T7495] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  115.904295][ T7495] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  115.985460][ T7499] netlink: 131740 bytes leftover after parsing attributes in process `syz.8.1363'.
[  116.002303][ T7499] netlink: zone id is out of range
[  116.007456][ T7499] netlink: zone id is out of range
[  116.142635][ T7499] netlink: zone id is out of range
[  116.147843][ T7499] netlink: del zone limit has 8 unknown bytes
[  116.452054][ T7511] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1367'.
[  116.481239][ T7509] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  116.489011][ T7509] batadv_slave_0: entered promiscuous mode
[  116.503823][ T7511] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1367'.
[  116.547656][ T7513] syzkaller0: entered promiscuous mode
[  116.553278][ T7513] syzkaller0: entered allmulticast mode
[  116.730525][ T7523] netlink: 'syz.2.1373': attribute type 12 has an invalid length.
[  116.778558][ T7526] loop8: detected capacity change from 0 to 512
[  116.785020][ T7495] bio_check_eod: 39159 callbacks suppressed
[  116.785035][ T7495] syz.6.1359: attempt to access beyond end of device
[  116.785035][ T7495] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  116.805210][ T7526] journal_path: Non-blockdev passed as './bus'
[  116.811387][ T7526] EXT4-fs: error: could not find journal device path
[  116.846813][ T7528] loop2: detected capacity change from 0 to 2048
[  116.864357][ T7528] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.896133][ T7536] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1376'.
[  116.905117][ T7536] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1376'.
[  116.957526][ T7539] loop8: detected capacity change from 0 to 512
[  116.964794][ T7539] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  116.976742][ T7539] FAT-fs (loop8): error, corrupted directory (invalid entries)
[  116.997903][ T5533] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  117.107995][ T7547] sctp: [Deprecated]: syz.8.1382 (pid 7547) Use of int in max_burst socket option.
[  117.107995][ T7547] Use struct sctp_assoc_value instead
[  117.182896][ T7553] syzkaller0: entered promiscuous mode
[  117.188412][ T7553] syzkaller0: entered allmulticast mode
[  117.425558][ T7559] syzkaller0: entered promiscuous mode
[  117.431127][ T7559] syzkaller0: entered allmulticast mode
[  117.510944][ T7563] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1389'.
[  117.591271][ T7565] netlink: 'syz.9.1390': attribute type 10 has an invalid length.
[  117.678158][ T4614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.720604][ T7571] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  117.773086][ T7572] loop2: detected capacity change from 0 to 256
[  117.798325][ T7576] dvmrp1: entered allmulticast mode
[  117.824250][ T7576] dvmrp1: left allmulticast mode
[  118.021845][ T7594] netlink: 104 bytes leftover after parsing attributes in process `syz.8.1404'.
[  118.035719][ T7594] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  118.044582][ T7594] tipc: Enabled bearer <udp:syz0>, priority 10
[  118.051379][ T7592] netlink: 240 bytes leftover after parsing attributes in process `syz.6.1403'.
[  118.587254][ T7619] veth0_to_team: entered promiscuous mode
[  118.785583][ T7635] loop6: detected capacity change from 0 to 512
[  118.795574][ T7635] EXT4-fs (loop6): orphan cleanup on readonly fs
[  118.802863][ T7635] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1421: bg 0: block 248: padding at end of block bitmap is not set
[  118.807668][ T7633] syzkaller0: entered promiscuous mode
[  118.820248][ T7635] __quota_error: 154 callbacks suppressed
[  118.820292][ T7635] Quota error (device loop6): write_blk: dquota write failed
[  118.823047][ T7633] syzkaller0: entered allmulticast mode
[  118.828641][ T7635] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  118.851569][ T7635] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.1421: Failed to acquire dquot type 1
[  118.863444][ T7635] EXT4-fs (loop6): 1 truncate cleaned up
[  118.869790][ T7635] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  118.883989][   T29] audit: type=1400 audit(1762121578.283:4266): avc:  denied  { mount } for  pid=7634 comm="syz.6.1421" name="/" dev="loop6" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  118.911775][   T29] audit: type=1400 audit(1762121578.303:4267): avc:  denied  { remount } for  pid=7634 comm="syz.6.1421" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  118.935538][ T7635] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  118.962851][ T7635] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  118.971361][ T7635] ext4 filesystem being remounted at /261/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  118.985513][   T29] audit: type=1400 audit(1762121578.383:4268): avc:  denied  { create } for  pid=7634 comm="syz.6.1421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  119.008176][ T7635] Quota error (device loop6): write_blk: dquota write failed
[  119.015669][ T7635] Quota error (device loop6): qtree_write_dquot: Error -28 occurred while creating quota
[  119.024676][   T29] audit: type=1400 audit(1762121578.403:4269): avc:  denied  { add_name } for  pid=7634 comm="syz.6.1421" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  119.025540][ T7635] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.1421: Failed to acquire dquot type 1
[  119.046164][   T29] audit: type=1400 audit(1762121578.403:4270): avc:  denied  { create } for  pid=7634 comm="syz.6.1421" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  119.098233][ T7643] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1423'.
[  119.126019][ T3891] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.130333][   T29] audit: type=1326 audit(1762121578.483:4271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7642 comm="syz.1.1423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[  119.168191][ T7647] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  119.197357][ T7649] syzkaller0: entered promiscuous mode
[  119.202878][ T7649] syzkaller0: entered allmulticast mode
[  119.208850][ T7647] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  119.281436][ T7654] syzkaller0: entered promiscuous mode
[  119.287011][ T7654] syzkaller0: entered allmulticast mode
[  119.393388][ T7658] serio: Serial port ptm19
[  119.930531][ T7674] loop1: detected capacity change from 0 to 764
[  119.937906][ T7674] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  119.947497][ T7674] Symlink component flag not implemented
[  119.953577][ T7674] Symlink component flag not implemented (7)
[  120.124671][ T7684] smc: net device bond0 applied user defined pnetid SYZ0
[  120.131983][ T7684] smc: net device bond0 erased user defined pnetid SYZ0
[  120.188509][ T7688] loop1: detected capacity change from 0 to 512
[  120.203894][ T7688] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.388693][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.479118][ T7712] syzkaller0: entered promiscuous mode
[  120.484773][ T7712] syzkaller0: entered allmulticast mode
[  120.666945][ T7728] __nla_validate_parse: 3 callbacks suppressed
[  120.666964][ T7728] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1456'.
[  120.682938][ T7728] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1456'.
[  120.697525][ T7728] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1456'.
[  120.741048][ T7738] loop1: detected capacity change from 0 to 512
[  120.748362][ T7738] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  120.759411][ T7738] EXT4-fs (loop1): group descriptors corrupted!
[  120.883124][ T7742] netlink: 8 bytes leftover after parsing attributes in process `wޣ��'.
[  120.920919][ T7744] loop1: detected capacity change from 0 to 8192
[  121.161438][ T7751] loop8: detected capacity change from 0 to 512
[  121.172716][ T7751] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  121.185371][ T7751] EXT4-fs (loop8): 1 truncate cleaned up
[  121.198049][ T7751] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.212430][ T7751] loop5: detected capacity change from 0 to 7
[  121.414556][ T4467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.451913][   T10] hid_parser_main: 53 callbacks suppressed
[  121.451948][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  121.474230][   T10] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  121.868264][ T7774] loop1: detected capacity change from 0 to 2048
[  121.896075][ T7774] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.969712][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.125588][ T7790] netlink: 224 bytes leftover after parsing attributes in process `syz.8.1479'.
[  122.183671][ T7792] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.192660][ T7792] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.561606][ T7800] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1482'.
[  122.614383][ T7802] syzkaller0: create flow: hash 881807382 index 1
[  122.622780][ T7802] syzkaller0: delete flow: hash 881807382 index 1
[  122.706398][ T7804] loop6: detected capacity change from 0 to 1024
[  122.737156][ T7806] loop6: detected capacity change from 0 to 128
[  122.888749][ T7814] loop1: detected capacity change from 0 to 256
[  122.905734][ T5524] kworker/u8:34: attempt to access beyond end of device
[  122.905734][ T5524] loop6: rw=1, sector=145, nr_sectors = 16 limit=128
[  122.922242][ T5524] kworker/u8:34: attempt to access beyond end of device
[  122.922242][ T5524] loop6: rw=1, sector=169, nr_sectors = 8 limit=128
[  122.951211][ T5524] kworker/u8:34: attempt to access beyond end of device
[  122.951211][ T5524] loop6: rw=1, sector=185, nr_sectors = 8 limit=128
[  122.969419][ T5524] kworker/u8:34: attempt to access beyond end of device
[  122.969419][ T5524] loop6: rw=1, sector=201, nr_sectors = 8 limit=128
[  122.983788][ T5524] kworker/u8:34: attempt to access beyond end of device
[  122.983788][ T5524] loop6: rw=1, sector=217, nr_sectors = 8 limit=128
[  122.999144][ T5524] kworker/u8:34: attempt to access beyond end of device
[  122.999144][ T5524] loop6: rw=1, sector=233, nr_sectors = 8 limit=128
[  123.013533][ T5524] kworker/u8:34: attempt to access beyond end of device
[  123.013533][ T5524] loop6: rw=1, sector=249, nr_sectors = 8 limit=128
[  123.030206][ T5524] kworker/u8:34: attempt to access beyond end of device
[  123.030206][ T5524] loop6: rw=1, sector=265, nr_sectors = 8 limit=128
[  123.064913][ T5524] kworker/u8:34: attempt to access beyond end of device
[  123.064913][ T5524] loop6: rw=1, sector=281, nr_sectors = 8 limit=128
[  123.105575][ T5524] kworker/u8:34: attempt to access beyond end of device
[  123.105575][ T5524] loop6: rw=1, sector=297, nr_sectors = 8 limit=128
[  123.187087][ T7827] dvmrp1: entered allmulticast mode
[  123.200324][ T7827] dvmrp1: left allmulticast mode
[  123.247978][ T7829] syzkaller0: create flow: hash 881807382 index 1
[  123.256391][ T7829] syzkaller0: delete flow: hash 881807382 index 1
[  123.386776][ T7844] SELinux: failed to load policy
[  123.428307][ T7853] netlink: 63 bytes leftover after parsing attributes in process `syz.2.1503'.
[  123.441315][ T7853] loop2: detected capacity change from 0 to 764
[  123.448409][ T7853] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  123.457480][ T7853] Symlink component flag not implemented
[  123.463567][ T7853] Symlink component flag not implemented (7)
[  123.501067][ T7856] syzkaller0: entered promiscuous mode
[  123.506591][ T7856] syzkaller0: entered allmulticast mode
[  123.581231][ T7858] loop2: detected capacity change from 0 to 1024
[  123.725122][ T7865] loop2: detected capacity change from 0 to 1764
[  123.731760][ T7865] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  124.003450][   T29] kauditd_printk_skb: 273 callbacks suppressed
[  124.003469][   T29] audit: type=1326 audit(1762121583.403:4545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7869 comm="syz.6.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  124.033844][   T29] audit: type=1326 audit(1762121583.403:4546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7869 comm="syz.6.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  124.057303][   T29] audit: type=1326 audit(1762121583.403:4547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7869 comm="syz.6.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  124.081144][   T29] audit: type=1326 audit(1762121583.403:4548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7869 comm="syz.6.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  124.104908][   T29] audit: type=1326 audit(1762121583.403:4549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7869 comm="syz.6.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  124.128350][   T29] audit: type=1326 audit(1762121583.403:4550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7869 comm="syz.6.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  124.151930][   T29] audit: type=1326 audit(1762121583.403:4551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7869 comm="syz.6.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4c9befc9 code=0x7ffc0000
[  124.256620][ T7880] loop8: detected capacity change from 0 to 512
[  124.264264][ T7880] EXT4-fs (loop8): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  124.275245][ T7880] EXT4-fs (loop8): group descriptors corrupted!
[  124.292715][   T29] audit: type=1400 audit(1762121583.683:4552): avc:  denied  { create } for  pid=7882 comm="syz.1.1516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  124.318811][   T29] audit: type=1326 audit(1762121583.713:4553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7881 comm="syz.9.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0224efc9 code=0x7ffc0000
[  124.344384][   T29] audit: type=1326 audit(1762121583.713:4554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7881 comm="syz.9.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7fba0224efc9 code=0x7ffc0000
[  124.427287][ T7891] hub 2-0:1.0: USB hub found
[  124.432490][ T7891] hub 2-0:1.0: 8 ports detected
[  124.468302][ T7896] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  124.475605][ T7896] syzkaller0: entered promiscuous mode
[  124.481113][ T7896] syzkaller0: entered allmulticast mode
[  124.490378][ T7896] tipc: Resetting bearer <eth:syzkaller0>
[  124.497162][ T7895] tipc: Resetting bearer <eth:syzkaller0>
[  124.504758][ T7895] tipc: Disabling bearer <eth:syzkaller0>
[  124.527118][ T7898] loop2: detected capacity change from 0 to 136
[  124.615694][ T7907] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1525'.
[  124.767884][ T7913] loop8: detected capacity change from 0 to 4096
[  124.777730][ T7913] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.791910][ T7917] loop2: detected capacity change from 0 to 128
[  124.803022][ T7914] buffer_io_error: 182 callbacks suppressed
[  124.803038][ T7914] Buffer I/O error on dev loop2, logical block 77, async page read
[  124.817420][ T7914] Buffer I/O error on dev loop2, logical block 78, async page read
[  124.826094][ T7914] Buffer I/O error on dev loop2, logical block 79, async page read
[  124.836908][ T7914] Buffer I/O error on dev loop2, logical block 77, async page read
[  124.844899][ T7914] Buffer I/O error on dev loop2, logical block 78, async page read
[  124.852877][ T7914] Buffer I/O error on dev loop2, logical block 79, async page read
[  124.860789][ T7914] Buffer I/O error on dev loop2, logical block 77, async page read
[  124.872442][ T7914] Buffer I/O error on dev loop2, logical block 78, async page read
[  124.880538][ T7914] Buffer I/O error on dev loop2, logical block 79, async page read
[  124.888617][ T7914] Buffer I/O error on dev loop2, logical block 77, async page read
[  124.929606][ T7921] loop6: detected capacity change from 0 to 4096
[  124.938261][ T7921] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.964133][ T4467] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.151432][ T7926] netlink: 'syz.8.1532': attribute type 10 has an invalid length.
[  125.159331][ T7926] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1532'.
[  125.168970][ T7926] bridge0: port 4(veth1_vlan) entered blocking state
[  125.175768][ T7926] bridge0: port 4(veth1_vlan) entered disabled state
[  125.183815][ T7926] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check.
[  125.221805][ T3891] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.269031][ T7933] netlink: 'syz.1.1536': attribute type 30 has an invalid length.
[  125.281806][ T7935] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1537'.
[  125.350333][ T7940] loop9: detected capacity change from 0 to 128
[  125.379598][ T7940] FAT-fs (loop9): Directory bread(block 162) failed
[  125.412314][ T7940] FAT-fs (loop9): Directory bread(block 163) failed
[  125.419225][ T7940] FAT-fs (loop9): Directory bread(block 164) failed
[  125.426116][ T7940] FAT-fs (loop9): Directory bread(block 165) failed
[  125.434342][ T7940] FAT-fs (loop9): Directory bread(block 166) failed
[  125.441066][ T7940] FAT-fs (loop9): Directory bread(block 167) failed
[  125.453908][ T7940] FAT-fs (loop9): Directory bread(block 168) failed
[  125.460831][ T7940] FAT-fs (loop9): Directory bread(block 169) failed
[  125.472006][ T7940] FAT-fs (loop9): Directory bread(block 162) failed
[  125.479044][ T7940] FAT-fs (loop9): Directory bread(block 163) failed
[  125.490883][ T7943] loop1: detected capacity change from 0 to 512
[  125.510968][ T7943] EXT4-fs: dax option not supported
[  125.553850][ T7947] loop1: detected capacity change from 0 to 256
[  126.085439][ T7963] loop2: detected capacity change from 0 to 512
[  126.109202][ T7963] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  126.139501][ T7963] EXT4-fs (loop2): mount failed
[  126.156926][ T7967] loop6: detected capacity change from 0 to 2048
[  126.193367][ T7967] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  126.237795][ T7973] syz_tun: entered allmulticast mode
[  126.261132][ T7973] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[  126.269733][ T7973] mroute: pending queue full, dropping entries
[  126.424016][ T7979] hub 9-0:1.0: USB hub found
[  126.428759][ T7979] hub 9-0:1.0: 8 ports detected
[  126.589048][ T7967] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  126.604126][ T7967] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  126.616699][ T7967] EXT4-fs (loop6): This should not happen!! Data will be lost
[  126.616699][ T7967] 
[  126.626408][ T7967] EXT4-fs (loop6): Total free blocks count 0
[  126.632420][ T7967] EXT4-fs (loop6): Free/Dirty block details
[  126.638311][ T7967] EXT4-fs (loop6): free_blocks=2415919104
[  126.644072][ T7967] EXT4-fs (loop6): dirty_blocks=8208
[  126.649367][ T7967] EXT4-fs (loop6): Block reservation details
[  126.655393][ T7967] EXT4-fs (loop6): i_reserved_data_blocks=513
[  126.690693][ T5548] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  126.760716][ T5524] Bluetooth: hci0: Frame reassembly failed (-84)
[  126.768134][ T7986] Bluetooth: hci0: Frame reassembly failed (-90)
[  126.783640][ T7988] loop6: detected capacity change from 0 to 512
[  126.791531][ T7988] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  126.799498][ T7988] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  126.807540][ T7988] System zones: 0-1, 15-15, 18-18, 34-34
[  126.814184][ T7988] EXT4-fs (loop6): orphan cleanup on readonly fs
[  126.820619][ T7988] EXT4-fs warning (device loop6): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  126.835217][ T7988] EXT4-fs (loop6): Cannot turn on quotas: error -22
[  126.842275][ T7988] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1553: bg 0: block 40: padding at end of block bitmap is not set
[  126.856576][ T7988] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  126.865532][ T7988] EXT4-fs (loop6): 1 truncate cleaned up
[  126.871760][ T7988] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  126.886733][ T7988] EXT4-fs (loop6): shut down requested (1)
[  126.893082][ T7988] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=16
[  126.901976][ T7988] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=16
[  126.921677][ T3891] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.940242][ T7991] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1556'.
[  127.220781][ T8003] lo speed is unknown, defaulting to 1000
[  127.557860][  T271] syzkaller0: tun_net_xmit 76
[  127.562892][  T271] syzkaller0: tun_net_xmit 48
[  127.593202][ T1041] syzkaller0: tun_net_xmit 76
[  127.670548][ T8006] syzkaller0: create flow: hash 881807382 index 1
[  127.728915][ T8006] syzkaller0: delete flow: hash 881807382 index 1
[  127.740216][ T8013] loop2: detected capacity change from 0 to 512
[  127.783505][ T8013] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  127.881390][ T8013] EXT4-fs (loop2): 1 truncate cleaned up
[  127.897027][ T8013] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.920529][ T8018] loop1: detected capacity change from 0 to 128
[  128.163845][ T4614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.233574][ T8028] loop2: detected capacity change from 0 to 256
[  128.803669][ T8040] netlink: 'syz.9.1574': attribute type 30 has an invalid length.
[  128.822169][ T3742] Bluetooth: hci0: command 0x1003 tx timeout
[  128.828328][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  128.871830][ T8046] pim6reg1: entered promiscuous mode
[  128.877286][ T8046] pim6reg1: entered allmulticast mode
[  128.885691][ T8047] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  128.893942][ T8047] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  128.985194][ T8052] loop9: detected capacity change from 0 to 512
[  128.993412][ T8052] EXT4-fs error (device loop9): ext4_iget_extra_inode:5075: inode #15: comm syz.9.1577: corrupted in-inode xattr: invalid ea_ino
[  129.007073][ T8052] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.1577: couldn't read orphan inode 15 (err -117)
[  129.020052][ T8052] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.035602][   T29] kauditd_printk_skb: 335 callbacks suppressed
[  129.035615][   T29] audit: type=1400 audit(1762121588.433:4888): avc:  denied  { accept } for  pid=8048 comm="syz.9.1577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  129.061881][   T29] audit: type=1400 audit(1762121588.433:4889): avc:  denied  { ioctl } for  pid=8048 comm="syz.9.1577" path="socket:[21080]" dev="sockfs" ino=21080 ioctlcmd=0x48d2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  129.094627][ T8055] syzkaller0: entered promiscuous mode
[  129.100132][ T8055] syzkaller0: entered allmulticast mode
[  129.185629][   T29] audit: type=1400 audit(1762121588.583:4890): avc:  denied  { create } for  pid=8059 comm="syz.8.1581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  129.269123][ T8072] loop1: detected capacity change from 0 to 128
[  129.276177][ T8072] FAT-fs (loop1): bogus number of reserved sectors
[  129.282778][ T8072] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  129.292080][ T8072] FAT-fs (loop1): Can't find a valid FAT filesystem
[  129.309089][ T7461] lo speed is unknown, defaulting to 1000
[  129.314975][ T7461] syz2: Port: 1 Link DOWN
[  129.336064][   T29] audit: type=1326 audit(1762121588.733:4891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8075 comm="syz.1.1584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[  129.339065][ T8076] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1584'.
[  129.359560][   T29] audit: type=1326 audit(1762121588.733:4892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8075 comm="syz.1.1584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[  129.392249][   T29] audit: type=1326 audit(1762121588.733:4893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8075 comm="syz.1.1584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[  129.415621][   T29] audit: type=1326 audit(1762121588.733:4894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8075 comm="syz.1.1584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[  129.439140][   T29] audit: type=1326 audit(1762121588.733:4895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8075 comm="syz.1.1584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[  129.462569][   T29] audit: type=1326 audit(1762121588.733:4896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8075 comm="syz.1.1584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[  129.475777][ T8080] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.485989][   T29] audit: type=1326 audit(1762121588.733:4897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8075 comm="syz.1.1584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f299e63efc9 code=0x7ffc0000
[  129.518333][ T8080] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.530223][ T5522] Bluetooth: hci0: Frame reassembly failed (-84)
[  129.769997][ T4565] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.998337][ T8092] loop9: detected capacity change from 0 to 1024
[  130.005428][ T8092] EXT4-fs: Ignoring removed orlov option
[  130.013197][ T8092] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.026373][ T8092] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.088964][ T8097] loop9: detected capacity change from 0 to 8192
[  130.299186][ T8104] tipc: Started in network mode
[  130.304384][ T8104] tipc: Node identity ee7c59f3cd7d, cluster identity 4711
[  130.311555][ T8104] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  130.342797][ T8106] syzkaller0: entered promiscuous mode
[  130.348381][ T8106] syzkaller0: entered allmulticast mode
[  130.357244][ T8104] syzkaller0: entered promiscuous mode
[  130.362790][ T8104] syzkaller0: entered allmulticast mode
[  130.377291][ T8104] tipc: Resetting bearer <eth:syzkaller0>
[  130.396362][ T8103] tipc: Resetting bearer <eth:syzkaller0>
[  130.410227][ T8103] tipc: Disabling bearer <eth:syzkaller0>
[  130.455079][ T8097] ==================================================================
[  130.463200][ T8097] BUG: KCSAN: data-race in fat16_ent_put / fat_mirror_bhs
[  130.470329][ T8097] 
[  130.472663][ T8097] write to 0xffff88810b83975e of 2 bytes by task 8101 on cpu 0:
[  130.480295][ T8097]  fat16_ent_put+0x28/0x60
[  130.484903][ T8097]  fat_alloc_clusters+0x4d1/0xa80
[  130.490032][ T8097]  fat_get_block+0x258/0x5e0
[  130.494643][ T8097]  __block_write_begin_int+0x400/0xf90
[  130.500127][ T8097]  cont_write_begin+0x5fc/0x970
[  130.504996][ T8097]  fat_write_begin+0x4f/0xe0
[  130.509603][ T8097]  generic_perform_write+0x184/0x490
[  130.514909][ T8097]  __generic_file_write_iter+0x9e/0x120
[  130.520486][ T8097]  generic_file_write_iter+0x8d/0x2f0
[  130.525887][ T8097]  do_iter_readv_writev+0x4a1/0x540
[  130.531101][ T8097]  vfs_writev+0x2df/0x8b0
[  130.535538][ T8097]  __se_sys_pwritev2+0xfc/0x1c0
[  130.540426][ T8097]  __x64_sys_pwritev2+0x67/0x80
[  130.545301][ T8097]  x64_sys_call+0x2c59/0x3000
[  130.549995][ T8097]  do_syscall_64+0xd2/0x200
[  130.554511][ T8097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.560413][ T8097] 
[  130.562737][ T8097] read to 0xffff88810b839600 of 512 bytes by task 8097 on cpu 1:
[  130.570457][ T8097]  fat_mirror_bhs+0x1df/0x320
[  130.575152][ T8097]  fat_alloc_clusters+0x98b/0xa80
[  130.580187][ T8097]  fat_get_block+0x258/0x5e0
[  130.584787][ T8097]  __block_write_begin_int+0x400/0xf90
[  130.590271][ T8097]  cont_write_begin+0x5fc/0x970
[  130.595146][ T8097]  fat_write_begin+0x4f/0xe0
[  130.599750][ T8097]  cont_write_begin+0x1b0/0x970
[  130.604622][ T8097]  fat_write_begin+0x4f/0xe0
[  130.609231][ T8097]  generic_cont_expand_simple+0xb0/0x150
[  130.614887][ T8097]  fat_cont_expand+0x3e/0x170
[  130.619577][ T8097]  fat_setattr+0x2a5/0x8a0
[  130.624093][ T8097]  notify_change+0x872/0x8f0
[  130.628699][ T8097]  do_ftruncate+0x34b/0x450
[  130.633224][ T8097]  __x64_sys_ftruncate+0x68/0xc0
[  130.638184][ T8097]  x64_sys_call+0x2d61/0x3000
[  130.642881][ T8097]  do_syscall_64+0xd2/0x200
[  130.647394][ T8097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.653300][ T8097] 
[  130.655622][ T8097] Reported by Kernel Concurrency Sanitizer on:
[  130.661785][ T8097] CPU: 1 UID: 0 PID: 8097 Comm: syz.9.1590 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  130.673098][ T8097] Tainted: [W]=WARN
[  130.676921][ T8097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  130.686980][ T8097] ==================================================================
[  131.542470][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110